XSF Discussion - 2017-02-27


  1. Mancho has left

  2. jere has joined

  3. kaboom has left

  4. Zash has joined

  5. blipp has left

  6. blipp has joined

  7. efrit has joined

  8. Mancho has joined

  9. Mancho has left

  10. Tobias has left

  11. Tobias has joined

  12. jere has left

  13. jere has joined

  14. nicolas.verite has left

  15. Zash has left

  16. vurpo has left

  17. vurpo has joined

  18. Yagiza has joined

  19. uc has joined

  20. uc has left

  21. uc has joined

  22. jere has joined

  23. uc has left

  24. uc has joined

  25. uc has left

  26. vurpo has left

  27. uc has joined

  28. vurpo has joined

  29. uc has left

  30. uc has joined

  31. uc has left

  32. uc has joined

  33. Mancho has joined

  34. Tobias has left

  35. Tobias has joined

  36. vurpo has left

  37. vurpo has joined

  38. Guus has left

  39. vurpo has left

  40. vurpo has joined

  41. SamWhited has left

  42. Guus has left

  43. Guus has left

  44. Guus has left

  45. Zash has joined

  46. Guus has left

  47. jonasw

    will there be anything interesting going on XSF-wise on the Chemitzer Linux Tage?

  48. Guus has left

  49. jonasw has left

  50. Zash has left

  51. Valerian has joined

  52. Guus has left

  53. Tobias has joined

  54. xnyhps has left

  55. efrit has joined

  56. xnyhps has left

  57. goffi has joined

  58. waqas has left

  59. bra has left

  60. Valerian has left

  61. xnyhps has left

  62. xnyhps has left

  63. Guus has left

  64. efrit has joined

  65. nicolas.verite has joined

  66. suzyo has joined

  67. uc has left

  68. uc has joined

  69. Guus has left

  70. Guus has joined

  71. vurpo has left

  72. vurpo has joined

  73. moparisthebest has left

  74. moparisthebest has joined

  75. Ge0rG

    Oh, it's that time again. I don't think there are any plans, but I'm going there

  76. Tobias has joined

  77. jonasw

    I’ll be there too, I think. Not sure which day(s) yet, gotta check the schedule of the event and my own :)

  78. vurpo has left

  79. vurpo has joined

  80. suzyo has left

  81. tobias has joined

  82. jubalh has joined

  83. blipp has left

  84. blipp has joined

  85. dwd has joined

  86. Guus has left

  87. Guus has joined

  88. SouL has joined

  89. SouL has joined

  90. Steve Kille has left

  91. Steve Kille has left

  92. Steve Kille has joined

  93. uc has left

  94. uc has joined

  95. jubalh has left

  96. mhterres has joined

  97. intosi has joined

  98. Valerian has joined

  99. suzyo has joined

  100. Kev has joined

  101. mhterres has left

  102. mhterres has joined

  103. jcbrand has joined

  104. winfried has left

  105. suzyo has left

  106. Yagiza has joined

  107. Flow has joined

  108. Valerian has left

  109. Valerian has joined

  110. Martin has joined

  111. vurpo has left

  112. vurpo has joined

  113. blipp has left

  114. Alex has joined

  115. daniel has left

  116. daniel has joined

  117. jubalh has joined

  118. uc has joined

  119. uc has joined

  120. uc has left

  121. uc has joined

  122. uc has left

  123. uc has joined

  124. Alex has left

  125. uc has joined

  126. uc has joined

  127. winfried has left

  128. Yagiza has joined

  129. Guus has left

  130. Guus has joined

  131. jubalh has joined

  132. Zash has joined

  133. Flow

    Any BOSH experts in here who can/want comment on https://github.com/igniterealtime/jbosh/pull/4 ?

  134. Zash

    jonasw: What where when?

  135. Flow

    zash: CLT in Karl-Marx-Stadt, err, chemnitz: https://chemnitzer.linux-tage.de/2017/de

  136. Flow

    Ge0rG, daniel and I where there last year

  137. mathieui

    §W 5

  138. Mancho has left

  139. MattJ

    Flow, the logic failure is that the client doesn't need to wait for an acknowledgement before it can send more requests (putting aside the normal BOSH rules about multiple open requests)

  140. dwd

    Flow, What PR#4 is saying doesn't immediately seem wrong - that one could use HTTP responses as acks - but the code doesn't appear to do this, and also what MattJ says.

