-
Menel
Since only neraly only matrix.org deploys bifrost its sufficient to block "matrix.org"
-
throughaway123
Reminder to everyone who's still on v2 onion, they are going to be discontinued soon and won't be well reachable through Tor. You are adviced to switch to v3.
-
throughaway123
And something different: A user of xmpp.zp1.net and creep.im have been spamming and sharing conspiracy theories into a Coronavirus related MUC. I don't know how to reach the admins of those server. If you know, the users are: noname@creep.im and v-mann@xmpp.zp1.net The MUC in question is: xmpp:corona@chat.yax.im?join
-
creep.im
I am not going to ban anyone because of conspiracy theories
-
throughaway123
It was dominating the MUC through the means of spamming and trolling to spread conspiracy ideology. You neither care about spamming?
-
Licaon_Kter
creep.im: ^^^ ^
-
Харпер
https://github.com/JabberSPAM/blacklist/commits/master
-
throughaway123
Ah, lol, creep.im is already on that blocklist.
-
Martin
Yes, because there was spam and the admin was not reachable by that time. But seems creep.im never tried to get unlisted now that they are reachable here.
-
christian
throughaway123 are you the responsible for yax.im?
-
throughaway123
christian: no, sorry can't help you with that.
-
jonas’
throughaway123, the room admin is not taking care of that?
-
throughaway123
Room admin did respond well.
-
jonas’
throughaway123, ok, thanks
-
throughaway123
(It happend during their sleeping time. Next morning they got blocked)
-
jonas’
at that stage I think escalation to the service operators is not necessary or helpful. especially with that coronavirus topic (as much as I despise conspiracy theories), I don’t think that a network-wide ban (deletion of the account) would be beneficial to anyone.
-
jonas’
if the behaviour spreads to other places, that’s a different story obviously
-
throughaway123
Why do you believe it's not helpful?
-
jonas’
it is a slippery slope we need to be careful around
-
jonas’
in the end, I run netiher of the involved servers and if the room admin is taking care of it, it’s also fine from the search.jabber.network perspective, so these are just my private ramblings anyway
-
jonas’
and I need to attend to other things now :)
-
jonas’
throughaway123, though, it may be useful if you posted screenshots or logs maybe of the specific things which took place, so that involved admins can make a better judgement
-
throughaway123
Borrowing the slippery slope argument, keep in mind that the slippery slope argument is by itself often a slippery slope, following a bias that devalues the risk from remaining passive lower then thr risk from being active, without a rationale explanation. Do nothing because doing something has a risk too, is a slippery slope. Nevertheless I agree, that with power comes great responsibility.
-
throughaway123
> throughaway123, though, it may be useful if you posted screenshots or logs maybe of the specific things which took place, so that involved admins can make a better judgement Oh, I thought the posts of the spammers are still publicly visable. They aren't?
-
jonas’
throughaway123, it requires joining though, which one might not watn to
-
throughaway123
(Oh, ok. i guess that is due to the spam. )
-
jonas’
(I personally left that room because it was too much to bear mentally, so I’d prefer not to join -- I can imagine that others might want to keep their contact with that topic as low as possible, too, so screenshots help :))
-
throughaway123
https://share.conversations.im/throughaway123/BQJj6HRXEYrCgZro/YGTMzaOuQS69u-PwwfhIGQ.jpg
-
throughaway123
https://share.conversations.im/throughaway123/bV5P1lCZu2s9oxfR/BEPAC7g4QJ6DFy_UZqQ4WA.jpg
-
throughaway123
https://share.conversations.im/throughaway123/1NEIJ35O3R6vbSMX/FfMDj8NWTle6TC3cG5-fLg.jpg
-
throughaway123
https://share.conversations.im/throughaway123/1OgenLfvQG8ekgbX/psJfzyNlTKmYVZCifrOwgA.jpg
-
throughaway123
https://share.conversations.im/throughaway123/7zHVgVSbDwXuPSS4/6qyfYgGeRHyB8tgJk5X7Hw.jpg
-
throughaway123
(kleine auswahl)
-
throughaway123
(It's in german, don't know how helpfull that is)
-
croax
Anyway, to report this is spamming or not should only be reported by MUC admins. Why to escalade this here while we don't even know this is not in accordance with MUC policy or not. Disclaimer: I don't support these theories.
-
croax
Last pic is pretty clear but this is MUC admin business
-
throughaway123
croax: 1. if someone spreads racist conspiracy theories I consider this to be a problem 2. if the MUC policy is against or in support of racist conspiracy theories is a different question. 3. It's not, and I said this already. The MUC is well moderated. 4. Why do you believe your input is of any use in that debate?
