jdev - 2022-04-05


  1. syrupthinker has left
  2. rq77 has joined
  3. rq77 has left
  4. thomaslewis has left
  5. Sam has left
  6. Sam has joined
  7. pulkomandy has left
  8. pulkomandy has joined
  9. thomaslewis has joined
  10. Sam has left
  11. Sam has joined
  12. thomaslewis has left
  13. lovetox has left
  14. Sam has left
  15. Sam has joined
  16. selurvedu has left
  17. Sam has left
  18. Sam has joined
  19. Kev has left
  20. Kev has joined
  21. marmistrz has joined
  22. Sam has left
  23. Sam has joined
  24. marmistrz has left
  25. kfv has left
  26. kfv has joined
  27. Sam has left
  28. atomicwatch has left
  29. Sam has joined
  30. selurvedu has joined
  31. atomicwatch has joined
  32. Martin has left
  33. Martin has joined
  34. Sam has left
  35. Sam has joined
  36. Apollo has joined
  37. nephele has joined
  38. Ingolf has joined
  39. nephele has left
  40. Sam has left
  41. Sam has joined
  42. kfv has left
  43. kfv has joined
  44. thomaslewis has joined
  45. thomaslewis has left
  46. lovetox has joined
  47. Yagizа has joined
  48. xnamed has left
  49. antranigv has joined
  50. antranigv has left
  51. Ingolf has left
  52. thomaslewis has joined
  53. thomaslewis has left
  54. nephele has joined
  55. Sam has left
  56. Sam has joined
  57. nephele has left
  58. nephele has joined
  59. TheCoffeMaker has left
  60. Sam has left
  61. Sam has joined
  62. msavoritias has joined
  63. nephele has left
  64. jgart has left
  65. nephele has joined
  66. nephele has left
  67. nephele has joined
  68. nephele has left
  69. nephele has joined
  70. Sam has left
  71. Sam has joined
  72. pasdesushi has joined
  73. Ingolf has joined
  74. nephele has left
  75. Sam has left
  76. antranigv has joined
  77. Sam has joined
  78. antranigv has left
  79. emus has joined
  80. Sam has left
  81. Ingolf has left
  82. Sam has joined
  83. wurstsalat has joined
  84. Sam has left
  85. lovetox has left
  86. lovetox has joined
  87. Sam has joined
  88. Sam has left
  89. syrupthinker has joined
  90. Alex has left
  91. marc has joined
  92. syrupthinker has left
  93. atomicwatch has left
  94. marmistrz has joined
  95. Ingolf has joined
  96. Sam has joined
  97. abdullahi has left
  98. abdullahi has joined
  99. Laura has left
  100. Sam has left
  101. antranigv has joined
  102. Alex has joined
  103. Sam has joined
  104. Sam has left
  105. pulkomandy has left
  106. nephele has joined
  107. marmistrz has left
  108. atomicwatch has joined
  109. debacle has joined
  110. nephele has left
  111. Laura has joined
  112. Sam has joined
  113. spectrum has left
  114. spectrum has joined
  115. marc has left
  116. Sam has left
  117. Sam has joined
  118. Laura has left
  119. antranigv has left
  120. antranigv has joined
  121. Sam has left
  122. Laura has joined
  123. Sam has joined
  124. marc has joined
  125. Sam has left
  126. abdullahi has left
  127. abdullahi has joined
  128. emus has left
  129. Matrix Traveler (bot) has left
  130. homebeach has left
  131. homebeach has joined
  132. Matrix Traveler (bot) has joined
  133. abdullahi has left
  134. abdullahi has joined
  135. antranigv has left
  136. Sam has joined
  137. abdullahi has left
  138. abdullahi has joined
  139. antranigv has joined
  140. Sam has left
  141. Sam has joined
  142. marc has left
  143. Sam has left
  144. testme has left
  145. emus has joined
  146. marc has joined
  147. Sam has joined
  148. Sam has left
  149. debacle has left
  150. abdullahi has left
  151. abdullahi has joined
  152. Apollo has left
  153. Sam has joined
