(His JID is in the XEP, in case you're having trouble reaching him)
Guus
he's usually very responsive.
daniel
Yes
Dave Cridlandhas left
Steve Killehas left
Steve Killehas joined
marchas joined
dwdhas joined
Guushas left
Yagiza
daniel, I'd like to discuss it
Guushas left
Yagiza
Guus, I guess, discussing XEPs in the MUC is better than privately
Dave Cridlandhas left
Dave Cridlandhas left
Yagiza
daniel, I don't know if this was already discussed, but I believe the XEP is missing file hash support.
Yagiza
daniel, how do you feel about adding it?
dwdhas left
danielhas left
danielhas joined
daniel
Yagiza: who should add and who should check the hash?
Yagiza
daniel, client should add and server should check
Seve/SouLhas joined
andyhas joined
Yagiza
The idea is providing file hash in <request/> element instead of or along with file name.
Guushas left
Yagiza
A server must check the hash. If it already has file with provided hash, it must reply with <slot/> without <put/> element. Instead, it must contain <exist/> element.
Steve Killehas left
rionhas left
Yagiza
Once client received such reply it must consider that file was already uploaded to the server before and should use URL provided in <get/> element to access the file.
daniel
So this is about dedup and not integrity?
andyhas left
danielhas left
danielhas joined
Yagiza
daniel, we may neglect this possibility, like we do it with Avatars, Entity Caps and so on.
Yagiza
daniel, even bitcoin neglects possibility of duplicated wallet address. It just generates random hash. Probability of uploading two different files with the same SHA-1 (or SHA-256) on the server is about zero. So, I don't see any problem here.
Yagiza
daniel, but we get rid of unnecessary uploads, which is very useful.
Martinhas joined
daniel
Yagiza: I'm gonna keep this in mind in case I'm going to work on the XEP again
Alexhas joined
ralphmhas joined
Yagiza
daniel, ok
marchas left
Yagiza
daniel, if you have no time for that, I can try to make a PR or some other way send updates for the XEP if you like.
marchas joined
lskdjfhas joined
marc
Keep in mind that this extension may leak "sensitve" information
SaltyBones
Yagiza, if you dedup across users make sure to consider the privacy implications.
ralphmhas left
marc
SaltyBones: what I said :)
Holger
Ah I thought this was only about your own uploads. And didn't get the point.
Holger
Yes you don't want to dedup across users.
SaltyBones
marc, I know, just wanted to be explicit. ;)
Kev
It looks like a nice way to check if a service has certain files uploaded, yes.
Yagiza
SaltyBones, marc, what do you mean? Someone knowing file hash may and knowing a server where it is may get access to the file?
rtq3has left
rtq3has joined
marc
Yagiza: One would be able to automatically check if a file was shared on the server
Holger
Yagiza: What's your use case in practice? You and me uploading the same cat pic?
Yagiza
Holger, not only.
daniel
Also dog pics
Holger
Ah.
Yagiza
Holger, 1st use case: I've uploaded a pic, to embed it into my message with HXTML-IM.
Lancehas left
Yagiza
Holger, then I try o send a message with the same pic to another contact.
Kev
In that case you already know the URI and can re-use it?
danielhas left
danielhas joined
Yagiza
Kev, I must cache those URLs somewhere.
goffi
Kev: only if you are on the same device.
Yagiza
Kev, but why client must do such stupid things, if a server can?
goffi
(and client)
Yagiza
goffi, yes
danielhas left
danielhas joined
Yagiza
Holger, another use case:
andyhas joined
marc
Yagiza: you could restric it for own file uploads but it would not work with OMEMO without leaking information I think
Holger
So the first use case doesn't cross user boundaries. Sounds like a corner case to me though. Not sure you want a protocol extension for optimizing a corner case.
Yagiza
marc, which leaks are you talking about?