  141. jere has joined

  142. Yagiza has left

  143. Flow

    Thanks MattJ, dwd. I think OPs main problem is using BOSH with only one (processing) thread. That will always cause a delay in one of the directions (if I'm not mistaken).

  144. jere has left

  145. jere has joined

  146. Guus has left

  147. Guus has joined

  148. SouL has joined

  149. vurpo has left

  150. vurpo has joined

  151. Zash

    Blocking HTTP requests?

  152. Valerian has left

  153. uc has left

  154. tobias has left

  155. uc has left

  156. uc has joined

  157. Valerian has joined

  158. Zash has left

  159. Mancho has left

  160. Zash has joined

  161. sonny has left

  162. vurpo has left

  163. vurpo has joined

  164. uc has left

  165. uc has joined

  166. uc has left

  167. uc has joined

  168. suzyo has joined

  169. uc has left

  170. uc has joined

  171. Alex has joined

  172. uc has left

  173. uc has joined

  174. vurpo has left

  175. uc has left

  176. uc has joined

  177. uc has left

  178. uc has joined

  179. daniel

    Guus: re that openfire connection issue. Is there a chance that the the upgrade somehow caused sasl mechanisms to vanish

  180. daniel

    Let's say sha1 disappearing for example

  181. uc has left

  182. uc has joined

  183. uc has left

  184. uc has joined

  185. uc has left

  186. uc has joined

  187. jere has joined

  188. Yagiza has joined

  189. Zash

    http://download.igniterealtime.org/openfire/docs/latest/changelog.html

  190. Flow

    Zash: blocking http requests?

  191. Zash

    daniel: some SCRAM changes there, maybe

  192. Zash

    Flow: Send HTTP request, wait for response before continuing with processing, have a bad time.

  193. Flow

    well that's what I think is happening in case only one thread is used with jbosh

  194. Zash

    Oh it's a client side library?

  195. Zash

    The coffee, it does nothing :|

  196. Zash

    Hey, Guus or dwd, does Openfire still do DIGEST-MD5?

  197. Zash

    Given the recent rush to hate on SHA-1, I'm impressed that nobody cares that DIGEST-MD5 is still around.

  198. sonny has left

  199. daniel

    Zash: well the 24 hours news cycle and the general alarmism applies to it security news as well

  200. Holger

    My university's server offers only PLAIN so I'm on the safe side.

  201. Link Mauve

    <3

  202. Flow

    PSA: Google announces today the accepted GSOC orgs

  203. vurpo has left

  204. vurpo has joined

  205. nyconyco has joined

  206. Flow

    In 2 h 45 minutes

  207. dwd

    Zash, DIGEST-MD5's security state hasn't really changed; the biggest weakness remains that you can churn through a lot of MD5's each second, and DIGEST-MD5 only uses three per cycle.

  208. waqas has joined

  209. dwd

    Zash, The fact it uses MD5 is *almost* irrelevant.

  210. jonasw

    isn’t it with DIGEST-MD5 that, like with PLAIN, it is enough to listen in on the connection to be able to authenticate as that user later?

  211. jonasw

    (I haven’t looked into it; it has been deprecated so I didn’t bother implementing it)

  212. Zash glares at daniel

  213. Tobias

    not to forget the interop issues with digest-md5

  214. vurpo has left

  215. vurpo has joined

  216. Zash

    dwd: I'm sure we'll receive bug reports about SCRAM-SHA-1 being terrible because SHA-1 is broken soon.

  217. dwd

    Tobias, Oh, there are lots of problems. But using MD5 isn't really one of them.

  218. dwd

    jonasw, No, it's not subject to replay.

  219. Tobias

    dwd, reply with "Patches welcome!" :)

  220. Zash

    What about active MITM?

  221. dwd

    Zash, No channel binding, so yeah, an active MITM can work.

  222. dwd

    Zash, But couldn't replay, still.

  223. uc has left

  224. uc has joined

  225. Zash

    dwd: I remember there being issues with SCRAM if you could get a client to try to auth with you.

  226. dwd

    Zash, Only in as much as you can potentially brute-force the SHA-1 and extract the plaintext equiv in a reasonable timeframe these days.

