XSF Discussion - 2018-01-26


  1. jjrh has left

  2. jjrh has left

  3. moparisthebest has left

  4. Zash has left

  5. SamWhited has left

  6. SamWhited has joined

  7. uc has joined

  8. moparisthebest has joined

  9. la|r|ma has left

  10. vanitasvitae has left

  11. lumi has joined

  12. SamWhited has left

  13. SamWhited has joined

  14. jjrh has left

  15. lskdjf has joined

  16. Steve Kille has left

  17. uc has joined

  18. Steve Kille has joined

  19. tux has joined

  20. tux has joined

  21. jjrh has left

  22. jjrh has left

  23. SamWhited has left

  24. Dave Cridland has left

  25. boothj5 has left

  26. vanitasvitae has left

  27. boothj5 has joined

  28. jere has left

  29. jere has joined

  30. hannes has left

  31. hannes has joined

  32. la|r|ma has left

  33. uc has joined

  34. moparisthebest has left

  35. la|r|ma has left

  36. jere has left

  37. Dave Cridland has left

  38. Dave Cridland has left

  39. Dave Cridland has left

  40. Dave Cridland has left

  41. Dave Cridland has left

  42. suzyo has joined

  43. Dave Cridland has left

  44. goffi has joined

  45. moparisthebest has joined

  46. zinid has left

  47. suzyo has joined

  48. zinid has left

  49. hannes has joined

  50. tux has left

  51. tux has joined

  52. ralphm has left

  53. hannes has joined

  54. ralphm has joined

  55. moparisthebest has left

  56. ralphm has left

  57. ralphm has joined

  58. ralphm has left

  59. Tobias has left

  60. Tobias has joined

  61. moparisthebest has joined

  62. ralphm has joined

  63. suzyo has joined

  64. hannes has joined

  65. hannes has joined

  66. ralphm has joined

  67. SaltyBones has joined

  68. Zash has left

  69. uc has joined

  70. SaltyBones has left

  71. ralphm has left

  72. suzyo has joined

  73. uc has joined

  74. boothj5 has left

  75. boothj5 has joined

  76. Dave Cridland has left

  77. Syndace has left

  78. Syndace has joined

  79. hannes has joined

  80. uc has joined

  81. Steve Kille has left

  82. Steve Kille has left

  83. moparisthebest has joined

  84. daniel has joined

  85. Steve Kille has joined

  86. boothj5 has left

  87. daniel has left

  88. suzyo has joined

  89. jubalh has joined

  90. Steve Kille has left

  91. uc has joined

  92. ralphm has joined

  93. Ge0rG

    Fortunately, MUC is easy to implement. https://wiki.xmpp.org/web/XEP-Remarks/XEP-0045:_Multi-User_Chat#Matching_Your_Reflected_Message

  94. Martin has joined

  95. uc has joined

  96. ralphm has left

  97. Alex has joined

  98. goffi

    Do we have any XEP/way to do item ordering beside using a specific element (e.g. <order>123</order>) and a MAM query?