Guushas left
daniel
marc: well the hash would be on the encrypted file
daniel
Which breaks the dedup of course
Yagiza
Holger, why not?
marc
daniel: indeed
goffi
do we have a XEP for storing encrypted files?
Holger
Yagiza: Because keep it simple. If you start optimizing corner cases you end up with an unnecessarily bloated extension nobody wants to implement. 0363 is widely adopted because of its simplicity.
Lancehas joined
marc
daniel: you could use the plain file hash but then you have to store the correspondig key on the device which leaks info and has the same issue as without this extension
flow
What Holger said
stefandxmhas left
Yagiza
Holger, what do you mean by "corner cases" now? What are use cases for this XEP, if not uploading files for sharing (and) reusing links to them?
Lancehas left
ralphmhas joined
danielhas left
danielhas joined
Holger
Yagiza: By my definition, a corner case is one that applies to no more than 7.846 percent of the uploads in practice. According to my crystal ball, your case is way below that threshold.
Yagiza
Holger, so, please tell me your vision of use cases of XEP-0363
SaltyBones
This is not super interesting in practice because http upload is restricted to small files anyway so reuploading is and storing copies is cheap.
marc
Yagiza: sharing files is the main goal
marc
Asynchronous and across multiple devices
marc
And in group chats of course
Ge0rGhas left
Holger
Yagiza: Sharing cat pics.
Holger
Or maybe even dog pics. Daniel seems to support those as well.
andyhas left
Holger
So don't tell me I have no great visions!
Yagiza
Holger, ok. And when you share cat pics, it's not supposed to share the same pic with different contacts?
Holger
Yagiza: 0363 supports that. You just re-upload.
SaltyBones
Yagiza, with small files adding dedup is just not worth the effort...
jonasw
Yagiza, either re-upload, or keep a cache of the last N links shared in your client
jonasw
you can even do that across devices, because youβ[l download them for display anyways
SaltyBones
Yagiza, if you want to share larger files maybe http_upload is not the right tool for the job?
goffi
Yagiza: Jingle-FT is more adapted for bigger file, and it already support hashes
danielhas left
danielhas joined
Guushas left
jonasw
if Http upload implementations were using SIMS, youβd even get the hash carbon-copied for free
jonasw
so you can easily dedup locally without privacy implications :)
Yagiza
Holger, well. The idea is avoiding unnecessary reuploading. And now you telling that you have to reupload the file. So, why do you call that a coner case, if you admit that the problem is common?
Holger
Yagiza: I admitted that? Didn't I already quote my crystal ball?
SaltyBones
Yagiza, he is not saying that at all. He said it is uncommon and if it happens you should reupload.
lskdjfhas joined
Yagiza
SaltyBones, I just want to add optimization where it may be easily implemented. Why do we have such optimizations for avatars, entity caps, BOB and other cases where amounts data we share is also small?
SaltyBones
Yagiza, why do you want to add that optimization?
Holger
Yagiza: Your optimization is simple, and so are the next 10 enhancements people might suggest for special use cases. The end result is no longer simple.
jonasw
Yagiza, those are vastly different use-cases
Yagiza
Holger, so, you don't agree with your crystal ball ;-)
jonasw
Yagiza, avatars optimize having to re-download the same avatar of the same entity on each presence update. This is a way more massive optimization than optimizing the upload of a link shared twice which can easily be done by the client itself.
Kev
I don't buy that the optimisation is simple, FWIW.
Yagiza
SaltyBones, 'cause I like optimizations of course! Optimizations (if they are easy to implement) are always good.
Holger
Yagiza: You lost me. Whatever. You didn't convince me it's worth it, and I'd only repeat myself at this point.
SaltyBones
Yagiza, that reason is not good enough to justify the work and complexity that it generates.
Kev
Clients remembering URIs is a pretty simple optimisation. Server doing hash checking changes the model for how it needs to be implemented on the server.
Yagiza
jonasw, IIRC making clients as simple as it possible, leaving all the job to server always was a good idea, wasn't it?