  227. vurpo has left

  228. vurpo has joined

  229. nicolas.verite has left

  230. kalkin has joined

  231. suzyo has left

  232. jonasw has left

  233. Valerian has left

  234. Valerian has joined

  235. kaboom has joined

  236. suzyo has joined

  237. Alex has left

  238. uc has left

  239. Guus has left

  240. uc has joined

  241. Guus has joined

  242. uc has left

  243. uc has joined

  244. winfried has joined

  245. uc has left

  246. tobias has left

  247. kaboom has left

  248. kaboom has joined

  249. SouL has left

  250. SouL has left

  251. sonny has joined

  252. suzyo has left

  253. uc has joined

  254. kaboom has left

  255. suzyo has joined

  256. nicolas.verite has joined

  257. vurpo has left

  258. vurpo has joined

  259. nicolas.verite has left

  260. Alex has joined

  261. Yagiza has joined

  262. vurpo has left

  263. vurpo has joined

  264. xnyhps has left

  265. vurpo has left

  266. vurpo has joined

  267. SouL has joined

  268. xnyhps has left

  269. SouL has left

  270. SouL has joined

  271. kaboom has joined

  272. vurpo has left

  273. vurpo has joined

  274. winfried has left

  275. sezuan has left

  276. sonny has joined

  277. Zash has left

  278. Zash has joined

  279. nyco has left

  280. sonny has left

  281. Valerian has left

  282. Flow

    narf, google doesn't mention 17:00 UTC any more

  283. vurpo has left

  284. vurpo has joined

  285. daniel has left

  286. sonny has joined

  287. daniel has joined

  288. jere has joined

  289. daniel

    Flow: the time line still says 1600Z

  290. Flow

    daniel: here → https://summerofcode.withgoogle.com/how-it-works/ ?

  291. xnyhps has left

  292. jonasw

    How it works: 1. we freeze your browser because you’re not using chromium (jk)

  293. daniel

    Flow, https://developers.google.com/open-source/gsoc/timeline

  294. Link Mauve

    jonasw, loaded quite fast here on Firefox nightly.

  295. jonasw

    Link Mauve: it behaves oddly when XHR is forbidden :)

  296. jonasw

    (it blocks instead of reacting on the error O_o)

  297. Link Mauve

    Weird.

  298. jonasw

    yes.

  299. suzyo has left

  300. suzyo has joined

  301. vurpo has left

  302. Zash has joined

  303. Steve Kille has left

  304. Steve Kille has joined

  305. Steve Kille has left

  306. Steve Kille has joined

  307. daniel has left

  308. daniel has left

  309. jubalh has joined

  310. uc has left

  311. uc has joined

  312. nicolas.verite has joined

  313. uc has left

  314. uc has joined

  315. sonny has joined

  316. jubalh has left

  317. uc has left

  318. uc has joined

  319. uc has left

  320. uc has joined

  321. nicolas.verite has left

  322. Yagiza has joined

  323. Flow has joined

  324. uc has left

  325. uc has joined

  326. Kev

    https://summerofcode.withgoogle.com/organizations/6327289865306112/

  327. intosi

    \o/

  328. dwd

    \o/

  329. sonny has joined

  330. Zash has joined

  331. daniel

    Awesome

  332. dwd

    Tobias, Want to tweet something from @xmpp?

  333. Valerian has joined

  334. dwd

    (Assuming Tobias is an Approved Tweeter)

  335. Kev

    I believe he is, yes. I need to get those credentials from Bear at some point.

  336. Tobias

    sure

  337. Tobias

    although i don't have any cerdentials

  338. Valerian has left

  339. Valerian has joined

  340. intosi

    We won't hold it against you.

  341. nicolas.verite has joined

  342. arc

    Kev: did you get the email yet?

  343. Kev

    arc: Nope.

  344. Kev

    I just went straight to the source :)

  345. Steve Kille has left

  346. arc

    and?

  347. Kev

    Kev 17:01 https://summerofcode.withgoogle.com/organizations/6327289865306112/

  348. arc

    nice

  349. Steve Kille has left

  350. tobias has joined

  351. Steve Kille has joined

  352. nyconyco has left

  353. uc has joined

  354. suzyo has left

  355. xnyhps has left

  356. Yagiza has left

  357. arc

    copyleft games is in too

  358. nicolas.verite has left

  359. arc

    i'll cross-link xsf on our ideas page for related organizations

  360. dwd

    I got the email, came here, and Kev had already posted.

