jdev - 2020-02-18


  1. moparisthebest has joined
  2. debacle has left
  3. ivy42 has left
  4. ivy has left
  5. moparisthebest has left
  6. strar has left
  7. strar has joined
  8. zuk has joined
  9. zuk has left
  10. allie has left
  11. allie has joined
  12. pink has joined
  13. pink has left
  14. strar has left
  15. strar has joined
  16. paul has joined
  17. wurstsalat has joined
  18. Marc has left
  19. Marc has joined
  20. asterix has joined
  21. pulkomandy has left
  22. debacle has joined
  23. serge90 has left
  24. strar has left
  25. serge90 has joined
  26. strar has joined
  27. asterix has left
  28. asterix has joined
  29. goffi has joined
  30. Marc has left
  31. Marc has joined
  32. asterix has left
  33. asterix has joined
  34. asterix has left
  35. asterix has joined
  36. asterix has left
  37. asterix has joined
  38. asterix has left
  39. asterix has joined
  40. debacle has left
  41. asterix has left
  42. asterix has joined
  43. asterix has left
  44. asterix has joined
  45. Alex has joined
  46. asterix has left
  47. asterix has joined
  48. pulkomandy has joined
  49. debacle has joined
  50. larma has joined
  51. pulkomandy has left
  52. kikuchiyo has left
  53. asterix has left
  54. pulkomandy has joined
  55. asterix has joined
  56. asterix has left
  57. asterix has joined
  58. asterix has left
  59. asterix has joined
  60. ankit has joined
  61. kikuchiyo has joined
  62. kikuchiyo has left
  63. Alex has left
  64. kikuchiyo has joined
  65. pulkomandy has left
  66. hi has joined
  67. kikuchiyo has left
  68. paul has left
  69. hi has left
  70. kikuchiyo has joined
  71. tsk has left
  72. tsk has joined
  73. asterix has left
  74. asterix has joined
  75. strar has left
  76. strar has joined
  77. rion has left
  78. rion has joined
  79. moparisthebest has joined
  80. Alex has joined
  81. paul has joined
  82. kikuchiyo has left
  83. pulkomandy has joined
  84. kikuchiyo has joined
  85. pulkomandy has left
  86. pulkomandy has joined
  87. ankit has left
  88. Wojtek has joined
  89. Zash has left
  90. Zash has joined
  91. serge90 has left
  92. serge90 has joined
  93. kikuchiyo has left
  94. pulkomandy has left
  95. pulkomandy has joined
  96. kikuchiyo has joined
  97. pulkomandy has left
  98. pulkomandy has joined
  99. allie has left
  100. allie has joined
  101. Alex has left
  102. Alex has joined
  103. lovetox has joined
  104. serge90 has left
  105. serge90 has joined
  106. pulkomandy has left
  107. pulkomandy has joined
  108. pulkomandy has left
  109. pulkomandy has joined
  110. kikuchiyo has left
  111. lovetox has left
  112. strar has left
  113. debacle has left
  114. strar has joined
  115. lovetox has joined
  116. pulkomandy has left
  117. pulkomandy has joined
  118. goffi has left
  119. debacle has joined
  120. lovetox has left
  121. lovetox has joined
  122. pulkomandy has left
  123. pulkomandy has joined
  124. debacle Is there a good abstract about the 96 vs. 128 bits OMEMO mess? Which explains, why clients should move to 96 bits and how things went wrong? TIA!
  125. Ge0rG 96 bits?
  126. Ge0rG ah, 12 bytes. I was confused for a brief moment
  127. kikuchiyo has joined
  128. Ge0rG debacle: https://twitter.com/iNPUTmice/status/1228950491805167617
  129. pep. debacle, TL;DR: You only need to move to 12 if you want Monal to read you
  130. debacle Ge0rG Nice, first people use a medium, that prevent them from communicating in complete sentences. Then they work around it by sending many messages :-) Thanks anway!
  131. debacle pep. Yes, and I think Monal 5.0.1 just solved the problem anyway.
  132. pep. did it?
  133. Ge0rG I still think that the best solution to the OMEMO problem is to disable OMEMO
  134. pep. I doubt that's an OMEMO-only issue
  135. debacle Ah, no that's the other way around!
  136. pep. I mean this one specifically yes. Not this kind of issue though
  137. debacle *ChatSecure* 5.0.1 fixed 12 bytes IV receiving.
  138. pep. debacle, yeah, so my TL;DR holds :)
  139. debacle Monal is still "broken" by not receiving 16 bytes.
  140. pulkomandy has left
  141. debacle let's hope, there is a way for a new Monal version to accept both
  142. debacle pep. Unfortunately, at least two of my contacts use Monal. And it's my fault!
  143. pep. Maybe an incentive to push Debian to do exceptional releases? :P
  144. debacle pep. exceptional Debian release because of an Apple app. I'm so ashamed :-)
  145. pep. ha ha ha
  146. rion has left
  147. rion has joined
  148. pulkomandy has joined
  149. larma has left
  150. pulkomandy has left
  151. pulkomandy has joined
  152. larma has joined
  153. sonny has left
  154. lovetox has left
  155. Marc has left
  156. Marc has joined
  157. paul has left
  158. Marc has left
  159. Marc has joined
  160. moparisthebest debacle: limitation in Apple's crypto API precludes them from accepting 16 byte IVs with it, and France's stupid laws prevent them from using another crypto lib, so I doubt monal will fix it
  161. lovetox has joined
  162. lovetox has left
  163. lovetox has joined
  164. jonas’ wat?