  99. goffi

    I don't think so, but just in case I've missed something

  100. lskdjf has joined

  101. ralphm has joined

  102. Martin has left

  103. Martin has joined

  104. uc has joined

  105. sonny has joined

  106. jubalh has left

  107. suzyo has joined

  108. blabla has left

  109. Martin has left

  110. jubalh has joined

  111. jubalh has left

  112. jubalh has joined

  113. Martin has joined

  114. blabla has left

  115. ralphm has left

  116. jubalh has joined

  117. jubalh has joined

  118. ralphm has left

  119. uc has joined

  120. uc has joined

  121. blabla has joined

  122. moparisthebest has joined

  123. jubalh has left

  124. uc has joined

  125. uc has joined

  126. Guus has left

  127. Guus has left

  128. Alex has left

  129. jere has joined

  130. uc has joined

  131. nyco has left

  132. ralphm has joined

  133. vanitasvitae has left

  134. uc has joined

  135. remko has joined

  136. jubalh has joined

  137. nyco has left

  138. vanitasvitae has joined

  139. jubalh has left

  140. uc has joined

  141. lskdjf has joined

  142. lskdjf has joined

  143. ralphm has joined

  144. uc has joined

  145. Dave Cridland has left

  146. ralphm has left

  147. zinid has left

  148. la|r|ma has joined

  149. SaltyBones has joined

  150. ralphm has left

  151. suzyo has joined

  152. Martin has left

  153. lumi has joined

  154. boothj5 has joined

  155. Alex has joined

  156. efrit has left

  157. boothj5 has left

  158. remko has left

  159. jere has joined

  160. lumi has left

  161. ralphm has left

  162. lskdjf has joined

  163. moparisthebest has joined

  164. remko has joined

  165. hannes has joined

  166. moparisthebest has joined

  167. remko has left

  168. lskdjf has joined

  169. remko has joined

  170. jonasw has left

  171. Martin has joined

  172. sonny has joined

  173. bra has left

  174. bra has joined

  175. mimi89999 has joined

  176. ralphm has joined

  177. sonny has joined

  178. tux has left

  179. Alex has left

  180. Alex has joined

  181. Martin has left

  182. moparisthebest has left

  183. moparisthebest has left

  184. moparisthebest has joined

  185. moparisthebest has left

  186. moparisthebest has left

  187. moparisthebest has left

  188. moparisthebest has joined

  189. moparisthebest has joined

  190. moparisthebest has joined

  191. moparisthebest has left

  192. moparisthebest has joined

  193. moparisthebest has joined

  194. moparisthebest has left

  195. moparisthebest has joined

  196. Tobias has joined

  197. moparisthebest has joined

  198. moparisthebest has joined

  199. moparisthebest has left

  200. sonny has left

  201. moparisthebest has joined

  202. moparisthebest has left

  203. moparisthebest has joined

  204. Tobias has joined

  205. moparisthebest has joined

  206. moparisthebest has left

  207. moparisthebest has joined

  208. moparisthebest has left

  209. moparisthebest has joined

  210. moparisthebest has left

  211. moparisthebest has joined

  212. moparisthebest has left

  213. moparisthebest has joined

  214. moparisthebest has left

  215. moparisthebest has joined

  216. moparisthebest has left

  217. moparisthebest has joined

  218. moparisthebest has left

  219. moparisthebest has joined

  220. moparisthebest has left

  221. moparisthebest has joined

  222. moparisthebest has left

  223. moparisthebest has joined

  224. moparisthebest has joined

  225. moparisthebest has joined

  226. moparisthebest has joined

  227. moparisthebest has left

  228. moparisthebest has joined

  229. moparisthebest has left

  230. moparisthebest has joined

  231. moparisthebest has joined

  232. moparisthebest has left

  233. moparisthebest has joined

  234. moparisthebest has joined

  235. moparisthebest has joined

  236. moparisthebest has joined

  237. moparisthebest has joined

  238. moparisthebest has joined

  239. moparisthebest has left

  240. moparisthebest has left

  241. moparisthebest has left

  242. moparisthebest has joined

  243. moparisthebest has joined

  244. moparisthebest has joined

  245. Martin has left

  246. moparisthebest has left

  247. moparisthebest has joined

  248. moparisthebest has left

  249. moparisthebest has joined

  250. moparisthebest has left

  251. moparisthebest has joined

  252. moparisthebest has left

  253. moparisthebest has joined

  254. moparisthebest has left

  255. moparisthebest has left

  256. moparisthebest has joined

  257. moparisthebest has joined

  258. moparisthebest has joined

  259. moparisthebest has left

  260. moparisthebest has joined

  261. moparisthebest has left

  262. moparisthebest has left

  263. moparisthebest has left

  264. moparisthebest has joined

  265. moparisthebest has joined

  266. moparisthebest has left

  267. moparisthebest has left

  268. moparisthebest has joined

  269. moparisthebest has left

  270. moparisthebest has left

  271. bra has left

  272. bra has joined

  273. Martin has joined

  274. blabla has joined

  275. jjrh has left

  276. moparisthebest has left

  277. moparisthebest has left

  278. moparisthebest has left

  279. moparisthebest has left

  280. moparisthebest has joined

  281. moparisthebest has left

  282. moparisthebest has joined

  283. moparisthebest has left

  284. moparisthebest has joined

  285. moparisthebest has left

  286. moparisthebest has left

  287. moparisthebest has joined

  288. moparisthebest has left

  289. moparisthebest has left

  290. moparisthebest has left

  291. moparisthebest has left

  292. moparisthebest has left

  293. moparisthebest has joined

  294. moparisthebest has left

  295. moparisthebest has joined

  296. moparisthebest has left

  297. moparisthebest has left

  298. moparisthebest has joined

  299. moparisthebest has joined

  300. moparisthebest has left

  301. moparisthebest has left

  302. moparisthebest has left

  303. zinid has left

  304. jjrh has left

  305. SaltyBones

    So, why is it that a group chat with jabber doesn't give me the messages that I missed when I come back online?

  306. SaltyBones

    It seems there are some related mechanisms in place.

  307. MattJ

    There are two mechanisms for that

  308. SaltyBones

    And of course for some sorts of chat rooms in doesn't really make sense...

  309. moparisthebest

    SaltyBones: it does if mam is enabled on the muc

  310. jonasw

    moparisthebest, and the client supports it.

  311. SaltyBones

    *and you don't want crypto*

  312. jonasw

    that’s false

  313. moparisthebest

    SaltyBones: nope works fine with crypto

  314. jonasw

    OMEMO should work fine with archives

  315. SaltyBones

    That's what I heard. :)

  316. jere has joined

  317. jonasw

    OTR won’t

  318. moparisthebest

    Also pgp

  319. jonasw

    gpg too, yes

  320. moparisthebest

    Otr doesn't work in mucs at all

  321. SaltyBones

    jonasw, but then the archive will contain the decrypted messages or something, right?