Holger
Right, it's not simple on the server side.
jonasw
Yagiza, true, but I donβt think that the use-case is even worth the trouble on either
Yagiza
SaltyBones, which complexity are you talking about?
Holger
Yagiza: The idea wasn't making servers unnecessary complex though.
Yagiza
jonasw, which troubles?
jonasw
Holger, actually, a very trivial implementation could be: (a) use hash as file name, (b) handle uploads atomically (like rsync does, itβs not too bad), (c) hash check is trivial now
jonasw
Yagiza, having to think the privacy implications especially for single-user servers through
Holger
jonasw: Sure it could be done.
jonasw
thatβs not much more complex than what implementations are doing already tbh.
danielhas left
danielhas joined
jonasw
but Iβd be worried about the privacy implications. ideally, the URLs would still be unique and ranodm per user, and thatβs where things get complicated
Holger
jonasw: But changing an existing model is not trivial no matter how simple the new solution is.
jonasw
that can probably not be done without a database anymore (for the reverse lookup (hash, user) -> user_file_url)
Yagiza
Holger, server's job become much more complex, if it will check hashes of files it store? Seriously?
danielhas left
danielhas joined
jonasw
Yagiza, at leaast it will require a namespace bump
jonasw
we donβt want those
Holger
jonasw: There's existing code to handle quotas and whatnot.
Holger
Yagiza: Yes.
jonasw
Holger, on *some* implementation s:>
Holger
jonasw: So?
Yagiza
jonasw, namespace bump? Why?
Guushas left
jonasw
Yagiza, youβre going to require the client to send a hash, IIUC
Yagiza
jonasw, yes. But all modern clients already have code to calculate SHA-1, 'cause most of XEPs implemented nowadays require it.
jonasw
Yagiza, but you still need to change the protocol
jonasw
-> namespace bump
andyhas joined
Kev
jonasw: I don't think that's true.
Yagiza
jonasw, but the protocol is still EXPERIMENTAL, so what's the problem?
Holger
It *should* be true. π
jonasw
Yagiza, it has massive deployment, thatβs the problem
Holger
(We keep having that discussion.)
jonasw
the last namespace bump caused quite a bit of disruption already
Kev
Holger: Why should it be true?
Kev
You're adding an attribute that it's easy to have backwards compat for being missing.
jonasw
Holger, Kev, yeah okay, a namespace bump *or* a discoverable feature; but then the servers are going to complain that they canβt rely on the hash and so on.
Kev
No attribute, no de-dup.
Kev
I don't see why that should need a bump.
SaltyBones
jonasw, isn't the point of the namespaces that bumps shouldn't cause disruption? :)
jonasw
SaltyBones, they cause disruption if part of the network stops supporting one specific version
jonasw
they donβt cause *erratic* disruption, just well-defined disruption, kinda
Kev
SaltyBones: No, the opposite. The point of a bump is to cause disruption.
SaltyBones
:)
Yagiza
jonasw, anyone, who implement and deploy EXPERIMENTAL XEP's do know that everything may change dramatically from version to version. SO, once again: what's the problem?
SaltyBones
In that case I agree.
Holger
Kev: I know the idea is ignoring unknown attributes, I just don't like it.
SaltyBones
Yagiza, the problem is that you are trying very hard to ignore what people here are saying..
jonasw
Yagiza, that users donβt care about EXPERIMENTAL vs. DRAFT. they care that they canβt share their catpics anymore.
rtq3has left
rtq3has joined
danielhas left
danielhas joined
Yagiza
jonasw, so, why do we need to develop XEP's? Let's just make every XEP FINAL from the beginning to avoid such problems for users.
jubalhhas joined
danielhas left
andyhas left
jonasw
Yagiza, I see your point, and I often concur. Iβm just not sure your use-case is impactful enough to warrant a breakage. and also the feature creep mentioned by Holger.
jubalhhas left
SaltyBones
Indeed, maybe this XEP shouldn't be experimental anymore if it is practically not experimental anymore.
jonasw
if we could batch this up with another breaking change (should another one happen with 0363 before it goes to draft), I think thatβd be okay.
