XMPP Service Operators - 2021-03-18

  1. southerntofu

    hello, maybe stupid question: is there a XEP for s2s network censorship circumvention? maybe something like BOSH for S2S?

  2. southerntofu

    someone was asking about that on lemmy.ml in a thread about nation-wide censorship of networks

  3. Link Mauve

    southerntofu, if your sole censorship threat is that some ports are blocked, you can run an XMPP service on port 443.

  4. Licaon_Kter

    SRVs to the rescue? southerntofu see XEP-0368

  5. southerntofu

    yes i'm aware (though i don't think s2s on port 443 would work?) the question was more about chinese great firewall type of censorship, eg. my server can't communicate with yours

  6. southerntofu

    ah ok 443 is possible for s2s with SRV thanks :)

  7. Link Mauve

    (southerntofu, why wouldn’t it?)

  8. jonas’

    southerntofu, with the chinese great firewall, not even a VPN rescues you

  9. jonas’

    you’re lost there, they’re experts in traffic analysis

  10. jonas’

    they can distinguish facebook vs. google even when tunneled through a VPN just by traffic patterns

  11. southerntofu

    though i'm not sure it would be indistinguishable from HTTPS trafic

  12. jonas’

    they’re really open about that, you can read their papers :)

  13. Martin

    But they don't seem to care about xmpp yet. It just worked without any VPN when I was in China.

  14. jonas’

    southerntofu, it would, easily. HTTPS connections don’t live that long, the packet sizes, rates and reply/response correlations differ

  15. southerntofu

    jonas’, yeah there's still quite a lot you can do especially for a two-directional protocol like XMPP.. i mean people still use something-thats-like-a-VPN in China to access the rest of the network :)

  16. southerntofu

    btu sure correlation attacks are a thing

  17. southerntofu

    so my question was more like is BOSH for S2S possible? eg. REAL HTTPS for s2s connections?

  18. Link Mauve

    southerntofu, this wouldn’t solve the issue jonas’ is mentioning.

  19. southerntofu

    indeed no, just make it harder

  20. jonas’

    barely, at the cost of making everything else terrible

  21. southerntofu

    i'm not familiar with details, but i heard tor project had good experiences with maskerading trafic as WWW to circumvent censorship (snowflake?)

  22. jonas’

    I’d then rather look into similar measures on the s2s layer, instead of making s2s go over HTTPS and making everything terrible

  23. southerntofu

    anyway thanks for the answer in my view the real answer is to run some censorship-circumvention on top of existing services, not try to integrate imperfect solution in every service :)

  24. Tim

    See "shapeshifting" https://www.pluggabletransports.info/transports/ (I've never tried it.)

  25. xorman

    do you know of any reactions XEP?

  26. moparisthebest

    xorman: https://xmpp.org/extensions/xep-0444.html

  27. xorman

    thx

  28. xorman

    I saw a discussion days ago about cryptocurrency integration talking mostly about payments, but really chat-currencies integration happens mostly around (monetizing) reactions