  322. moparisthebest

    No

  323. jonasw

    SaltyBones, no

  324. SaltyBones

    Hm.

  325. SaltyBones

    So what you're saying is: Everything should totally work. :)

  326. jonasw

    iff both client and server support MAM

  327. moparisthebest

    and it's enabled on the muc

  328. SaltyBones

    I am currently trying to figure that out.

  329. SaltyBones

    But neither gajim nor conversations seem to be very helpful. :)

  330. zinid

    And what about forward secrecy?

  331. SaltyBones

    zinid, probably broken, cannot imagine any other way

  332. moparisthebest

    no, that depends on encryption method

  333. moparisthebest

    none with pgp, works as expected with omemo

  334. SaltyBones

    are there any clients that can display if a muc has mam or is that serverside info only?

  335. moparisthebest

    that is, each device can decrypt each message exactly once

  336. moparisthebest

    clients know, not sure if any display

  337. zinid

    How will you decode a message from archive encrypted with forward secrecy?

  338. moparisthebest

    (they have to know to know whether they can mam query or not)

  339. SaltyBones

    wait is mam not the same as server side history?

  340. moparisthebest

    as MattJ said there are 2 methods so depending what you mean probably not

  341. moparisthebest

    you want mam though, the other isn't guaranteed to be complete

  342. SaltyBones

    there are two MAMs?

  343. jjrh has left

  344. Ge0rG

    who wants forward secrecy anyway?

  345. Ge0rG

    it's even worse than cryptographic deniability.

  346. moparisthebest

    dissidents so I hear

  347. suzyo has joined

  348. SaltyBones

    Ge0rG, almost nobody but a lot of people want it on principle, including me. :)

  349. moparisthebest

    forward secrecy is actually useful unlike deniability imho

  350. Ge0rG

    SaltyBones: a lot of people have no clue.

  351. MattJ

    SaltyBones, method #1 is a simple cache of recent messages in the room. The MUC tends to send it to you by default, though clients can (and do) filter it

  352. Ge0rG

    https://dymaxion.org/essays/pleasestop.html - "Please Stop Writing Secure Messaging Tools"

  353. moparisthebest

    point being it works fine with muc + mam

  354. moparisthebest

    Ge0rG, clearly written by NSA plant

  355. MattJ

    SaltyBones, it's almost universal, but doesn't actually need client support - the recent messages are always just sent to you (most servers default to 20 or so)

  356. SaltyBones

    Ge0rG, I would agree if I thought that one of them was good enough.

  357. moparisthebest

    s/NSA/GOV_OF_YOUR_CHOICE_HERE/

  358. MattJ

    SaltyBones, which is enough to get some context on an ongoing conversation

  359. SaltyBones

    MattJ, yeah, that mechanism is pretty obvious in gajim...

  360. Ge0rG

    OMEMO is bad because you can't bind a cryptographic identity to a JID in any strong way.

  361. MattJ

    SaltyBones, there's a second method (MAM), which requires explicit client and server (i.e. MUC server) support, and supports fine-grained sync, ensuring that you can achieve a full sync of all messages that happened while you were out of the room

  362. jonasw

    MattJ, unless the server keeps CSN and other useless things in the history ;-)

  363. MattJ

    One client's useless is another client's treasure

  364. SaltyBones

    Ge0rG, I think that article is mostly crap but I would be interested in discussing. ;)

  365. jjrh has left

  366. moparisthebest

    > Ge0rG: OMEMO is bad because you can't bind a cryptographic identity to a JID in any strong way.

  367. moparisthebest

    uh and what ways do allow you to do that?

  368. moparisthebest

    I think, none actually

  369. Ge0rG

    moparisthebest: things like TOX, where your ID is your public key

  370. moparisthebest

    that's fine if you are talking about an entirely different protocol

  371. Zash

    Something something triangle

  372. moparisthebest

    that eats battery and is unsuitable for mobile

  373. SaltyBones

    IBE requires a trusted third party which I find generally undesirable

  374. Ge0rG

    Zash: something something blockchain

  375. SaltyBones

    BLOCKCHAIN!

  376. SaltyBones

    The funny thing is, blockchain derivates are actually usefull for PKI

  377. moparisthebest

    I can feel my synergies aligning already, lets get an IPO and some angel funding asap

  378. SaltyBones

    Hm...I am totally in the mood for discussing everything but I have to get some more work done. :/

  379. jjrh has left

  380. zinid

    moparisthebest: I think it's possible to avoid battery consumption with help from very simple relays

  381. moparisthebest

    I call those xmpp servers :P

  382. moparisthebest

    though, not simple

  383. zinid

    moparisthebest: "simple"

  384. Ge0rG

    https://www.wired.com/story/mobilecoin-cryptocurrency/

  385. uc has joined

  386. moparisthebest

    let me fix that title s/The Creator of Signal Has a Plan to Fix Cryptocurrency/The Creator of Signal Has a Plan to Finish Construction of His Money Fort/

  387. lskdjf has left

  388. SaltyBones

    cryptocurrencies are bullshit :p

  389. zinid

    moparisthebest: but I'm told he is a hero, you're just jealous

  390. lskdjf has left

  391. lskdjf has left

  392. lskdjf has left

  393. suzyo has joined

  394. lskdjf has left

  395. Ge0rG

    moparisthebest, SaltyBones: seriously though: OMEMO is attempting to work around the problem that JIDs are not cryptographic entities, and there will never be a perfect alignment of them.