Yagiza
SaltyBones, I didn't ignore anything, replying to almost every statement. I just want to understand your point of view.
jonasw
or making it entirely optional, as Kev suggested.
jonasw
might be the case that nobody implements it. which will lead to clients not supporting it and when a server does eventually implement it, theyβll notice that no client can do it and *bam* they drop support of it
SaltyBones
jonasw, that's a lot of wasted effort ;)
jonasw
yeah
jonasw
I try to recall where that kind of thing happened to me⦠I think with vcard-avatar vs. pep-avatar. or pep-bookmarks vs. private-xml-bookmarks.
Yagiza
jonasw, yes. Making it optional is a good idea. But this solution will work even with a DRAFT XEP.
jonasw
lots of effort only to realize that nobody supports it.
jonasw
anyways, lunch
lskdjfhas joined
la|r|mahas joined
la|r|mahas joined
SaltyBones
Yagiza, the problem is that it will always be too much work to do anything if people don't believe that it is necessary. And at least the people in here apparently don't.
marchas left
Yagiza
SaltyBones, I'm not sure. You and Holger. Who else?
SaltyBones
You don't have to be sure you can keep discussing but I'm out. ;)
stefandxmhas left
Yagiza
Yes. I guess, discussion is over. Everyone, who was interested shared their opinion, Now it's up to daniel, what to do next.
jerehas joined
marmistrzhas left
Martinhas left
jubalhhas joined
lskdjfhas left
lskdjfhas left
Martinhas joined
ovohas left
ovohas joined
rionhas joined
la|r|mahas joined
lskdjfhas joined
Guushas left
marmistrzhas left
Martinhas left
Martinhas joined
marchas joined
andyhas joined
Guushas left
la|r|mahas left
la|r|mahas joined
andyhas left
andyhas joined
danielhas joined
Guushas left
andyhas left
marchas left
andyhas joined
Guushas left
blablahas left
SaltyBoneshas left
andyhas left
vanitasvitaehas left
efrithas joined
rtq3has left
rtq3has joined
Guushas left
Guushas left
andyhas joined
rtq3has left
rtq3has joined
andyhas left
Ge0rGhas left
ludohas joined
ludohas joined
moparisthebesthas joined
Ge0rGhas joined
danielhas left
danielhas joined
marmistrzhas left
ralphmhas joined
tim@boese-ban.dehas left
tuxhas joined
danielhas left
danielhas joined
marchas joined
winfriedhas joined
stefandxmhas joined
marchas left
Zashhas left
lskdjfhas joined
efrithas left
lumihas joined
stefandxmhas left
Ge0rGhas joined
stefandxmhas joined
Dave Cridlandhas left
marmistrzhas left
ralphmhas joined
j.rhas joined
j.rhas joined
moparisthebesthas joined
Guushas left
jerehas left
jerehas joined
moparisthebesthas joined
andyhas joined
Guushas left
SaltyBoneshas left
andyhas left
rtq3has left
rtq3has joined
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
dwdhas left
andyhas joined
dwdhas left
andyhas left
rtq3has left
rtq3has joined
dwdhas left
jjrhhas left
vanitasvitaehas left
ralphmhas joined
winfriedhas joined
ralphmhas left
ralphmhas joined
stefandxmhas left
ralphmhas left
ralphmhas joined
danielhas left
danielhas joined
lskdjfhas joined
danielhas left
danielhas joined
lskdjfhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
jjrhhas left
jjrhhas left
danielhas left
danielhas joined
jjrhhas left
danielhas left
danielhas joined
Guushas left
danielhas left
danielhas joined
Steve Killehas left
lumihas left
danielhas left
danielhas joined
Steve Killehas joined
danielhas left
danielhas joined
marmistrzhas left
danielhas left
danielhas joined
jjrhhas left
matlaghas left
jjrhhas left
danielhas left
danielhas joined
rtq3has left
rtq3has joined
Tobiashas left
j.rhas joined
danielhas left
danielhas joined
moparisthebesthas joined
Tobiashas joined