  154. abdullahi has left
  155. abdullahi has joined
  156. abdullahi has left
  157. abdullahi has joined
  158. Sam has left
  159. Sam has joined
  160. goffi has joined
  161. Sam has left
  162. larma has joined
  163. abdullahi has left
  164. abdullahi has joined
  165. marc0s has left
  166. marc0s has joined
  167. abdullahi has left
  168. abdullahi has joined
  169. Apollo has joined
  170. Wojtek has joined
  171. antranigv has left
  172. xnamed has joined
  173. antranigv has joined
  174. abdullahi has left
  175. abdullahi has joined
  176. Sam has joined
  177. antranigv has left
  178. antranigv has joined
  179. kfv has left
  180. kfv has joined
  181. selurvedu has left
  182. Sam has left
  183. Sam has joined
  184. abdullahi has left
  185. abdullahi has joined
  186. Sam has left
  187. pulkomandy has joined
  188. Squeaky Latex Folf has left
  189. antranigv has left
  190. Squeaky Latex Folf has joined
  191. marmistrz has joined
  192. Sam has joined
  193. antranigv has joined
  194. Sam has left
  195. kfv has left
  196. kfv has joined
  197. kfv has left
  198. kfv has joined
  199. pulkomandy has left
  200. Laura has left
  201. antranigv has left
  202. Sam has joined
  203. Sam has left
  204. Sam has joined
  205. Sam has left
  206. Sam has joined
  207. Laura has joined
  208. TheCoffeMaker has joined
  209. antranigv has joined
  210. Sam has left
  211. TheCoffeMaker has left
  212. Sam has joined
  213. antranigv has left
  214. antranigv has joined
  215. Sam has left
  216. rubi has left
  217. Sam has joined
  218. Laura has left
  219. kikuchiyo has left
  220. Sam has left
  221. kikuchiyo has joined
  222. Laura has joined
  223. Laura has left
  224. Laura has joined
  225. Sam has joined
  226. wydulaz has joined
  227. wydulaz has left
  228. wydulaz has joined
  229. rq77 has joined
  230. TheCoffeMaker has joined
  231. wydulaz has left
  232. xecks has left
  233. J Marinaro has left
  234. Wojtek has left
  235. Wojtek has joined
  236. rubi has joined
  237. rom1dep has left
  238. rom1dep has joined
  239. selurvedu has joined
  240. nephele has joined
  241. dezant has left
  242. dezant has joined
  243. moparisthebest has left
  244. xecks has joined
  245. Nils has joined
  246. wydulaz has joined
  247. nephele has left
  248. Nils Hey there, I have some questions for anybody who can help. I'm having a really hard time figuring out how to have E2EE voice and video calls in XMPP. (If this is not the place to discuss such things, let me know, as I have just joined the group.) Anytime you have a call, is it just transport layer encryption or is end to end encryption baked into the base XEP that allows for calls? Or is the "XEP-0320: Use of DTLS-SRTP in Jingle Sessions" needed? Or is this XEP being implemented? "Verify encrypted A/V calls with OMEMO" https://gist.github.com/iNPUTmice/aa4fc0aeea6ce5fb0e0fe04baca842cd Also how does ZRTP factor into this? I have only found one client (ATalk on F-Droid) that explicitly states supporting ZRTP and only one (Conversations) that supports SRTP. My understanding is that these two protocols provide E2EE, not just transport layer. Is this correct? What is the advantage of ZRTP over SRTP? And is there any XMPP iOS client that supports any kind of end to end encryption for calls? I have not seen one, at least with clear documentation of that. I also do not see much clear documentation of which XEP's are implemented on servers that relate to a/v calls. Any information would be helpful, especially from those with links to documentation, sources of information, or server admins.
