XMPP Service Operators - 2021-07-29

  1. ernst.on.tour

    XEP-0157 is a serversetting. Only if you able to set it you are owner of a server ? You can disco a server and if your nick match the reported nick, you are a administrator

  2. moparisthebest

    that's member, administrators are members of iteam (official XSF position)

  3. ernst.on.tour

    You mean I'm not administrator of my own server or of this muc ? As I know MattJ use disco to fetch admins of "your" server and if matched you will be member in this muc. Maybe my english isn't good enough but I thought this was ask from Ellenor Malik or me9

  4. MattJ

    https://xmpp.org/community/channels/operators has all this information without any of the speculation :)

  5. Licaon_Kter

    Menel: > Now I'm confused about the difference between xep-0152 and 0157, but thats for another day... That was a typo... :))

  6. me9

    > MattJ wrote: > https://xmpp.org/community/channels/operators has all this information without any of the speculation :) True. But I still want to understand why the bot made me a member and if it could make spammers member similarly; the website doesn't say that. And as I said, I am no XMPP service operator.

  7. MattJ

    The website explains membership in the FAQ

  8. MattJ

    > Membership will be granted and revoked by channel moderators as they need, irrespective of whether a user is a server operator or not.

  9. me9

    Ah, so it wasn't the bot? Well, sorry for annoying all.

  10. zp1.net

    I think we should make a place where we keep such "example" spam for "learning" purposes.

  11. bung9

    İs there a any problem jabber.calyxinstitute.org?

  12. Харпер

    bung9: https://status.conversations.im/reverse/jabber.calyxinstitute.org/

  13. me9

    > bung9 wrote: > İs there a any problem jabber.calyxinstitute.org? What do you mean? Are messages not being delivered? By the way, I think that server doesn't allow unencrypted messages.

  14. Licaon_Kter

    bung9: > İs there a any problem jabber.calyxinstitute.org? It's complicated...

  15. Licaon_Kter

    Calyx admin be like > Our server is not janky, their (Compliance) requirements are dumb and/or incompatible with the basic premise of the calyx xmpp service > Like they want us to store copies of messages on the server.. no, the whole point of our server is that we can't be asked for content and we can't read content > We set up our xmpp service as a proof-of-concept, not intending for it to be actually used to a huge degree. We thought that forcing OTR would make it so 99% of people couldn't figure out how to use it. Our point wasn't to make XMPP seems great, at the expense of the principles. > I personally think XMPP is as good as dead, but some people keep liking it so we keep the server up but it's not a top priority for us to continue innovating in > Maybe when signal detaches from phone numbers that can be the future ....there you have it, now you know ¯\_(ツ)_/¯

  16. Ellenor Malik


  17. me9

    Seems like they have no idea of what XMPP actually is at all. Just wanting to cover it or something. Why host something you don't really like and what you find is dead?

  18. Wuuko

    > Calyx admin be like > ....there you have it, now you know > ¯\_(ツ)_/¯ Is there a secure server you recommend

  19. MattJ

    Licaon_Kter: citation needed

  20. Licaon_Kter

    MattJ: I need to screenshot my chat?

  21. MattJ

    Just wondered if it was a public venue

  22. Licaon_Kter

    MattJ: yes, #calyxos-dev IRC on libera.chat July 23 ~8 PM UTC, surely they have a matrix-view log thing somewhere

  23. Licaon_Kter

    Wuuko: > Is there a secure server you recommend Define your threat model

  24. Licaon_Kter

    Still Calyx admin > We already support omemo and openpgp! > It just has to be e2ee but we don't care how > And when you connect over a hidden service and some or much of the federation happens over tor hidden services that is a countermeasure against metadata analysis

  25. Licaon_Kter

    MattJ: I've asked them to at least update Prosody

  26. moparisthebest

    what version are they on ?

  27. Licaon_Kter

    > Just wondered if it was a public venue The Riseup drama was public too, did something happen? No... Let be quote myself: nickcalyx: your situation sounds like Riseup deja-vu, I'll quote myself: > https://lists.riseup.net/www/arc/xmpp-users/2021-03/msg00000.html > Elsewhere that June 2020 interview was making the rounds and everybody was like _"xmpp sucks but they tried, they heroes, we8 understand"_ etc pffft > Oh wait, #metadata was NOT the reason Else you won't recommend Matrix (DAG replicating EVERYTHING TO ALL SERVERS) or Signal (silo hosted in the US), riiiiight? Riiiiiight?

  28. Licaon_Kter

    moparisthebest: https://compliance.conversations.im/server/jabber.calyxinstitute.org/

  29. Mark

    Actually, does anyone have a riseup.net invite code?

  30. Licaon_Kter

    Mark: I loled

  31. Licaon_Kter

    So I need no make a server and appear _"hard to get into"_ ? Challenge accepted :))

  32. moparisthebest

    so a bad person could just run them out of memory until they upgraded

  33. me9

    moparisthebest: How so? Because of some bugs in old Prosody?

  34. MattJ

    me9: https://blog.prosody.im/prosody-0.11.9-released/

  35. MattJ

    That's just the most recent, there have been multiple security releases since 0.10.0

  36. moparisthebest

    tool for testing your servers here: https://www.moparisthebest.com/eatxmempp-cve-2021-32918/

  37. MattJ

    The 0.10 branch isn't even maintained now

  38. me9

    MattJ: Thanks.

  39. tom

    admin of trashserver.net here?

  40. tom

    Licaon_Kter, what are the features they are talking about

  41. Maranda[m]


  42. Licaon_Kter

    tom: umm?

  43. Ellenor Malik