-
Ellenor Malik
This is not where to escalate it, throughaway123. IM or mail the yax.im admins if you can't get a resolution from the MUC mods
-
throughaway123
creep.im admin responded with: I don't care.
-
croax
throughaway123: what? Only saying this is not the place. There could be a murder we do not operate this scope of issue.
-
Ge0rG
throughaway123: https://yaxim.org/yax.im/tos/ covers what is legal and what is not legal on yax.im.
-
Ellenor Malik
throughaway123: The MUC is on yax.im, not creep.im
-
jonas’
Ellenor Malik, the offender is not on yax.im though
-
throughaway123
jonas’: correct! :-)
-
croax
MUC admin can block or report to authority.
-
Харпер
throughaway123, how do you know the JID of the spammers if you aren't admin of that muc?
-
Ellenor Malik
jonas’: The chat.* admin (usually = Jabber service admin) can revoke access to terrible people, at home and overseas.
-
croax
But this is under admin responsabiltiy. If admin need federation help, this is the right place. But as far as I understand, that's not the case (yet)✎ -
Ellenor Malik
so it's in-scope for Yax.
-
croax
But this is under admin responsabiltiy. If admin needs federation help, this is the right place. But as far as I understand, that's not the case (yet) ✏
-
throughaway123
> throughaway123, how do you know the JID of the spammers if you aren't admin of that muc? it's public soon as one shares a pic.
-
Ellenor Malik
Their rhs is.
-
Ellenor Malik
Bravo, you found a chat channel that's not well moderated. Cookie?
-
Харпер
hmm http upload shares jid? not just server?
-
jonas’
only the server
-
throughaway123
Ok, here I have a question to fellow service operator: What is the correct process to limit the spread of racism, spammers, conspiracy theroies, sexism...? (Hint: if your answer is a singular solution, you do not have the required knowledge to answer the question, and so please keep the noise out)
-
Julian
Ejabberd can be configured to include the jid in the get url. mod_http_upload - jid_in_url
-
croax
throughaway123: there's MUC policy, server policy, law, and free speech. Guess who to report to.
-
throughaway123
croax: can you please stop being a reply guy, if you're obviously not able to answer my question?✎ -
throughaway123
croax: can you please stop being a reply-guy, if you're obviously not able to answer my question? ✏
-
croax
Right
-
throughaway123
Thanks.
-
MattJ
throughaway123, it seems to me like you already made up your mind what kind of answer you want
-
MattJ
I'm not sure this is the best venue for that discussion. These are complex social issues.
-
MattJ
We're not likely to solve them here to everyone's satisfaction, and I'd rather not be responsible for moderating any attempt
-
MattJ
Every MUC and server admin has their own policies, so if you have specific problems, it's best to reach out to them directly
-
MattJ
And if they're not interested in solving the problem to your satisfaction, just leave and/or block them as needed
-
throughaway123
Ok, your MUC, your rules. Everyone is here welcome, as long they are MUC operator?
-
Ellenor Malik
No, service op.
-
MattJ
The primary focus of this channel is for XMPP server operators to discuss with each other the XMPP network. This can be to resolve technical issues with federation, or share advice, tips and other relevant information about running a server.
-
throughaway123
(Yes sorry, what was what I ment)
-
jonas’
throughaway123, there are ways to get banned even from here, for sure
-
jonas’
the XSF is currently in the process of establishing a CoC which will also apply to this venue I suppose.
-
MattJ
We don't exclude others from participating in such discussions, as long as discussion stays on this topic. In some cases we have muted non-operators for a while when it was necessary to keep the channel useful for its purpose.
-
Харпер
disco is used for getting member, correct?
-
MattJ
Харпер, members of a MUC? No, there is a specific query for that (only available to MUC admins or when the MUC is configured to show JIDs publicly)
-
Харпер
no in this room
-
Харпер
by authbot
-
MattJ
Oh, I see
-
MattJ
It's based on the contact addresses advertised by your server: https://xmpp.org/extensions/xep-0152.html
-
throughaway123
> The primary focus of this channel is for XMPP server operators to discuss with each other the XMPP network. My question was about that. To discuss how to deal with such issues as a network. So I'm confused what you mean with "xmpp nerwork". Onky the technology, or the technology + the human interaction which makes it a social network?
-
MattJ
Primarily the technology, but no, not only. The tools already exist to, for example, block other servers, MUCs, etc. and also to contact service admins. You indicated this is not the kind of answer you wanted, though
-
pintosesk
an 'xmpp network' is just used to describe the public facing XMPP client-server infrastructure, no?