  249. xnamed has left
  250. wydulaz has left
  251. wydulaz has joined
  252. wydulaz has left
  253. MattJ Have you see https://gist.github.com/iNPUTmice/a28c438d9bbf3f4a3d4c663ffaa224d9#notes-for-developers too?
  254. MattJ Have you seen https://gist.github.com/iNPUTmice/a28c438d9bbf3f4a3d4c663ffaa224d9#notes-for-developers too?
  255. MattJ Not the standard, but it explains how they all fit together in an implementation
  256. MattJ Servers do nothing more than XEP-0215
  257. MattJ As for iOS, yes: Siskin supports encrypted calls
  258. xnamed has joined
  259. PapaTutuWawa has joined
  260. rq77 has left
  261. spectrum has left
  262. rafasaurus has left
  263. kfv has left
  264. nephele has joined
  265. nephele has left
  266. nephele has joined
  267. lovetox has left
  268. lovetox has joined
  269. antranigv has left
  270. nephele has left
  271. antranigv has joined
  272. kfv has joined
  273. xnamed has left
  274. rafasaurus has joined
  275. emus has left
  276. xnamed has joined
  277. jgart has joined
  278. spectrum has joined
  279. syrupthinker has joined
  280. lovetox has left
  281. lovetox has joined
  282. pulkomandy has joined
  283. kfv has left
  284. kfv has joined
  285. emus has joined
  286. msavoritias has left
  287. msavoritias has joined
  288. rq77 has joined
  289. debacle has joined
  290. PapaTutuWawa has left
  291. Alex has left
  292. msavoritias has left
  293. Laura has left
  294. Alex has joined
  295. Laura has joined
  296. thomaslewis has joined
  297. thomaslewis has left
  298. lovetox has left
  299. thomaslewis has joined
  300. thomaslewis has left
  301. lovetox has joined
  302. msavoritias has joined
  303. Sam has left
  304. Sam has joined
  305. Laura has left
  306. debacle has left
  307. Laura has joined
  308. stpeter has joined
  309. selurvedu has left
  310. Wojtek has left
  311. Wojtek has joined
  312. lovetox has left
  313. Beherit has joined
  314. qwestion has joined
  315. xecks has left
  316. xecks has joined
  317. norayr has joined
  318. lovetox has joined
  319. xecks has left
  320. xecks has joined
  321. marc has left
  322. xecks has left
  323. xecks has joined
  324. nephele has joined
  325. lovetox has left
  326. PapaTutuWawa has joined
  327. lovetox has joined
  328. nephele has left
  329. Wojtek has left
  330. nephele has joined
  331. Wojtek has joined
  332. nephele has left
  333. nephele has joined
  334. marc has joined
  335. nephele has left
  336. lovetox has left
  337. nephele has joined
  338. nephele has left
  339. rq77 has left
  340. marc has left
  341. marc has joined
  342. Laura has left
  343. lovetox has joined
  344. lovetox has left
  345. rafasaurus has left
  346. lovetox has joined
  347. rafasaurus has joined
  348. rom1dep has left
  349. rom1dep has joined
  350. qwestion has left
  351. xnamed has left
  352. nephele has joined
  353. lovetox when a server offers scram1, 256, 512
  354. lovetox is it his job to have the password hash for all of them?
  355. lovetox meaning if the server had previously only 1 and 256, he can just add 512
  356. lovetox because he does not have the hash for 512
  357. Sam You wouldn't be able to just add 512 if you don't have the hash; there is no good upgrade mechanism for scram
  358. lovetox Sam believe me people definitly wood
  359. lovetox because they have no clue what it is
  360. lovetox but thats my point, its not my problem as a client dev
  361. lovetox because someone bugged me about adding 512
  362. Sam oh, I'm sorry, I thought you were asking, maybe I'm missing context.
  363. lovetox and that means gajim now chooses 512 if available
  364. Sam 512 isn't even a standardized thing yet, hopefully nothing changes before/if it ever becomes a standard
  365. abdullahi has left
  366. abdullahi has joined
  367. lovetox yes i know, but the one guy we all know about bugged all projects about it
  368. lovetox so they started adding it
  369. qy Neustradamus bugged everyone with a client, i think safe to ignore
  370. Sam Yes, I blocked him and didn't add it for that reason :)
  371. lovetox then users installed servers, without knowing what they did and activated it everywhere
  372. Sam Anyways, it's not likely to change, I'd just be worried that the working group would decide to add an upgrade mechanism or something then it would be incompatible with all the already deployed made up versions
  373. Sam But it will probably be okay.
  374. lovetox server manuals should put a big red sign on that setting
  375. lovetox describing in detail what it does to users
  376. lovetox like default is SCRAM-1
  377. lovetox and then a big red warning, dont activate anything else except you know what you are doing
  378. nephele has left
  379. Sam Yah, probably so
  380. Zash did we even document that?
  381. lovetox hm
  382. lovetox but there is a upgrade mechanism that comes to mind
  383. xnamed has joined
  384. lovetox switch the server to PLAIN, receive the pass, simulate the client hasing it and find the hash, afterwards rehash?
