XMPP Service Operators - 2024-03-04


  1. nuegia.net

    I have updated the terms of service for moderators/admins here: http://www.nuegia.net/services_draft.xhtml . Bullet points 7, 8, and 9 have been added. New rules are now in effect.

  2. nuegia.net

    also, I've rerouted packets through a new router in a different location. This should improve latency greatly.

  3. nuegia.net

    If anybody is still having an IPv6 connectivity issue let me know.

  4. nuegia.net

    I'm working on setting up a new transition proxy for IPv4-only users now.

  5. rewtkid

    nuegia.net: regarding the "public muc directory" bit in your ToS, do you have your own muc directory? i was denied from search.jabber.network because i would not update the rules of my free speech chat.

  6. rewtkid

    even though the admin lists other mucs with the exact same rules and topic as mine, which is kind of ironic.

  7. nuegia.net

    I'm reffering to running disco on the muc subdomain

  8. nuegia.net

    I only list mucs hosted on my servers there.

  9. nuegia.net

    IPv4 connectivity should be restored. Can someone help me test it?

  10. snikket dot deeeeee

    Doesn't work yet nuegia.net.

  11. snikket dot deeeeee

    For ipv4, the server sends EOF (xmpp-dns -t nuegia.net)

  12. agris

    oh

  13. agris

    snikket dot deeeeee, what is xmpp-dns?

  14. nuegia.net

    snikket dot deeeeee, try again now

  15. Polarian

    > snikket dot deeeeee, what is xmpp-dns? DNS over XMPP? sounds like moparisthebest dumb ideas again :P

  16. ben

    sounds ass backwards

  17. jonas’

    language

  18. Guus

    Be kind(er) people. Do not discredit someone's ideas as dumb if you do not see the benefit of it yourself.

  19. Guus

    What's that saying? The greatest inventions were made by people to dumb to understand that it could not possibly work?

  20. ben

    jonas is right

  21. ben

    it's not a dumb idea, it's just interesting because it's backwards; xmpp relies on dns to function, so doing dns over xmpp introduces some chicken and egg dilemma

  22. ben

    technically you can do anything over xmpp, though

  23. MattJ

    agris: xmpp-dns is a command-line utility for checking an XMPP server's DNS records (and more). It's packaged in Debian, and the source is here: https://salsa.debian.org/mdosch/xmpp-dns

  24. snikket dot deeeeee

    nuegia.net: works now. Ipv4 βœ… With this nice little helper tool that I can recommend ^

  25. Polarian

    > Be kind(er) people. Do not discredit someone's ideas as dumb if you do not see the benefit of it yourself. I was kidding hence the ":P" and moparisthebest knows that considering we argue constantly in another MUC :)

  26. Polarian

    > agris: xmpp-dns is a command-line utility for checking an XMPP server's DNS records (and more). It's packaged in Debian, and the source is here: https://salsa.debian.org/mdosch/xmpp-dns Oops forgot this existed

  27. ru_maniac

    folks, quick question am I correct that currently there's zero clients working under Windows and supporting A/V a la Conversations? I've checked a few: Gajim and Pidgin have their A/V broken, Psi never got to it, and there's only barely working Windows port of Dino

  28. Licaon_Kter

    ru_maniac: dino unofficial

  29. ru_maniac

    yes, I've mentioned it

  30. ru_maniac

    I'm just sanity checking myself

  31. ru_maniac

    we're just considering a full company move to XMPP, and I need some bone to throw to the Windows lovers

  32. MattJ

    ru_maniac, is Dino on Windows really "barely working"? I've heard reports from people happily using it (but I don't have a Windows machine to test it myself)

  33. MattJ

    You can also consider web clients, Movim supports calls for example

  34. Licaon_Kter

    ru_maniac: that dino is like a few commits behind main Dino, maybe the simplicity of the UI throws you off? :)

  35. ru_maniac

    > ru_maniac, is Dino on Windows really "barely working"? I've heard reports from people happily using it (but I don't have a Windows machine to test it myself) toasts and desktop notifications are broken, GPG is broken

  36. ru_maniac

    > You can also consider web clients, Movim supports calls for example Movim can WebRTC call from browser?

  37. ru_maniac

    > ru_maniac: that dino is like a few commits behind main Dino, maybe the simplicity of the UI throws you off? :) it's almost a year old, tbh

  38. MSavoritias (fae,ve)

    > > You can also consider web clients, Movim supports calls for example > Movim can WebRTC call from browser? it has calls yeah

  39. MSavoritias (fae,ve)

    also there are multi party calls coming this year afaik

  40. roughnecks

    but OMEMO support is unreliable at best

  41. ru_maniac

    I've tested group calls in Dino, works quite good, hence why I'm clinging to it

  42. MSavoritias (fae,ve)

    true but i dont think that matters for a company setup at all imo

  43. ru_maniac

    > true but i dont think that matters for a company setup at all imo it matters since service should be accessible from regular internet

  44. ru_maniac

    TLS alone ain't going to cut it from security standpoint

  45. MSavoritias (fae,ve)

    i dont see what omemo has to do with that

  46. MattJ

    That's wrong, but I'm finding it hard to find the words to explain why :)