-
MattJ
It seems you want discussion of actual policies... however opinions will vary strongly (I know that for a fact), so we're unlikely to reach an agreement here
-
MattJ
Already there is mild disagreement about whether e.g. conspiracy theories should be blocked, and at what level they should be blocked. The thing about a decentralized network is that these disagreements are okay... we all have the power to choose what services we use and what MUCs we join
-
throughaway123
> You indicated this is not the kind of answer you wanted, though They are fine and useful as answers, if they respect the cultural and social aspects that lead to the rise of [racism, sexism, conspiracy theories...]
-
Ge0rG
You can't solve social problems with technical means. This has been true since the invention of technology.
-
MattJ
For example, evidence I have read suggests that engaging with many conspiracy theorists is the recommended route over shutting them out (which just reinforces their belief that they are right)
-
MattJ
But this is not the venue to really decide that, it's up to service and MUC admins to decide for themselves what policy they will follow
-
throughaway123
> You can't solve social problems with technical means. This has been true since the invention of technology. Technolgy impacts social interactions. There's a reason that by the means of youtube and facebook a new rise of conspiracy theory and a new rise of facists can be observed.
-
MattJ
In a coronavirus news channel, I can totally see a ban on non-authoritative sources making sense, for example. A more informal discussion channel might prefer to engage such people instead.
-
Ge0rG
throughaway123: well, you can make social problems worse with technical means, that's true.
-
pintosesk
> opinions vary strongly I'd think this would be more the place to refine XMPP implementation as a whole or a specific policy one already has in mind, yeah. I'm not necessarily here to tell you what you ought to do, throughaway123, so much as give conjecture on how it might be well done. I suspect many here are of the same disposition, beyond kindly informing other hosts of spam sources and such *strictly* janitorial matters.
-
pintosesk
where the harm is not merely social, but infrastructurally damaging.
-
throughaway123
> For example, evidence I have read suggests that engaging with many conspiracy theorists is the recommended route over shutting them out (which just reinforces their belief that they are right) That is from this one singular study? (I saw it being shared some time ago in some MUC, can't remember exactly. The assumption that engaging is more effective then shutting them down, is false, because it depends on the circumstances. If you want to push out professional trolling effort that aim to shift the overtone window (yes, facists and conspiracy ideologists educate themselves about such means of communication) you push them out, but engage with the rest, for example.
-
pintosesk
Providing an extensible service that suits wide needs via modularity; that is XMPP to me. Taking social footholds is beyond that scope imo, and should be left to individual administration (or modules ;D)✎ -
pintosesk
Providing an extensible service that suits wide needs via modularity; that is XMPP to me. Taking social footholds at the core level is beyond that scope imo, and should be left to individual administration (or modules ;D) ✏
-
throughaway123
> throughaway123: well, you can make social problems worse with technical means, that's true. You impact it, for the better or the worse. (What's better/worse obviosly depends on eachs individual position).
-
MattJ
throughaway123, right, and this is exactly the thing that I *don't* want to debate in this chat :)
-
throughaway123
UX, it's about UX
-
MattJ
Maybe you are right that the study is false, maybe you are wrong - but we're not going to agree here
-
MattJ
(I mean "we" collectively)
-
pintosesk
> throughaway123 wrote: > UX, it's about UX UX?
-
pintosesk
In what way?
-
throughaway123
user experience
-
MattJ
I personally don't know what the right answer is to dealing with conspiracy theorists, but I do know how to contact XMPP admins and block servers, if that's what you want to do
-
MattJ
But you have to respect that some people may not believe that is the right course of action
-
pintosesk
> shut them down This isn't a social steering committee, imo.
-
throughaway123
UX will differ depening if service operator and xmpp developers take countering conspiracy theories, sexism, racism as an important part to improofe UX. It will impact code, it will impact admin behaviour.
-
pintosesk
his is an infrastructure chat. These people pose a social threat to you, not infrastructure.✎ -
pintosesk
This is an infrastructure chat. These people pose a social threat to you, not infrastructure. ✏
-
throughaway123
(The infastructure as no meaning, without the social interaction)
-
pintosesk
And you need more than XMPP to properly implement your censorship. Call your gov. surveillance agency or the FCC, or something.
-
pintosesk
> throughaway123 wrote: > (The infastructure as no meaning, without the social interaction) Then you don't need to go through us, the XMPP operators, because we are not the independent variable here.
-
pintosesk
Your princess is in another castle.
-
throughaway123
(I don't call for cencorship. I call to think about how our admin and development decisions can have an impact on [social things)
-
Holger
throughaway123: And you've been told how this topic is off-topic in here.