  165. pulkomandy has left
  166. pulkomandy has joined
  167. debacle moparisthebest Sounds horrible!
  168. pulkomandy has left
  169. moparisthebest jonas’, which bit do you want clarification on?
  170. jonas’ moparisthebest, what’s got france to do with that? I mean, which law is that?
  171. moparisthebest https://monal.im/blog/omemo-and-french-laws/ and https://monal.im/blog/monal-4-3-is-coming-out-in-about-a-week-even-in-france/
  172. moparisthebest as I understand it, france requires him to get approval from the prime minister to "distribute a crypto library" OR he can use apple's supplied API, since that's distributed by Apple who already has said approval
  173. jonas’ that’s not really cleared anything up
  174. moparisthebest https://monal.im/blog/monal-4-3-is-coming-out-in-about-a-week-even-in-france/#comment-29385 not even that one?
  175. pulkomandy has joined
  176. jonas’ no
  177. jonas’ because that doesn’t explain which french law and with which rationale forces GCM implementations to register somewhere
  178. moparisthebest > import of a means of cryptology which does not exclusively provide authentication or integrity control functions are subject to a prior declaration to the Prime Minister (Google Translate of French law)
  179. moparisthebest larma pasted that in dino channel earlier ^
  180. lovetox yeah and why cant i distribute my app on appstore, but every distro in the world can ship as much crypto libs as it wants to france users
  181. moparisthebest jonas’, basically apple has to approve or deny your app right? and they would not approve it for france without said certificate
  182. moparisthebest lovetox, iirc it's about shipping crypto *from* france, not *to*, I don't know, ask Apple
  183. moparisthebest > use restrictive shit OS / Ecosystem
  184. moparisthebest > surprised when it turns out to be restrictive and shitty
  185. lovetox im not a smartphone user, but this appstore monopole leads to weird stuff
  186. jonas’ ISTM that france is the problem here, not iOS
  187. Zash why not both?
  188. moparisthebest french laws require apple to do this though, I guess
  189. moparisthebest or at minimum apple believes they are required to do this per french law
  190. lovetox seems to be a law to just limit encryption on smartphones
  191. lovetox they probably dont care about desktop
  192. lovetox but still weird, at this point why would you still trust apples crypto lib?
  193. moparisthebest *yet (or don't have a great way to enforce it, yet)
  194. jonas’ or desktop is irrelevant
  195. jonas’ my bet for "the year of the linux desktop" is when the desktop has become so irrelevant that it’s only used by nerds ;)
  196. lovetox but yeah good plan, force all application to use a single lib
  197. moparisthebest it was 2009, when everyone had a phone, running linux, sitting on top of their desk (otherwise known as their desktop) :P
  198. lovetox then outlaw that lib
  199. lovetox boom no encryption anymore :)
  200. moparisthebest lovetox, why outlaw it, it's an "approved" lib (maybe even backdoored :))
  201. moparisthebest only thing better than outlawing encryption is telling everyone you are encrypting while secretly sending copies to yourself
  202. pulkomandy has left
  203. Wojtek has left
  204. pulkomandy has joined
  205. paul has joined
  206. Wojtek has joined
  207. pulkomandy has left
  208. pulkomandy has joined
  209. pulkomandy has left
  210. pulkomandy has joined
  211. sonny has joined
  212. kikuchiyo has left
  213. lovetox has left
  214. pulkomandy has left
  215. pulkomandy has joined
  216. pulkomandy has left
  217. pulkomandy has joined
  218. kikuchiyo has joined
  219. pulkomandy has left
  220. pulkomandy has joined
  221. kikuchiyo has left
  222. kikuchiyo has joined
  223. debacle has left
  224. pep. happy to see we're discussing the stupidity of French laws. I wonder if Anu would join us in protests. Anyone else interested? We have spare pitchforks!
  225. kikuchiyo has left
  226. Wojtek has left
  227. moparisthebest Anyone who willingly owns an iPhone is used to bending over I assume
  228. kikuchiyo has joined
  229. kikuchiyo has left
  230. paul has left
  231. asterix has left
  232. larma I think the reason why Apple cares so much about the apps in their App Store is that they are considered the entity importing when downloading the app on an iPhone in France. For Linux distributions and most desktop software, it is the end user doing the import when downloading the software. The reasons why Apple can not argue the same are probably that a) they don't allow any third party software to download apps from the app store, and b) they don't allow to download apps from third party sources. Their closed ecosystem kind of implies that they actually control what is downloaded and installed on the phone so they can be held liable. IANAL though ;)
  233. pep. So that would also happen with any other store thingy? Android, Microsoft? (Steam? etc., who knows what games include nowadays :p)
  234. moparisthebest But all those you can download apps without using the stores
  235. moparisthebest I don't know legally if that makes a difference or anything
  236. Zash Something like common carrier regulations where if you do mess with stuff, you're on the hook for the legality of it.
  237. sonny has left