  396. Ge0rG

    if you want E2EE without meta data leaks, XMPP is not the right tool. Have a look at something like https://briarproject.org/ instead.

  397. Ge0rG

    If you want XMPP, just give up hiding your metadata and accept reality.

  398. Ge0rG

    And once you've realized that, the added benefit of E2EE is minuscule.

  399. valo has joined

  400. SaltyBones

    The benefit of e2e is miniscule when there is metadata leakage?

  401. SaltyBones

    I completely disagree. :)

  402. lskdjf has left

  403. ralphm has left

  404. zinid has left

  405. jubalh has joined

  406. jonasw

    I’d argue that the benefit of e2ee should be miniscule since ideally we had friends&family servers exclusively

  407. MattJ

    Agreed

  408. MattJ

    I don't think it's completely pointless in any scenario, but trusted servers buys you a whole lot more

  409. SaltyBones

    That's an interesting point...

  410. SouL

    This will not be the case, at least in a not-soon future D:

  411. MattJ

    On the other hand some people really value anonymity, which goes in completely the other direction - we should just have an internet full of servers, random JIDs and use E2EE for identity proof and encryption

  412. SaltyBones

    Given that most murders are committed by spouses or whatever maybe friends and family servers should be less trusted. :)

  413. Ge0rG

    SaltyBones: so if I know my wife's password and lock screen pattern, she's still safe, right?

  414. tux has joined

  415. Ge0rG

    also related: https://dymaxion.org/essays/usecases.html

  416. SaltyBones

    It's not a good idea to argue against securing one part of a system because another part of the system might be insecure. If your wife has an affair maybe she will change her lock screen pattern...

  417. vanitasvitae has joined

  418. Ge0rG

    SaltyBones: in that case I can beat her up. (playing the devil's advocate here, obviously)

  419. Ge0rG

    SaltyBones: also I can still see which JIDs are on her roster.

  420. Ge0rG

    "So, who is sexy_patrick69@swissjabber.li?"

  421. SaltyBones

    Come on, these are all incredibly weak arguments that you can immediately invalidate by yourself.

  422. ralphm has joined

  423. SaltyBones

    This is not a useful discussion. :)

  424. SaltyBones

    How do you know you have to beat her up? Just because she changed her lock screen?

  425. Ge0rG

    SaltyBones: sure

  426. SaltyBones

    Maybe the guy she s seeing is a colleague from work and it s perfectly normal for them to talk

  427. Ge0rG

    SaltyBones: how much do you know about abusive partners?

  428. SaltyBones

    Abusive partners are not the only adversaries and abusive partners probably also come in all sorts of degrees

  429. Ge0rG

    SaltyBones: so you don't even know the attacker model you want protection from?

  430. SaltyBones

    I trust my co-admin not to read my messages I still prefer that he simply cannot when I use omemo

  431. boothj5 has joined

  432. SouL

    SaltyBones, yeah, I agree.

  433. SouL

    Even if I don't use OMEMO myself

  434. SaltyBones

    I have a sufficiently good idea of my attacker model but it's not formally defined ;)

  435. Ge0rG

    SaltyBones: I don't say that E2EE is generally bad. I merely say that it has a cost attached, and that cost is inability to restore archives, various synchronisation problems (why can't I receive messages) and multi-client woes.

  436. Ge0rG

    SaltyBones: so for the general audience, OMEMO does more harm than good.

  437. SaltyBones

    and I also like that even if my server gets owned I can still send account data and scans of legal documents to people without worrying where they might end up

  438. Ge0rG

    And I even haven't started to talk about the two incompatible flavors of OMEMO.

  439. SaltyBones

    Ge0rG, oh I completely agree that omemo isn't great but omemo is an implementation of e2e not the definition.

  440. vanitasvitae has left

  441. vanitasvitae has left

  442. SaltyBones

    Actually, gpg probably has much better usability whilst also protecting against the attacker model we just discussed

  443. Ge0rG

    SaltyBones: don't even get me started about the usability of GPG

  444. SaltyBones

    :D

  445. SamWhited

    "gpg probably has much better usability" is not something anyone has ever said with a straight face before :)

  446. SaltyBones

    only people who haven't tried ;D

  447. Ge0rG

    SaltyBones: so you haven't tried? Noted.

  448. Ge0rG

    "But I want OMEMO in the browser, and I want to access my archive!"

