XMPP Service Operators - 2021-12-06

  1. MattJ

    I glanced over the DCC source... it's very email-specific

  2. kikuchiyo

    MattJ: yes, but the idea is worth thinking about.

  3. kikuchiyo

    > 1. How do you share this info in a privacy respecting way? fuzzy hash of public messages only, more under _Privacy_ there https://www.dcc-servers.net/dcc/dcc-tree/dcc.html > 2. Once spammers catch on, how does it handle slightly changing messages? > The fuzzy checksums are changed as spam evolves. Since DCC started being used in late 2000, the fuzzy checksums have been modified several times. https://www.rhyolite.com/dcc/

  4. kikuchiyo

    MattJ: it is not a out of the box solution, just a promising path to a better solution than XEP-0377

  5. Martin

    > kikuchiyo: I think you are right that there is no reason for the same message to be pasted across multiple mucs, now: Emus will quickly be banned for announcing the newsletter in some MUCs. 😁

  6. Menel

    And all the newcomers, cross posting a question.. Its not right, but automatic ban might be a bit much for them

  7. Licaon_Kter

    Martin: emus doesn't do it, I do :))

  8. Martin

    Then we'll ban you!!1!

  9. Licaon_Kter

    Or ban myself...

  10. kikuchiyo

    > And all the newcomers, cross posting a question.. 😁

  11. kikuchiyo

    > Martin: emus doesn't do it, I do :)) I would make you member in my rooms so it wouldn't apply to you.

  12. emus

    ^^

  13. kikuchiyo

    > daniel90 appeared in my room yesterday and said that we are just a bunch of clowns with personal servers and better he start using Whatsapp and be sheep like other people and requested banning him > I thought we were wronged him and he is upset about it so I decided to contact him and know what he is looking for > He said that he is looking for guys with strong IT skills to make money together, I said ok I have skills, what's your project? > He wants to scrape xmpp.jp's JIDs using his link https://www.xmpp.jp/vcard/NICKNAME and he already has this list of 900k JIDs https://paste.sx/uk3uxy4k2h and wants another 900k > I said I can do it how much money will you pay? > He said that I bring money if I have success and refused to explain what he want to do with the list then blocked me, maybe he felt that I'm wasting his time trying to get informations

  14. kikuchiyo

    John ^

  15. Sapotaceae

    How is he scraping jids?

  16. Sapotaceae

    The server exposes them?

  17. Sapotaceae

    And that list only has 35k entries

  18. Sapotaceae

    Find it hard to believe there are actually 2million accounts on there

  19. moparisthebest

    xmpp.jp exposes all vcards doesn't it ?

  20. moparisthebest

    we've talked about it before I think

  21. Sapotaceae

    But my gist was they weren't soliciting services but were instead advertising money scams

  22. Martin

    > How is he scraping jids? > The server exposes them? https://www.xmpp.jp/vcard

  23. Licaon_Kter

    > we've talked about it before I think _Nothing to hide_

  24. tom

    What is the practical risk of doing compression within tls?

  25. tom

    a lot of implementations disable it by default out of some security reason, but compression would be really useful for clients on constrained networks

  26. Sapotaceae

    Beast and crime?

  27. tom

    yes

  28. tom

    i believe so

  29. tom

    CRIME

  30. moparisthebest

    tom, https://blog.thijsalkema.de/blog/2014/08/07/https-attacks-and-xmpp-2-crime-and-breach/

  31. tom

    thankyou moparisthebest

  32. Sapotaceae

    But it is safe to compress static content that is then encrypted, correct?

  33. tom

    moparisthebest, on your website it would be nicer to read if the recent posts/donations was the the bottom of the page after the article rather then along side it so when I have the browser window taking up a panel on my screen it does have half the page wasted by blank whitespace at the middle and bottom of the article

  34. moparisthebest

    tom: oh, not mine

  35. tom

    oh