-
pintosesk
And how do you plan to act based on that thinking? 'shutting down' people is censorship.
-
pintosesk
no slicing this pie differently.
-
Ge0rG
If everybody is good at detecting and ignoring racism and propaganda, then we don't need to implement any technical measures. All we need to do is elect governments that put proper education first, and then wait for 40 years.
-
Kris
make a bot that picks up on certain conspiracy phrases and ridicules them. There, fixed that problem for you /s
-
pintosesk
If you aren't going to speculate on how to infrastructurally implement your wish here, not just socially, your result will be partial and your desires unfulfilled. At least brainstorm some sort of module for this, y'know? For example: a room or message keyword field exposed to the user.
-
throughaway123
> throughaway123: And you've been told how this topic is off-topic in here. I've been first told it's offtopic, then explained how it's ontopic, to then again it would be offtopic. The reasoning is not consitancy, so I have trouble to understand what it ok to say, and what not. All I notice that I'm not welcomed, but I am unable to use the presented arguments to form a logical reasoning out of it. (Sorry that might be my autism. Humans confuse me....)
-
pintosesk
a bonus of such a module would be quick search of messages within a certain range, and if the keywords display near the body onscreen, one might even remember the simple keyword when looking back for a long ago message.
-
pintosesk
for rooms, it could display near the topic and orient discussion more strictly.
-
pintosesk
thoughts?
-
Kris
pintosesk, such specifc implementation topics can better be discussed in a general muc like chat@joinjabber.org or the specific server's mucs if you want to talk actual module creation
-
throughaway123
(See, now people engage on how a XEP meeting my need could look like. Am I acting against the MUC rules if I engage with it...it's hell of a confusion to me)
-
pintosesk
hmm.
-
Holger
throughaway123: Issues/questions regarding the infrastructure itself ("why is s2s with jabber.org broken?", "how do I block jabber.org?") are on-topic. Issues/questions regarding the impact of infrastructure decisions on social things ("will blocking jabber.org result in a desired social outcome"?) are off-topic.
-
pintosesk
So this is purely a janitorial chat then.
-
Kris
server admin, yes
-
MattJ
Yes, discussions of policies are off-topic, and discussions of client UX are off-topic (this channel is not for client developers) and discussions of XEPs are generally off-topic (this room is not about general XMPP protocol development)
-
Kris
don't call them glorified janitors 😉
-
pintosesk
Gotcha. Well, throughaway123 , sorry to mislead you, there actually really is nothing constructive you can say here, but if you care to join me in chat@joinjabber.org, you might be more satisfied.
-
pintosesk
Thanks, by the by, Kris .
-
pintosesk
> glorified janitors I guess it's more like plumbing or a post office'✎ -
pintosesk
> glorified janitors I guess it's more like plumbing or a post office. ✏
-
Martin
authbot: help
-
MattJ
authbot cannot help you, Martin
-
Martin
😔
-
throughaway123
Ok, I think finally I understand what this MUC is for. Please update your MUC description acording to your expectations. That confusion easily leads to frustration and a waste of time.
-
Martin
TIL authbot.
-
Martin
How does it work? Muting people who spam after joining?
-
MattJ
throughaway123, I think the topic is clear enough for a topic, but we are working on a more throrough page explaining this channel for the xmpp.org site
-
jonas’
Martin, it requests contact info. if real jid == relevant contact && affiliation == none, set affiliation to member✎ -
jonas’
Martin, it requests contact info of the domain of the real jid. if real jid == relevant contact && affiliation == none, set affiliation to member ✏
-
Martin
Ah, sweet.
-
jonas’
(on join)
-
pintosesk
you might want to change the topic from 'discussions between XMPP server operators about the XMPP network' to '[...] about maintenance and status of the XMPP network'
-
pintosesk
so as to clarify that general discussion of the network itself is off topic.
-
Martin
I want a 'verified server operator' blue tick. 😂
-
MattJ
Maybe one day we can finish the hats XEP and you can have one, it would indeed be perfect for this chat :)
-
Kris
just make people members and mute guests?
-
MattJ
I (and authbot) do make people members, but not everyone has XEP-0152 enabled or joins from a JID listed there if they do
-
jonas’
(nor should they have to)
-
MattJ
and I think this is a valid place for non operators to e.g. ask for help reaching an admin of a particular service, or other enquiries that we might be able to help with
-
MattJ
Oh yes, I meant that
-
croax
MattJ: maybe to create a dedicated MUC for this
-
MattJ
For what?