  449. SaltyBones

    No, GPG is death by key management...

  450. Ge0rG

    SaltyBones: OMEMO is also death by key management..

  451. Ge0rG

    or death by `adb backup`, which is even worse.

  452. SaltyBones

    Ge0rG, signal however, is not

  453. SaltyBones

    and actually omemo works okay

  454. SaltyBones

    you have to consider that even if you don't ever validate anything it still protects agains passive adversaries

  455. ralphm has joined

  456. vanitasvitae has joined

  457. Ge0rG

    SaltyBones: against passive adversaries who have admin access to your server and want to know more than just your metadata.

  458. Ge0rG

    and then it's just a command or two to add another key to your identity.

  459. uc has joined

  460. SaltyBones

    Yes, and a warning will pop-up that you can chose to not ignore and also they cannot read the history...

  461. Ge0rG

    My problem really is that with OMEMO, you have 3+x identities: your JID, your username, and a number of device keys.

  462. SaltyBones

    And that's total shit, I agree.

  463. Ge0rG

    My problem really is that with OMEMO, you have 3+x identities: your JID, your display name, and a number of device keys.

  464. Ge0rG

    and those aren't linked in any cryptographically significant way.

  465. SaltyBones

    Actually, I don't care much about JID and username...but there should only be one key

  466. SaltyBones

    Hm..what kind of linking are you thinking about?

  467. MattJ

    One key => key management becomes a real pain

  468. MattJ

    In the real world, people lose their phones

  469. Zash

    One key per what?

  470. Ge0rG

    MattJ: yeah, but what about key cross-signing. If I buy a new device before the previous one is broken, I sign my new key with the old one and my friends auto-trust it

  471. SaltyBones

    yeah, that

  472. MattJ

    if

  473. lumi has joined

  474. Ge0rG

    Is the JID encoded in the public key cert?

  475. Ge0rG

    or can I use the same OMEMO key on different JIDs?

  476. Zash

    What we need is more X.509!

  477. Ge0rG

    what's my identity? The JID or the pubkey?

  478. SaltyBones

    Zash, wait here I'll get my pitch fork.

  479. MattJ

    On the one hand you're talking about making XMPP easier to use. On the other hand you're talking about asking family members to perform key cross-signing

  480. Zash

    What is identity?

  481. MattJ

    Your identity is the JID, simple

  482. vanitasvitae has left

  483. vanitasvitae has left

  484. MattJ

    So just keep it that way

  485. SaltyBones

    gngngngn

  486. SaltyBones

    what

  487. SaltyBones

    stop

  488. SaltyBones

    the identity is the key!

  489. SaltyBones

    :)

  490. Ge0rG

    MattJ: "scan your old device with your new device to auto-configure your jabbers"

  491. MattJ

    Ge0rG, the old device is broken, stolen or lost

  492. Holger

    Ge0rG: I do WHAT?!

  493. Holger

    Ge0rG: Can't we just use WhatsApp please?! That just works!!!

  494. SaltyBones

    Yeah, or just get a pop-up: "You want to add a new device. Please confirm!" on the old phone

  495. Ge0rG

    SaltyBones: yeah

  496. MattJ

    90% of the phone upgrades in my family have been in response to breakage, loss or theft - not planned upgrades

  497. jubalh has joined

  498. SaltyBones

    MattJ, that's fine then just let them also create a new key....

  499. Ge0rG

    MattJ: now we are back to the attacker model. Are we talking about trust-by-default in the general population or about secure messaging for dissidents?

  500. MattJ

    I'm talking about the general population

  501. vanitasvitae has joined

  502. Ge0rG

    "Where's my chat history???"

  503. MattJ

    Niche markets will help themselves, they always do

  504. Ge0rG

    E2EE just doesn't work for family chats.

  505. Zash

    Trust in the server, the server is good.

  506. suzyo has left

  507. Ge0rG

    that's the next thing. The server can completely strip out the OMEMO identification on your comms. What then?

  508. vanitasvitae has left

  509. vanitasvitae has left

  510. MattJ

    Use a different server and/or don't communicate

  511. MattJ

    This is not a novel problem

  512. MattJ

    Routers can (and in some cases do) drop TLS handshake packets

  513. Ge0rG

    Yes, but OMEMO isn't mandatory on XMPP :P

  514. jonasw

    Ge0rG, e2ee seems to work for whatsapp tohugh

  515. SaltyBones

    And signal

  516. SaltyBones

    and for my bloody family even omemo works ;)

  517. Holger

    Because no verification. And no PEP!

  518. SaltyBones

    of course I just tell them to shut up when they complain ;)

  519. vanitasvitae has joined

  520. Kev

    jonasw: "works" is relative, though.

  521. jonasw

    Kev, inhowfar?

  522. SaltyBones

    Holger, PEP?

  523. Kev

    In as much as the whatsapp multiaccount story is far worse than XMPP's, and I hate losing messages, and etc.

