XMPP Service Operators - 2018-08-23

  1. Maranda

    huhu showing hidden rooms for server admins enabling superuser switch brought interesting results.

  2. Maranda

    (in disco#info that is)

  3. Maranda

    *repeats question here* anyone knows if ChatSecure or Conversation or some other client do something like creating hidden members only persistent rooms, with a random name (node). To emulate some "crypto-junk groups"?

  4. Maranda found a not so small infestation of those *unused* rooms on his MUC

  5. Holger

    Maranda: Yes, Conversations creates room JIDs with random node parts, and makes them members-only, hidden and persistent by default.

  6. Holger

    ChatSecure as well I guess, but I'd have to double-check.

  7. Maranda

    Holger: 👍

  8. Maranda

    I'm vaguely fought on adding auto-wiping of persistent rooms inactive for more than x time, but I guess that first or later I'll have to do it.

  9. Holger

    Yes I'm doing that as well.

  10. MattJ

    How much time?

  11. MattJ

    Is it really necessary?

  12. Maranda

    MattJ, that's the tricky question

  13. Maranda

    MattJ, and that's the other tricky question.

  14. Holger

    On my servers one year.

  15. MattJ

    I guess there may be a MAM archive to remove for privacy reasons?

  16. Holger

    Yes. And JIDs on affiliation lists,

  17. Maranda

    MattJ, in my case that wouldn't be a problem everything gets wiped when room is destroyed

  18. MattJ

    Sure, I'm not saying it's a problem - I'm thinking of reasons why you should remove the room in the first place

  19. Holger

    Same here, the point was that this is one of the reasons to not keep around dead rooms forever.

  20. Holger

    Besides data hyhiene I see neither strong reasons to remove nor to keep.

  21. Maranda

    MattJ, me too honestly, on lightwitch.org maybe not much but on a busier service if people with those clients start creating a dozillion of "private crypto clubs" like those then ditch 'em and forget about 'em... maybe it starts to become a problem.

  22. MattJ

    I work on a service that probably has over a million MUC rooms (plus archives)

  23. MattJ

    But yes, data hygiene :)

  24. Link Mauve

    Maranda, AIUI the goal is more to emulate groups of friends than cryptoanything.

  25. Link Mauve

    The model here is WhatsApp AFAIK.

  26. Maranda

    Link Mauve, yeah I got that much, but I thought somehow it could start involving OMEMO :P

  27. MattJ

    It probably does, but that's separate - using generated names for MUCs is quite an old approach, I'm sure some desktop clients do it too

  28. Link Mauve

    Gajim for instance, when you “invite more people to a 1 to 1 conversation”.

  29. Link Mauve

    Alongside the upload of the previous history.

  30. Maranda

    Link Mauve, *upload of the previous history* 🤔 🤔 🤔

  31. Link Mauve

    Maranda, this protocol: https://xmpp.org/extensions/xep-0045.html#continue

  32. Maranda


  33. Maranda

    it may sound cruel but I think I'll default the inactivity expiral to the usual ChanServ one on IRC (it's configurable of course)

  34. Maranda

    (aka one month)

  35. Maranda

    (and there's a configurable whitelist as well)

  36. Maranda

    (and there's a configurable whitelist as well, also cleaning has to be explicitly enabled)

  37. pep.

    As long as you say you're doing it in your policies, I don't see the issue. Re removing old inactive rooms

  38. MattJ

    and what counts as "inactive"?

  39. MattJ

    No messages? or nobody joined?

  40. Licaon_Kter

    MattJ: I'd go with "no messages"

  41. MattJ

    So in this case you just notify everyone in the room that the room has been destroyed?

  42. Holger

    I do "nobody joined".

  43. Holger

    This already catches the vast majority of dead rooms for me.

  44. MattJ

    Good to know

  45. Maranda

    MattJ: "nobody joined" I count only stanzas from occupants as last activity

  46. Link Mauve

    Licaon_Kter, it seems JabberFR has had the same attack as draugr.de, at least against a user named the same way.

  47. Link Mauve

    I just handled it.

  48. Maranda

    Ohh that's why it hickupped yesterday

  49. Licaon_Kter

    Link Mauve: link?

  50. Link Mauve


  51. peter

    Thanks, Link Mauve!

  52. Link Mauve

    Already half of them sent an automated reply that this mailbox doesn’t exist. :|

  53. Link Mauve

    On freaking abuse@…

  54. peter


  55. lejtes