-
throughaway123
(It's obviously ok to be offtopic from time to time, and the following question is just to verify that I understand the rules of this MUC correctly: you're all offtopic atm?)✎ -
MattJ
if you mean for seeking admins of a particular service, that's basically saying that admins should join both rooms
-
MattJ
and we (I, at least) have enough MUCs already
-
throughaway123
(It's obviously ok to be offtopic from time to time, and the following question is just to verify that I understand the rules of this MUC correctly: you're all offtopic atm? ((sorry if that'a all obvious to you, can't help with my autism)) ✏
-
MattJ
throughaway123, yes, kinda. We're discussing the rules of the room... not really a better place to do that :)
-
MattJ
We had no problems when it was small and there were ~30 people here who just got along fine
-
pintosesk
growing pains?
-
MattJ
But nowadays we have many people, new people, and I think it has grown faster than the "community"
-
croax
There could be a MUC providing help for users on general XMPP service questions. But maintenance of federation and technical advices is not same subject to me.
-
MattJ
As I said, we're working on publishing some guidelines
-
Holger
The XMPP hype is getting out of hands.
-
MattJ
croax, this has never before been a "strictly maintenance and status discussions" chat
-
croax
MattJ: yes not saying this is or has to be. Just a wish :-)
-
MattJ
I only started being strict about staying on topic in recent months because of things getting out of hand
-
MattJ
If everyone really wishes it to become that, it can be
-
MattJ
and then it may make sense to close it entirely and have it be invite/registration only, after verifying you are an operator
-
MattJ
I don't know if that's the best route, but... meh
-
pintosesk
This seems to be a maintenance and status discussions chat with select benefits to me.
-
Ellenor Malik
Mmm.
-
pintosesk
I can't say much more than that.
-
MattJ
Well it's clear that some people these days *expect* it to be that
-
Ellenor Malik
Can there be an operators-meta@ for this kind of bikeshedding?
-
MattJ
Ellenor Malik, not if I'm a moderator there, and I don't know who else would volunteer
-
MattJ
Anyone is free to go and make one anywhere, of course
-
Ellenor Malik
ah
-
Ellenor Malik
> MattJ wrote: > and then it may make sense to close it entirely and have it be invite/registration only, after verifying you are an operator > I don't know if that's the best route, but... meh Doesn't that possibly shut out new operators?
-
MattJ
Yes, which is why I don't really like it
-
MattJ
I also think it's fine and valuable to have an open place where non-operators can reach operators
-
MattJ
But maybe most other operators don't feel that way
-
jonas’
MattJ, I think making everyone happy is not going to work. So if anything, the room should be a place you (or whoever has that role, the XSF, ...) is happy owning with.
-
jonas’
if most other operators disagree with that, someone can step up and improve on it, one way or another.
-
MattJ
jonas’, well, I get complaints when I enforce strict on-topic discussions, I get complaints when I don't ban people immediately for being off-topic... I'm not sure how happy I'll ever get :)
-
jonas’
though I don’t think that a "closed" group where at the same time all XMPP operator have access is especially useful.
-
Ellenor Malik
I consider myself to be among new service operators. I have less than 5 years' experience in this field.
-
pintosesk
You don't have to ban people immediately, but drawing a clear line between on and off topic is best to make non regulars or different crowds at ease here.
-
pintosesk
Otherwise we can't tell if we're dancing on your head or not.
-
Holger
I could imagine (a) everyone being happy with having non-ops reaching out, (b) most being happy with occasional off-topic smalltalk, and (c) most being (very) unhappy with endless discussions on random political topics. Problem is a policy that takes care of (c) easily conflicts with (a) and (b).
-
MattJ
Yes, (b) is the problem, because it used to be fine when it was not controversial discussions, but these days we get more and more controversial discussions coming up... and the only impartial way to deal with it is to ban the lot
-
Ge0rG
IMHO this place should be primarily for reaching out to server operators about technical issues. We have no technology to solve social issues and thus I'm fully okay with flagging them as off topic, and muting repeat offenders
-
MattJ
Otherwise we lose the real value of this room
-
Ellenor Malik
The fact I've not quit completely falls to a mixture of causes: the welcoming and apparently collegial nature of places like here, stubbornness after banishment from support chats, and an ideological interest in ensuring a future for the Jabber federation.
-
pintosesk
I think it's possible to resolve the conflict so long as nobody makes smalltalk with any intent or motive behind it.