  524. Holger

    SaltyBones: Well OMEMO uses PEP for distribution of pubkeys, and that keeps falling apart.

  525. Ge0rG

    jonasw: https://www.reddit.com/r/whatsapp/comments/68sgmx/google_drive_backup_encrypted/

  526. Kev

    (Plus the recent vulnerabilities in it)

  527. lskdjf has left

  528. lskdjf has left

  529. lskdjf has joined

  530. jubalh has left

  531. uc has joined

  532. boothj5 has left

  533. Syndace has left

  534. Syndace has joined

  535. lskdjf has joined

  536. valo has left

  537. valo has joined

  538. jonasw

    whatsapp loses messages?

  539. jonasw

    that’s new to me

  540. lskdjf has joined

  541. Kev

    It does when you lose your phone.

  542. tux has joined

  543. SaltyBones

    hehehe

  544. daniel has joined

  545. xnyhps has left

  546. xnyhps has joined

  547. waqas has joined

  548. SaltyBones has left

  549. jjrh has left

  550. Steve Kille has left

  551. Steve Kille has left

  552. jjrh has left

  553. jubalh has joined

  554. la|r|ma has left

  555. jubalh has left

  556. Dave Cridland has left

  557. Martin has left

  558. ralphm has left

  559. Steve Kille has joined

  560. jjrh has left

  561. blabla has joined

  562. lskdjf has left

  563. lskdjf has left

  564. lskdjf has left

  565. lovetox has joined

  566. jjrh has left

  567. jjrh has left

  568. jjrh has left

  569. daniel has left

  570. suzyo has joined

  571. Steve Kille has left

  572. jjrh has left

  573. Dave Cridland has left

  574. ralphm has joined

  575. ralphm has left

  576. zinid has left

  577. SaltyBones has joined

  578. la|r|ma has left

  579. mimi89999 has left

  580. mimi89999 has left

  581. uc has left

  582. mimi89999 has joined

  583. uc has joined

  584. ralphm has joined

  585. suzyo has joined

  586. tux has joined

  587. Alex has left

  588. Tobias has joined

  589. waqas has left

  590. lskdjf has left

  591. remko has joined

  592. remko has left

  593. Alex has joined

  594. uc has joined

  595. lskdjf has joined

  596. nyco has left

  597. ralphm has joined

  598. lskdjf has left

  599. uc has joined

  600. ralphm has joined

  601. uc has left

  602. Alex has left

  603. uc has joined

  604. lskdjf has joined

  605. suzyo has joined

  606. pep.

    https://www.reddit.com/r/whatsapp/comments/68sgmx/google_drive_backup_encrypted/dh1w7j3/ "This is where you are wrong"

  607. ralphm has joined

  608. Zash

    -xkcd 538

  609. Guus has left

  610. pep.

    heh, I had never seen the alt comment

  611. Zash

    Bunneh: Meh

  612. Zash

    Where is your wrench now?

  613. lovetox has left

  614. Guus has left

  615. Alex has joined

  616. hannes has left

  617. hannes has joined

  618. leonardbadi has joined

  619. lskdjf has joined

  620. leonardbadi has left

  621. lskdjf has joined

  622. suzyo has left

  623. suzyo has joined

  624. mimi89999 has joined

  625. sezuan has joined

  626. ralphm has joined

  627. waqas has joined

  628. waqas has left

  629. sezuan has left

  630. sezuan has joined

  631. waqas has joined

  632. goffi has left

  633. suzyo has joined

  634. lskdjf has joined

  635. blabla has left

  636. Dave Cridland has left

  637. Dave Cridland has left

  638. jjrh has left

  639. ralphm has joined

  640. jjrh has left

  641. valo has left

  642. valo has joined

  643. ralphm has joined

  644. moparisthebest

    even in the case of trusted servers, I guess all servers are secure and all software well configured? that's not exactly the impression I get

  645. moparisthebest

    my xmpp server is in a closet in my house that I'm pretty confident is physically secure, and I like to consider myself competent enough security-wise that no one can hack in, but everyone makes mistakes, and no doubt some software has bugs

  646. moparisthebest

    e2e protects against that too

  647. moparisthebest

    even just the passive BTBV variants

  648. ralphm has joined

  649. Holger

    Eww all your stanzas pass through a closet?

  650. moparisthebest

    they do :)

  651. Holger

    Oh the dictionary says "closet" != "toilet".

  652. Holger

    Ah the dictionary says there's both meanings :-)

  653. Holger

    The German "Klosett" is always a toilet.