  385. Sam That will be seen as a downgrade attack by some clients
  386. Sam (Conversations in particular pins the mechanism and won't allow downgrade to an insecure one)
  387. lovetox but thats easily solved
  388. lovetox user deletes acc from C and readds it
  389. lovetox but yeah thats bothersome
  390. Sam That seems like extremely bad UX for the user
  391. lovetox then the user can just change the pass :D
  392. Sam Yah, forcing a passsword reset is annoying but is one way
  393. Sam (assuming they have a client that can do that)
  394. lovetox hm
  395. lovetox but i can still get around C
  396. lovetox ah no
  397. Matrix Traveler (bot) has left
  398. homebeach has left
  399. homebeach has joined
  400. Matrix Traveler (bot) has joined
  401. lovetox it just will not send the pass damn
  402. Zash SASL2? SASL2!
  403. stpeter has left
  404. kikuchiyo has left
  405. Sam Honestly, while I do encourage the support for SCRAM which has applications where it's extremely useful, for general chat servers I'd just only allow PLAIN. It's probably safer against the kinds of real attacks that matter just because it's got hash agility, which is an *extremely* important property to have.
  406. nephele has joined
  407. Sam [citation needed]
  408. Zash feels bad man
  409. nephele has left
  410. nephele has joined
  411. COM8 has joined
  412. xnamed has left
  413. nephele has left
  414. nephele has joined
  415. rq77 has joined
  416. COM8 has left
  417. COM8 has joined
  418. COM8 has left
  419. kikuchiyo has joined
  420. nephele has left
  421. nephele has joined
  422. COM8 has joined
  423. COM8 has left
  424. Laura has joined
  425. Link Mauve Sam, storing passwords in plain text is a really bad idea in my book.
  426. Link Mauve And if you store them hashed and do the PLAIN → SCRAM dance on the server it’ll take a huge lot of CPU power.
  427. lovetox yeah and there is no benefit or?
  428. lovetox you can just store them hashed
  429. Link Mauve But then you can only upgrade them on connection, which might not happen in a decade (or ever) for some users.
  430. lovetox ok, after a decade, i return an error text that says: you didnt loggin for a decade, call me if you want your acc back
  431. debacle has joined
  432. Matrix Traveler (bot) has left
  433. homebeach has left
  434. homebeach has joined
  435. Matrix Traveler (bot) has joined
  436. xnamed has joined
  437. antranigv has left
  438. abdullahi has left
  439. abdullahi has joined
  440. qwestion has joined
  441. rom1dep has left
  442. antranigv has joined
  443. Sam Link Mauve: Obviously you should not store passwords in plain text, you should hash them. PLAIN says nothing about how it's stored.
  444. Sam It's not perfect, it's better than SCRAM. Most of the time hashes aren't broken completely right away, instead you get things like SHA-1 showing weaknesses for a while. At that point you can start the upgrade process for users as they log in. Eventually if it is broken entirely, then you issue a password reset email or whatever to any remaining users and disable the old hashes.
  445. rom1dep has joined
  446. qy has left
  447. Link Mauve (Not a reply to you, but) SHA-1 being broken means nothing to SCRAM-SHA-1, which is still perfectly fine.