-
MattJ
pintosesk, but I don't want to be the judge of whether people have intent or motive... it just puts me in an awkward position
-
pintosesk
So just, 'if you want something from us, it better be about our servers and not us as people' would do I think
-
MattJ
I end up with PMs from people who think I am personally opposed to them, and unfair
-
Ge0rG
MattJ: that's the expected effect of all moderation
-
pintosesk
you just gotta make it clear that the smalltalk is pleasant talk and not a therapy session or thinktank, the latter being what I thought it might partially have been.
-
MattJ
I want to preserve what we had, which is what is in the topic... a place for server operators to discuss the network in a civil manner
-
MattJ
But I believe that is becoming increasingly impossible as the channel grows
-
pintosesk
I feel like you're being a bit condemning about it, although perhaps I'm just new to the phenomenon.
-
pintosesk
I don't think there's much else left for me to say about it though.
-
pintosesk
How's the price of gas?
-
MattJ
This channel has been one of the most unpleasant parts of my participation in XMPP in recent months
-
MattJ
So yeah
-
jonas’
"pintosesk, who cares, don’t drive a car or do you hate the planet?!"
-
jonas’
(just to drive the point home, I guess :()
-
pintosesk
Hovercars or bust
-
pintosesk
but I digress
-
Ge0rG
MattJ: I think you are doing a great job with the moderation here
-
MattJ
Ge0rG, sure, some people think so. Others don't :)
-
pintosesk
I don't think you're a bad fellow.
-
jonas’
what bothers me most is that this is taking valuable time from MattJ :)
-
MattJ
and I know I'll never please everyone. But I don't really want server operators leaving because of whatever policies we decide upon here.
-
MattJ
Obviously some will, but it's mostly valuable if we can keep it useful for its original purpose
-
MattJ
I think the next step is to get that page up on xmpp.org, and then we have some concrete points on record that we can agree to and/or iterate upon
-
Ge0rG
MattJ: if the goal of this place is to have server operators available for civil discourse, you should weigh the feedback from them higher, or you'll end up without them
-
pintosesk
I don't think anything or one of value will leave is you say 'no ad hominems or unsolicited requests for personal reform'.
-
MattJ
Ge0rG, indeed, I try
-
pintosesk
or something like that.
-
Ellenor Malik
I'm just a soft animal
-
pintosesk
that's cool
-
Харпер
My hat has arrived
-
jonas’
nice hat
-
pintosesk
nice (mystery) hat
-
throughaway123
> I want to preserve what we had, which is what is in the topic... a place for server operators to discuss the network in a civil manner So either I'm again confused what this room is for, or you just wish to preserve an old status quo that was: I don't care about minorities, I don't care about white supremacy and sexism, please I want my privilidged comfort being protected. What ever, I understand I'm not welcomed here. Bye.
-
MattJ
and there we go
-
Ge0rG
MattJ: you can't make it fit for the people who *want* to misunderstand you
-
croax
We can build best message protocols, it seems humans have built-in firewalls and hardcoded stanza length limits. So do I.
-
Ellenor Malik
:o
-
rob
Hopefully I didn't miss anything important 😵💫
-
Martin
MattJ: > I (and authbot) do make people members, but not everyone has XEP-0152 enabled or joins from a JID listed there if they do 0157?
-
Харпер
yes
-
Licaon_Kter
So I should join with the user admin mentioned in 157 to get upgraded to "member"?
-
Харпер
yes
-
Харпер
you can add multiple too
-
Martin
Licaon_Kter: You are already member. ;-)
-
Licaon_Kter
Martin: because I asked at one point when the room went members only, sameish offtopic iirc
-
jonas’
Licaon_Kter, that’ll stay, authbot is only an aid for the room owners to not have to allowlist everyone manually :)✎ -
jonas’
Licaon_Kter, that’ll stay, authbot is only an aid for the room owners to not have to allowlist *everyone* manually :) ✏
-
Licaon_Kter
Right
-
Licaon_Kter
FYI in the Offtopic room we have lots of fun being ontopic, so if you wanna redirect them to xmpp:conversations-offtopic-reloaded@conference.trashserver.net?join feel free. /end of advertisment
-
jonas’
Licaon_Kter, not sure where else I have you, do you intend to incorproate the feedback in https://github.com/xsf/xeps/pull/1062 ?
-
Licaon_Kter
jonas’: yes, but lack of time, also was afk for the week.
-
jonas’
Licaon_Kter, ok, just wanted to make sure, take your time :)
-
4223
MattJ: thank you!
-
4223
> MattJ: you can't make it fit for the people who *want* to misunderstand you Troll from first post. There is nothing to understand. Comes up with different nicks in several mucs.
-
Ellenor&c Bjornsdottir
4223: Called Morph?