  47. MattJ

    TLS is what you care about, if you want to protect stuff over the public internet

  48. ru_maniac

    E2E is a hard requirement from our security, not from me

  49. MattJ

    OMEMO is a different layer

  50. ru_maniac

    I understand that

  51. MattJ

    If your TLS is broken, you're going to have a lot of problems that OMEMO will not protect you from

  52. MattJ

    If your TLS is not broken, OMEMO won't add anything beneficial if everyone is connecting to a trusted server

  53. MSavoritias (fae,ve)

    also i cant imagine why a company would want to host chats it cant read between people

  54. ru_maniac

    I understand that as well, but I gotta work with what's in front of me

  55. MSavoritias (fae,ve)

    and yeah omemo is useless if you own the server

  56. ru_maniac

    > and yeah omemo is useless if you own the server quite useful in case of a device loss

  57. MattJ

    Not if the keys are on the device that got lost

  58. ru_maniac

    otherwise we would've used PGP

  59. MattJ

    E2EE specifically doesn't protect against device loss, it ensures that the device (and only the device) can decrypt things, it doesn't protect against someone malicious who has access to the device

  60. MSavoritias (fae,ve)

    why is it a requirment for the chats to be not readable by the server?

  61. MSavoritias (fae,ve)

    i wonder if its legal also. company wide

  62. MattJ

    Sometimes it is, sometimes it isn't, depending on jurisdiction and the transparency requirements

  63. MattJ

    (which also varies by industry)

  64. ru_maniac

    > why is it a requirment for the chats to be not readable by the server? > > i wonder if its legal also. company wide quite legal

  65. ru_maniac

    and quite useful in our jurisdiction

  66. MSavoritias (fae,ve)

    sure. i guess you are in an industry that can do it

  67. ru_maniac

    why do you think that it is illegal to E2E chats on corporate service in the first place?

  68. ru_maniac

    just wondering

  69. MSavoritias (fae,ve)

    its not legal for some industries and/or in some places

  70. MSavoritias (fae,ve)

    and also i dont imagine why a company would want to do it as i said

  71. MSavoritias (fae,ve)

    because liability, and harrassement and such

  72. ru_maniac

    different businesses have different needs, that's all I can say about that

  73. MattJ

    Because in some jurisdictions and sectors, it is illegal, because transparency may be required. For example, military, healthcare, and such (e.g. I assume some regulated financial businesses).

  74. ru_maniac

    well we're none of those

  75. MattJ

    IANAL, and we're not going to tell you if it's legal or not for you

  76. ru_maniac

    sure, I'm not here for that

  77. MattJ

    I just wanted to correct your statement about OMEMO being required on the public internet. It protects against server interference and compromise, mostly, while TLS is what protects your connection over the internet.

  78. MattJ

    You want things like channel binding to be enforced, if you're worried about compromise at the TLS layer

  79. ru_maniac

    I'm not arguing with that in the slightest, to be on the same page

  80. ru_maniac

    but as you have mentioned, it is useful in case of server compromise

  81. ru_maniac

    which is quite common in our country in recent years, unfortunately

  82. MSavoritias (fae,ve)

    if omemo is a requirment for windows dino is your only choice probably.

  83. MSavoritias (fae,ve)

    but idk how good dino works or how its updated

  84. ru_maniac

    gotcha as I was saying, just doing a sanity check

  85. moparisthebest

    > and yeah omemo is useless if you own the server MSavoritias (fae,ve): well not "useless" because servers (and backups) do get compromised or stolen etc, but certainly not a hard requirement like when using a public server

  86. MSavoritias (fae,ve)

    right. wrong choice of words

  87. moparisthebest

    I think pidgin has OMEMO plugins these days, 2 last I looked

  88. moparisthebest

    I'd still recommend Dino over it though, also gajim runs on windows right?

  89. MSavoritias (fae,ve)

    they want calls too

  90. moparisthebest

    ah ok, Dino it is then... Or movim

  91. ru_maniac

    in any event, thanks everyone, and my apologies for poor wording on my part

  92. MattJ

    Good luck :)

  93. TheCoffeMaker

    afaik dino doesn't do videocalls on windows, but maybe they found a solution ... if u want calls in windows movim is the way to go

  94. TheCoffeMaker

    gajim run on windows last time I had to help a windows user πŸ˜–

  95. TheCoffeMaker

    gajim runs on windows last time I had to help a windows user πŸ˜–

  96. MSavoritias (fae,ve)

    ah right they use gstreamer. forgot :/

  97. ru_maniac

    > afaik dino doesn't do videocalls on windows, but maybe they found a solution ... if u want calls in windows movim is the way to go it does

  98. ru_maniac

    I've tested earlier today between Dino on Windows and Conversations

  99. ru_maniac

    both voice and video work both ways, and Dino was able to upgrade an audio only call to video

  100. TheCoffeMaker

    ru_maniac: thx

  101. TheCoffeMaker

    will tell to our users

  102. ru_maniac

    be aware that it's a bit funky, and message notifications might be broken

  103. TheCoffeMaker

    oh oki