  361. arc

    Kev: you should link xmpp related orgs on the ideas page. it helps steer students in the right direction while they're looking ;-)

  362. tim@boese-ban.de has joined

  363. kaboom

    are there any restrictions which project/persons can become a gsoc mentor for xsf?

  364. Lance has joined

  365. Valerian has left

  366. Valerian has joined

  367. Steve Kille has left

  368. mhterres has left

  369. Zash has joined

  370. nicolas.verite has joined

  371. Kev

    arc: If there's stuff you think I should do, can yo umail please?

  372. Kev

    I'm in the office until Wed night, so my mind is highly lossy at the moment.

  373. intosi has left

  374. Kev

    And now to dinner...

  375. Kev has left

  376. Tobias has joined

  377. Zash has joined

  378. kaboom has left

  379. Valerian has left

  380. Valerian has joined

  381. Valerian has left

  382. Valerian has joined

  383. Valerian has left

  384. Valerian has joined

  385. Valerian has left

  386. Guus has left

  387. Guus has joined

  388. SamWhited has left

  389. goffi has left

  390. jubalh has joined

  391. jcbrand has left

  392. jonasw has left

  393. jere has joined

  394. jubalh has left

  395. pep. has left

  396. winfried has joined

  397. vurpo has left

  398. Ge0rG

    Wow, the white house forbids staff to use Signal. http://www.politico.com/story/2017/02/sean-spicer-targets-own-staff-in-leak-crackdown-235413

  399. efrit has joined

  400. xnyhps has left

  401. Martin has left

  402. daniel has left

  403. daniel has joined

  404. SamWhited has left

  405. Valerian has joined

  406. daniel has left

  407. Zash has joined

  408. Valerian has left

  409. daniel has joined

  410. jere has joined

  411. Lance has left

  412. Lance has joined

  413. blipp has left

  414. jere has joined

  415. jere has joined

  416. tobias has left

  417. jubalh has joined

  418. Zash has joined

  419. pep. has left

  420. pep. has left

  421. blipp has joined

  422. Kev has joined

  423. daniel has left

  424. daniel has joined

  425. jubalh has left

  426. jubalh has left

  427. jubalh has joined

  428. jubalh has left

  429. vurpo has left

  430. jubalh has joined

  431. jubalh has left

  432. daniel has left

  433. daniel has joined

  434. daniel has left

  435. daniel has joined

  436. pep. has left

  437. Alex has left

  438. Alex has joined

  439. Guus has left

  440. jonasw has left

  441. Guus has joined

  442. daniel has left

  443. daniel has joined

  444. daniel has left

  445. daniel has joined

  446. winfried has left

  447. Guus has left

  448. daniel has left

  449. daniel has joined

  450. Guus has joined

  451. pep. has left

  452. moparisthebest

    Ge0rG, as usual the media gets it wrong, the headline anyway, isn't it they were forbidden from leaking private info, meh

  453. moparisthebest

    that's how I read it anyhow, either way no mention of xmpp/conversations/omemo in there and I don't know whether to be happy or sad about it lol

  454. Guus has left

  455. Guus has joined

  456. Valerian has joined

  457. daniel has left

  458. daniel has joined

  459. pep. has left

  460. pep. has left

  461. kalkin has left

  462. Valerian has left

  463. Valerian has joined

  464. Kev has left

  465. Zash has joined

  466. daniel has left

  467. daniel has joined

  468. Valerian has left

  469. moparisthebest has joined

  470. vurpo has left

  471. Kev has joined

  472. Kev has left

  473. pep. has joined

  474. andrey.utkin|dev has joined

  475. andrey.utkin|dev has left

  476. mimi89999

    I heart "fake news" more often in the last several months/year than during my entire life until the election crisis.

  477. moparisthebest has joined

  478. SamWhited has left

  479. sezuan has left

  480. mathieui

    because "fake news" were just called "lies" before then

  481. nicolas.verite has left

  482. Link Mauve

    Or conspiracy theories.

  483. Link Mauve

    Or “conspiracy theories”.

  484. SamWhited has left

  485. mimi89999 has joined

  486. Mancho has left

  487. vurpo has left

  488. vurpo has joined

  489. Mancho has left

  490. Guus has left

  491. Guus has joined

  492. Alex has left