XMPP Service Operators - 2020-12-10

> I wrote: > Which xmpp server do you recommend? I am still looking around... I am just a week or two into this, but looking for a decent server Asking my question, I also asked my self what I really prefer of a good service (sic). And that are four things: 1) federated, in some sort set up by a group of people who have the knowledge and want it to share with others. 2) decentralised, not just one server, but decentralised over a few or more (hence: service - servers). 3) social and open minded, a good, decent, and friendly community that really listen to eachother. 4) secured against the 'evil courant regime and digital regime', but not supporting (very) illegal activity. You can say that I am a journalist, who prefer security for writing purposes only. Any suggestions?

86ul: My opinion and suggestions, the guy who advised you is working for "evil courant regime and digital regime". Alternatively, I'm running prosody. Conf is a bit long to enable all evolved server XEPs but can't compare with ejabberd as never used. (joke inside, I know nobody from evil, only assistants). A good service targets customer expectations. That's a bit generic but only the people knowing this can judge. Good sum-up. 1/ federated: every server interacts with other servers and only process data related to its scope 2/ decentralized because you don't have to ask anyone to be part of the system (relying on federation) 3/ Yeah! 4/ Really depend on your threat model. Users still have to be trained and not fall in traps. But this is pretty good knowing this, you could really pretend to use it for illegal activities in conjunction of appropriate technologies. Personally fulfill all my expectations, excepted that IRL friends prefers to give all their data to companies because they trap the users and are very reactive to implement good-looking and nice-to-have expectations (of course also real expectations). It takes time to include additional features in open federated networks. ✏

86ul: My opinion and suggestions, the guy who advised you is working for "evil courant regime and digital regime". Alternatively, I'm running prosody. Conf is a bit long to enable all evolved server XEPs but can't compare with ejabberd as never used. (joke inside, I know nobody from evil, only assistants). A good service targets customer expectations. That's a bit generic but only the people knowing this can judge. Good sum-up. 1/ federated: every server interacts with other servers and only process data related to their scope 2/ decentralized because you don't have to ask anyone to be part of the system (relying on federation) 3/ Yeah! 4/ Really depend on your threat model. Users still have to be trained and not fall in traps. But this is pretty good knowing this, you could really pretend to use it for illegal activities in conjunction of appropriate technologies. Personally fulfill all my expectations, excepted that IRL friends prefers to give all their data to companies because they trap the users and are very reactive to implement good-looking and nice-to-have expectations (of course also real expectations). It takes time to include additional features in open federated networks. ✏

86ul: My opinion and suggestions, the guy who advised you is working for "evil courant regime and digital regime". Alternatively, I'm running prosody. Conf is a bit long to enable all evolved server XEPs but can't compare with ejabberd as never used. (joke inside, I know nobody from evil, only assistants). A good service targets customer expectations. That's a bit generic but only the people knowing this can judge. Good sum-up. 1/ federated: every server interacts with other servers and only process data related to their scope 2/ decentralized because you don't have to ask anyone to be part of the system (relying on federation) 3/ Yeah! 4/ Really depend on your threat model. Users still have to be trained and not fall in traps. But this is pretty good knowing this, you could really pretend to use it for illegal activities in conjunction of appropriate technologies. Personally it fulfills all my expectations, excepted that IRL friends prefers to give all their data to companies because they trap the users and are very reactive to implement good-looking and nice-to-have expectations (of course also real expectations). It takes time to include additional features in open federated networks. ✏

Thanks for this advice bastoon

Hey, I want to ask about onionmessenger.com

It does not have contact addresses and the website is only converse

anyone know if we can file an abuse report?

(otherwise I’ll just drop s2s with it I guess)

They popped up today on Conversations MUC, no site, the app is an old Conversations clone signed *by Google* (as the new Play bundle stuff requires)

mathieui, which website? I get connection refused on onionmessenger.com:{80,443}

jonas’: xmpp works....

Licaon_Kter, xmpp isn’t used for websites though

ah! www.

It's an xmpp app...that part works...registration too

;)

Licaon_Kter, don’t care, I wanted to see the website mathieui was talking about myself

I mean we got someone with a pro-pedocriminal username (in french) joining rooms on jabberfr from that server

mathieui, file an abuse report with the ISP

after collecting evidence

That was the domain not the site :)

Licaon_Kter, hence I asked

ugh, clownflare

uh, not for the xmpp itself

that’s hosted in germany, giving you high chances of a reaction from the ISP

mathieui, remarks: * Please direct all complaints about Internet abuse like Spam, hacking or scans * remarks: * to abuse@contabo.de . This will guarantee fastest processing possible. *

jonas’, that’s from what?

mathieui, whois $(dig A onionmessenger.com)

as there’s no SRV record, that’s where XMPP clients connect

so it’s the abuse address of the ISP

I mean, I don’t want to make them close down, not yet, but if I can’t file an abuse report…

not of the operators themselves, but they hide behind clownflare and whois protection, so that’s the proper next step for escalation

the ISP *should* contact them first. you can include in your abuse report a hint how they can publish contact addresses on XMPP

mathieui: you never said what happened, spam?

nah, just connecting and saying hi, with the nick "recruiting kids for x videos" on many public rooms

Which does not sit well with me

And the fked up avatars :(

haven’t seen it, which is fine by me

well, abuse report sent anyway

good :)

isn't that... an anti-abuse report?

Ge0rG, the door’s over there.

mathieui: 👍

> nah, just connecting and saying hi, with the nick "recruiting kids for x videos" on many public rooms > Which does not sit well with me In a german muc he wrote: > Hello trade pictures child porn?

ಠ_ಠ

He only said "Bonjour" in the room I manage before he got banned

That was some minority report ban :))

well, the nick was on point