-
qy
Should tell stories about morph to non-xmpp folk. Irritating though he is, he's basically folklore now, and that would drag in users
-
qy
Everyone loves a herobrine
-
qy
Especially a real-life schizophrenic one
-
4223
Ellenor&c Bjornsdottir: don't know, the first friendly but never ending questions, mixed with more and more agressive noise reminds me off different nicks (but I do not remind the exact nicks).
-
MattJ
I am sure conversations-offtopic-reloaded@conference.trashserver.net welcomes your morph discussions :)
-
Licaon_Kter
:)
-
4223
MattJ: /me 🤐
-
Ellenor&c Bjornsdottir
qy: ??
-
Ellenor&c Bjornsdottir
Herobrine?
-
Martin
> I am sure conversations-offtopic-reloaded@conference.trashserver.net welcomes your morph discussions :) No more morphing please. 🙂
-
Lego
removed by jonas’
why not
-
vanitasvitae
MattJ: ^
-
jonas’
on his way
-
a moderator
removed a message
This message contains inappropriate content for this forum
-
Neko
Remember this name MORPH! All of you will pray! Fuck! Fuck! Fuck! Morph is god XMPP!
-
Neko
Remember this name MORPH! All of you will pray! Fuck! Fuck! Fuck! Morph is god XMPP!
-
Neko
Remember this name MORPH! All of you will pray! Fuck! Fuck! Fuck! Morph is god XMPP!
-
Neko
Remember this name MORPH! All of you will pray! Fuck! Fuck! Fuck! Morph is god XMPP!
-
Neko
Remember this name MORPH! All of you will pray! Fuck! Fuck! Fuck! Morph is god XMPP!
-
tom
did anybody happen to catch the ip address of that one?
-
jonas’
I think so.
-
tom
it happened on my server too, but i don't log such information
-
tom
jonas’: did they use the anonymous logon componet?
-
jonas’
yes
-
Харпер
s2s discloses IP of users?
-
tom
no
-
tom
anonymous logon only works on local services
-
jonas’
Харпер, no, this was someone abusing anon.xmpp.org
-
jonas’
so the IP address was locally available
-
tom
nice, didn't know xmpp.org had anon services
-
tom
too bad someone's abusing that though
-
tom
it happens
-
tom
jonas’: can you please share the ip with me so i can prevent that ip from using my anon as well
-
jonas’
no
-
jonas’
well, I probably could, I realize, because I’m in iteam, but the number I saw elsewhere indicated a Tor exit node.
-
jonas’
(of course)
-
jonas’
so it’s not gonna help anyway.
-
tom
oh ok
-
tom
well it does help to temporarily block those as their abused
-
jonas’
I expect them to switch exit nodes for each attempt
-
tom
that way your not blocking tor, but just degrading service enough until the spammer stops
-
jonas’
if they go as far as using Tor and the anon service fo rthis
-
tom
yeah but you can't choose your exit node. so the more you block temporarily the less likely and harder it gets to spam
-
Харпер
blocking a single tor exit is silly
-
tom
when the spam waves stops service levels return to normal
-
jonas’
tom, seems like a lot of resources wasted on maintaining a list of IP addresses if you could also just use a Tor-blocking RBL for a while :)
-
tom
security is just a game of making it harder than the bad guy wants to put effort to do
-
tom
no i don't reccomend using a tor rbl
-
tom
also
-
tom
this should be automated
-
jonas’
how? :)
-
tom
you don't want to completely block tor
-
Харпер
https://iplists.firehol.org/?ipset=firehol_anonymous
-
tom
jonas’: with something like fail2ban to manage ttls
-
jonas’
uhh, interesting
-
jonas’
that would require feeding the fact that a message was retracted by an admin (or that a ban was placed on the IP via XMPP) into fail2ban
-
tom
treat it like a spam score when doing email filtering
-
Харпер
if you want to allow tor, just make an onion and require an account
-
jonas’
but then you’re still faced with lots of abuse you could’ve blocked by blocking the entirety Tor for a while. it’s trade-offs all the way down.
-
tom
Харпер: what difference does having an onion make?
-
jonas’
tom, accountability, because the user is authenticated
-
tom
i don't understand
-
tom
it's still encrypted
-
tom
you just added another layer of encryption on top of the tls
-
Харпер
what does encryption have to do with anything?