  448. Link Mauve It’s a common misconception though, which might have prompted Neustradamus to go on his crusade.
  449. qwestion has left
  450. Sam Oh yah, definitely, sorry, bad example
  451. Link Mauve Sam, we don’t have any mechanism for prompting a password reset atm, if we don’t know the email of a specific user they just get locked out. :(
  452. Sam Yah, that's also a huge problem
  453. kfv has left
  454. kfv has joined
  455. selurvedu has joined
  456. antranigv has left
  457. qy has joined
  458. stpeter has joined
  459. nephele has left
  460. nephele has joined
  461. stpeter has left
  462. qwestion has joined
  463. MattJ It's something I'll be working on this year
  464. Sam Extensible IBR was originally going to cover this sort of thing, but I never saw much interest in adoption so maybe something else is needed that's simpler
  465. Apollo has left
  466. thomaslewis has joined
  467. thomaslewis has left
  468. PapaTutuWawa has left
  469. Kev Didn't Dave's SASL2 stuff cover this? Or was that only in principle?
  470. MattJ It does, I'm planning to implement it
  471. Zash Someone with motivation and free time really ought to look at {IBR,SASL,BIND}2 :tm:
  472. antranigv has joined
  473. Kev You have no idea how much I want to have the time (and/or one of the team's time) to properly look at stream startup things.
  474. Nils MattJ: Thank you, just read that Github page. So if I understand you right, servers implement XEP-0215 and SRTP encryption is handled on the client side? Is there a way to know if a specific call I'm having is encrypted with SRTP? I know ATalk does this but I would love to see it in Conversations or Blabber.im. And where did you find out that Siskin supports encrypted calls? Do you have a link? Thanks so much for the info.
  475. MattJ Conversations only supports encrypted calls, so anything that can successfully call with Conversations is using encryption
  476. Zash I think Dino might have a thing showing some encryption details?
  477. MattJ I guess that's also why Conversations doesn't show encryption status - there is only one possibility :)
  478. Zash Can't you do calls without OMEMO then?
  479. MattJ Yes, the call encryption is unrelated to OMEMO, it uses temporary keys
  480. Kev has left
  481. Kev has joined
  482. MattJ So I mean, "no, you can do calls without OMEMO"
  483. nephele has left
  484. nephele has joined
  485. Link Mauve Conversations also created a mechanism for reusing an OMEMO session to validate the DTLS-SRTP key exchange IIRC.
  486. MattJ If you have an OMEMO session with the contact, it also signs them via that so they can be verified
  487. Link Mauve Right, that.
  488. abdullahi has left
  489. nephele has left
  490. nephele has joined
  491. Zash Where things (ZRTP things?) might show some fingerprints for manual verification otherwise
  492. Kev has left
  493. Kev has joined
  494. pasdesushi has left
  495. Kev has left
  496. xnamed has left
  497. pasdesushi has joined
  498. xnamed has joined
  499. nephele has left
  500. qy has left
  501. abdullahi has joined
  502. Yagizа has left
  503. Wojtek has left
  504. edhelas has left
  505. Wojtek has joined
  506. edhelas has joined
  507. qwestion has left
  508. qy has joined
  509. qwestion has joined
  510. Kev has joined
  511. Wojtek has left
  512. Beherit has left
  513. msavoritias has left
  514. Alex has left
  515. Apollo has joined
  516. thomaslewis has joined
  517. thomaslewis has left
  518. lovetox has left
  519. Alex has joined
  520. Alex has left
  521. xecks has left
  522. qwestion has left
  523. antranigv has left
  524. antranigv has joined
  525. marc0s has left
  526. marc0s has joined
  527. syrupthinker has left
  528. lovetox has joined
  529. pasdesushi has left
  530. goffi has left
  531. larma has left
  532. antranigv has left
  533. antranigv has joined
  534. larma has joined
  535. thomaslewis has joined
  536. thomaslewis has left
  537. dezant has left
  538. wop001@no-bullchat.net has joined
  539. Nils Okay that's really good to know. Do you know if Blabber.im as it is a fork of Conversations, does the same forcing encryption thing? And just to be sure, you are talking about E2EE calls right?
  540. Laura has left
  541. wop001@no-bullchat.net has left
  542. dezant has joined
  543. antranigv has left
  544. antranigv has joined
  545. larma has left
  546. Squeaky Latex Folf has left
  547. wop001@no-bullchat.net has joined
  548. thomaslewis has joined
  549. antranigv has left
  550. antranigv has joined
  551. thomaslewis has left
  552. wurstsalat has left
  553. wop001@no-bullchat.net has left
  554. emus has left
  555. debacle has left
  556. marc has left
  557. dezant has left
  558. dezant has joined