  654. moparisthebest

    hmm never heard of that meaning, language, fun stuff

  655. moparisthebest

    I mean where you'd normally hang clothes in a bedroom :)

  656. Holger

    That's ok then :-)

  657. jjrh has left

  658. moparisthebest

    though, an xmpp server inside a toilet would be EXTRA physically secure

  659. moparisthebest

    I mean, you can grab it, if you want to, be my guest

  660. zinid

    moparisthebest, secure enough if you have no friends

  661. jjrh has left

  662. jjrh has left

  663. lumi has left

  664. lumi has joined

  665. moparisthebest

    I just got around to reading your "Please Stop Writing Secure Message Tools" blog thing Ge0rG https://dymaxion.org/essays/pleasestop.html

  666. moparisthebest

    but it seems like, don't write them unless they check all these boxes

  667. moparisthebest

    and xmpp checks every single box

  668. moparisthebest

    except it could maybe deal with a little less metadata, but even then, it's scattered all over vs in one silo

  669. lovetox has joined

  670. ralphm has joined

  671. Zash

    something something threat model

  672. lskdjf has left

  673. moparisthebest

    that crap where if the NSA isn't after you you don't need encryption is just that, crap, everyone needs privacy

  674. lskdjf has left

  675. moparisthebest

    and if it's a little less user friendly than not encrypted, work on that, see letsencrypt for example

  676. zinid

    moparisthebest, do those people dumping their lives in instagram need privacy too?

  677. zinid

    privacy is a broad term

  678. moparisthebest

    sure, you choose what you want public or not

  679. lskdjf has left

  680. pep.

    zinid, maybe they live double lives, and one of them is protecting the other by sending crap on instagram!!

  681. zinid

    who knows

  682. Dave Cridland has left

  683. jubalh has joined

  684. Holger

    moparisthebest: If someone says he doesn't like Bananas that's crap, everyone does!

  685. jubalh has joined

  686. jubalh has joined

  687. Dave Cridland has left

  688. Dave Cridland has joined

  689. moparisthebest

    that would be a preference vs a statement of fact I guess

  690. Holger

    Sure sure.

  691. zinid

    "everyone needs privacy" sounds like a statement of fact ;)

  692. zinid

    the problem is in definition of privacy

  693. moparisthebest

    it's identical to the TLS vs plaintext debate honestly

  694. moparisthebest

    and that seems fairly settled nowadays that everything needs to be TLS doesn't it?

  695. Holger

    It's not identical in the case of TLS for c2s.

  696. moparisthebest

    a valid argument is/was that TLS is harder than plaintext, has useability problems etc etc

  697. Holger

    At least not when using PLAIN SASL.

  698. zinid

    moparisthebest, TLS is slow shit, I use plain http wherever possible

  699. moparisthebest

    haha but you are wrong

  700. moparisthebest

    TLS is faster in many cases nowadays

  701. Zash

    It's not "everyone needs privacy", it's > No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

  702. Zash

    It's a human right. Whatever the of privacy is.

  703. zinid

    moparisthebest, sure, you know better

  704. Zash

    It's a human right. Whatever the definition of privacy is.

  705. lskdjf has left

  706. moparisthebest

    zinid, don't take my word for it https://www.troyhunt.com/i-wanna-go-fast-https-massive-speed-advantage/ https://istlsfastyet.com/

  707. moparisthebest

    plain http today is slower than https, there is no debate about it

  708. zinid

    that's why I use http on some sites, I'm just blind and cannot see how https is much faster

  709. ralphm has joined

  710. Zash

    but is it fast enough to counteract the ever increasing bloat?

  711. lskdjf has left

  712. Zash

    ... no, it just encourages more bloat

  713. blabla has left

  714. Zash

    can't have fast things

  715. moparisthebest

    says a guy who enjoys shuffling XML streams around... :)

  716. Zash

    pretty sure my messages aren't in the order of megabytes

  717. Guus has left

  718. SamWhited

    neither are my webpages; they're still ~20% faster if I'm using TLS.

  719. waqas

    I've been browsing with JS disabled, or selectively first-party-only enabled, and it has been a pretty great experience.

  720. zinid

    my 1-hour poezio's XML log is 300kb, horrible bloat

  721. SamWhited

    Oh, TLS won't speed anything up on XMPP, but it's not slow either. Basicaly negligable.

  722. zinid

    and here come servers where you need twice RAM to support TLS connections

  723. SamWhited

    You really don't

  724. SamWhited

    Machines are optimized for it these days; TLS's extra resource use is basically negligable unless you have a much bigger server than I think you do.

  725. moparisthebest

    even google, which has servers way bigger than any xmpp deployment, says it's essentially no overhead

  726. zinid

    ever tried to connect 1M of XMPP sessions?

  727. moparisthebest

    and that was years ago

  728. zinid

    with TLS or without

  729. moparisthebest

    TLS

  730. Zash

    You are both wrong. More than negligable, but not double memory consumption.

  731. Zash

    TLS handshakes are quite the CPU hog too.