-
jonas’
current situation: user -> Tor --c2s-> anon.xmpp.org --s2s-> muc.xmpp.org; bans only work based on IP addresses. proposed situation: user --c2s-> whatever.onion XMPP server --s2s-> muc.xmpp.org; bans work based on the XMPP account (which is presumably harder to change than IP addresess, and if the server operator is not acting on the abuse, we can block the entire whatever.onion)
-
tom
what difference does saslanon and saslanon+onion make
-
tom
or i mean
-
Харпер
what jonas’ said
-
jonas’
tom, onion+non-anon sasl was the proposal
-
tom
saslanon+torexit and saslanon+onion
-
tom
your hosting both whatever.onion and muc.xmpp.org
-
jonas’
no
-
tom
outsourcing the problem isn't fixing the problem
-
tom
and there's still an actual need for anonymous logon
-
jonas’
yes, but that could then be limited to non-tor users
-
jonas’
this is similar to what IRC networks have been doing
-
tom
defeats the whole purposes of anonymity
-
jonas’
no
-
jonas’
it defeats some purposes, but not all of them
-
tom
breaks things for tor users
-
Харпер
how?
-
jonas’
yes, but that’s the fault of the people abusing tor
-
tom
if your block tor entirly
-
jonas’
re anonymity: muc.xmpp.org can still not know who the user really is. the onion service also does not learn the users real IP address.
-
tom
just just treat tor exit nodes like any other ip on the internet and do automatic temporary blocks
-
jonas’
it would only be blocked entirely for anon
-
tom
there's an accessibility factor too
-
jonas’
that’d be feasible if fully automatic blocks were feasible, but they are not
-
jonas’
manual action is required to determine that an XMPP message is spam, nobody has figured an automatism so far.
-
tom
that means the user has to know about and setup an account on a onion server
-
jonas’
yes
-
jonas’
that’s tough
-
jonas’
but on the other side of the equation there is the factor of limited resources of dealing with abuse.
-
tom
that's an accessibility issue. the whole point of anonsasl was to make things more accessible to everybody
-
jonas’
as always
-
jonas’
either way
- jonas’ &
-
tom
» <jonas’> manual action is required to determine that an XMPP message is spam, nobody has figured an automatism so far. when someone bans someone on your server, and other channels start banning them too that could be a good indicator if we had something to track
-
jonas’
that’s... way too slow in my opinion
-
jonas’
and the spam came from at least two different IP addresses in two different channels, so it’s not going to work
-
tom
what's a reasonable time for you to metigate spam?
-
jonas’
(with IP based bans from tor abuse)
-
jonas’
but yes, we need such a protocol to exchange information about abusers in real time, however, it’s complex and this is not the venue to develop it
-
tom
do we though?
-
qy
no.
-
tom
torexit abusers don't happen nearly as much or to every single ip on the internet as people seam to think it does
-
tom
my small site is probably fine
-
tom
in fact
-
jonas’
tom, yes, we need such a protocol, but it’s unrelated to Tor abuse, more a general spam-wave thing
-
tom
chinese telecom ip addresses and russian cellphones are much more of a problem for me than tor exits
-
tom
and it's not really that big of a problem with my fail2ban sensors
-
tom
jonas’: look at DCC and pyzor
-
tom
(distributed checksum clearinhouse)
-
tom
it's one of the protocols i use for that exact purpose on email
-
tom
https://www.rhyolite.com/dcc/
-
jonas’
doesn’t sound like something which would help with all of that "hello" spam.
-
tom
https://www.pyzor.org/en/latest/
-
Харпер
on a different note why is it not possible to apply bogofilter to xmpp?
-
Харпер
moparisthebest, said it was because messages are too short
-
moparisthebest
to be clear that's what I recall reading somewhere, I'm no expert
-
Харпер
not disagreeing with you, it sounds reasonable
-
Харпер
but is it one of those things that really isn't possible, or does it happen that it might actually work really well just no one has tried
-
tom
i don't see why you couldn't anyways
-
Харпер
surely someone has tried?
-
tom
just reduce the weight of the bogo or fuzzy hash scoring system in your overwall anomaly scoring system
-
tom
i bet like most spam metigation tech actually in use it would be beneficial as one componet as part of a large collection of things
-
mjk
> messages are too short Concat multiple messages? Won't do insta-filtering, and wouldn't help with one-shot messages, but could still help by marking users as spammy
-
xorman
proof of work for friend requests? is there a XEP for this already?
-
xorman
does Pleroma chat use XMPP?
-
mike
No it's all done with activitypub over HTTPS.
-
xorman
great
-
xorman
gives me a new idea for a round shaped object
-
tom
what is that xorman?
-
xorman
it's intended for carrying objects
-
xorman
gotta patent it
-
xorman
I shall call it "wheel"
-
tom
>not naming a trendy new re-implementation of a tech thing after greek mythology
-
tom
> or purposefully misspelling it and then adding ify to the end
-
tom
or r