  732. zinid

    moparisthebest, because HTTP doesn't have long-lived connections

  733. moparisthebest

    the long lived part really is 0 overhead

  734. zinid

    yeah, sure ;)

  735. moparisthebest

    any overhead is just on setup, so from that perspective, http over TLS is more overhead than xmpp over TLS

  736. moparisthebest

    and since https isn't a problem, xmpps certainly isn't

  737. zinid

    even nginx author says it's about 50k-100k overhead per connection

  738. moparisthebest

    zinid, I mean you were right in 2005 for sure, maybe even 2008 or whatever, whenever aes-ni became a thing

  739. ralphm has joined

  740. zinid

    there is a recent issue in our bugtracker where a guy complaining about huge memory consumption when TLS is enabled

  741. zinid

    30Gb overhead

  742. zinid

    on 1M connections

  743. zinid

    but, possible, 30Gb is nothing for google

  744. moparisthebest

    is that a public bugtracker? sounds interesting

  745. zinid

    sure

  746. zinid

    it's on github issues, but I'm too lazy to find it, anyway, Holger will not let me lie, he laughed at the issue too ;)

  747. Guus has left

  748. SamWhited

    What's the total memory usage?

  749. moparisthebest

    iirc when google forced https for gmail the usage increase was like 1.2% and that was pre-http2

  750. moparisthebest

    can't actually find that right now...

  751. zinid

    SamWhited, 70Gb or so, I don't remember actually

  752. jubalh has left

  753. moparisthebest

    https://github.com/processone/ejabberd/issues/2062

  754. moparisthebest

    is that it?

  755. zinid

    yes

  756. moparisthebest

    impressive

  757. moparisthebest

    how much memory does the rest of a connection take?

  758. moparisthebest

    what % is 50kb

  759. zinid

    it's highly depends on usage, roster size and so on

  760. zinid

    *it

  761. SamWhited

    That does seem high; 50k of overhead per connection is much more than I've ever seen; not sure what that could be.

  762. moparisthebest

    if a non-tls session takes 1mb of ram and tls adds 50kb, that's 0.09% increase?

  763. zinid

    I think he counted wrong, I'm trying to calculate now and I get numbers far above 90Gb if I do 2Mx50kb

  764. moparisthebest

    yea that's true

  765. zinid

    anyway, 50-100kb is a typical overhead I see in stress tests, so...

  766. Zash

    https://www.zash.se/prosody-graphs.html .... is that like 15kb/conn for tls? I might have forgotten how to read those graphs

  767. Zash

    Dat CPU usage tho

  768. moparisthebest

    but really the % matters, if that's only a 0.09% increase well...

  769. zinid

    moparisthebest, that's not 0.09% increase, in production we offload TLS because huge RAM machines are expensive, so we split the RAM between the machines

  770. Holger

    First random Google hit: > OpenSSL tends to allocate about 50KB of mem­ory for each connection. https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html

  771. zinid

    why would we do this crazy shit if there was negligible overhead?

  772. Zash

    Something something release buffers?

  773. moparisthebest

    how much do you allocate for a regular XMPP connection though is what I'm wondering

  774. zinid

    Zash, the option is set

  775. moparisthebest

    my hunch is it's so much more than 50kb that 50kb is negligble

  776. Holger

    Isn't that option for freeing memory on *idle* connections?

  777. jubalh has joined

  778. jubalh has joined

  779. jubalh has joined

  780. zinid

    moparisthebest, for empty roster c2s it's no more than 50kb in fact

  781. Holger

    moparisthebest: On the two servers I'm involved with it's about 300k, but those are with all bells and whistles enabled (MAM and whatnot), so it's probably less elsewhere.

  782. zinid

    It's really hard to say, because there is a crazy garbage collector in Erlang doing some weird shit

  783. lskdjf has left

  784. zinid

    not to mention how great openssl is when you try to connect 2M :)

  785. zinid

    you need to patch it, or else it will spend most of the time in locks on a machine with a lot of CPUs

  786. lskdjf has left

  787. tux has left

  788. ralphm has joined

  789. Dave Cridland has left

  790. Dave Cridland has joined

  791. lskdjf has left

  792. Zash has left

  793. SaltyBones has left

  794. SaltyBones has joined

  795. lskdjf has left

  796. zinid has left

  797. moparisthebest has joined

  798. SamWhited has left

  799. lskdjf has joined

  800. Syndace has left

  801. Alex has left

  802. Ge0rG has left

  803. lskdjf has left

  804. Alex has joined

  805. Zash has left

  806. lskdjf has joined

  807. waqas has left

  808. lskdjf has joined

  809. lskdjf has left

  810. jubalh has left

  811. lskdjf has joined

  812. lskdjf has joined

  813. sezuan has left

  814. lskdjf has left

  815. lskdjf has left

  816. SaltyBones has left

  817. SamWhited has left

  818. jere has left

  819. jere has joined

  820. mimi89999 has joined

  821. waqas has joined

  822. waqas has left

  823. lskdjf has left

  824. lskdjf has left

  825. lskdjf has joined

  826. Holger has joined

  827. lskdjf has joined

  828. lskdjf has left

  829. daniel has joined

  830. lskdjf has left

  831. lskdjf has left

  832. lskdjf has left

  833. Holger has joined

  834. lskdjf has joined

  835. lskdjf has left

  836. lskdjf has left