danielhas left
danielhas joined
ralphmhas joined
j.rhas joined
danielhas left
danielhas joined
jubalhhas left
vanitasvitaehas left
jerehas left
jerehas joined
jjrhhas left
jjrhhas left
ralphmhas left
Kevhas left
SaltyBoneshas left
la|r|mahas left
la|r|mahas joined
marmistrzhas left
Tobiashas left
jubalhhas joined
stefandxmhas joined
Guushas left
j.rhas joined
jjrhhas left
jjrhhas left
Guushas left
Guushas left
jjrhhas left
jjrhhas left
ovohas left
Marandahas left
Marandahas left
Marandahas joined
Dave Cridlandhas left
Marandahas joined
stefandxmhas left
la|r|mahas joined
la|r|mahas joined
moparisthebesthas joined
blablahas left
j.rhas joined
Guushas left
Guushas left
blablahas left
danielhas left
danielhas joined
danielhas left
danielhas joined
Guushas left
danielhas left
danielhas joined
tim@boese-ban.dehas left
jubalhhas left
jubalhhas joined
dwdhas left
danielhas left
danielhas joined
ralphmhas left
Guushas left
ovohas joined
stefandxmhas joined
Marandahas left
SaltyBones
Maybe this is a silly question but what is "Jingle"?
goffi
SaltyBones: XEP-0166, or in short a way to establish P2P session
Tobias
It's an abstract peer-to-peer signaling protocol based on XMPP
Zash
If you are familiar with SIP, it's like that
Tobias
just not encoding things in HTTP like headers but in XML
dwdhas left
SaltyBones
thanks
SaltyBones
goffi, and you want to use that to build file sharing?
goffi
SaltyBones: yes, it's already working actually
SaltyBones
but you have some sort of dedicated, always-on end-point so it's not really p2p, right?
goffi
SaltyBones: it can work between 2 devices
moparisthebest
if they are on the same LAN and, in practice, in virtually no other case
goffi
(but I have also a component to store files, in this case it's not P2P)
Guushas left
moparisthebest
otherwise you have to go through a TURN server which seems far worse than http upload
moparisthebest
especially if you need such a component to store files, why re-invent http ?
Kev
Jingle isn't P2P.
Kev
It's a signalling protocol, nothing about it implies it must be P2P (indeed, it's how you negotiate IBB)
SaltyBones
goffi, what is this for?
moparisthebest
goffi, why is a custom component to store files in any way preferred over an http server?
goffi
in my experience the connection is direct most of time. jingle try to establish P2P, but if it can't it will fall back to other mechanisms (proxy, IBB, ...)
goffi
SaltyBones: many things. Keeping file for yourself, sharing with other, transmitting files between devices, etc.
SaltyBones
goffi, just install nextcloud?
goffi
moparisthebest: I don't want/need the HTTP overhead, jingle FT is good, and there are already XEPs for file sharing
goffi
SaltyBones: why installing and maintaining an other software?
moparisthebest
what http overhead ?
moparisthebest
surely it's far less than anything you'll come up with in jingle/xmpp ?
moparisthebest
just the negotiation probably takes far more time than an entire http download
Tobias
moparisthebest, additional code to maintain, all the HTTP corner cases. If you don't have HTTP in your project yet it's a reasonable questions to ask whether you really need to add the full HTTP support.
moparisthebest
in my opinion you should use the right tool for the job without reinventing the wheel if possible, if that job is putting files on a server for multiple clients to download, that tool is http
moparisthebest
chances are you already have http in your project, but if not, adding it is surely less code to maintain than a custom xmpp component to store files?
goffi
there is already a right tool for that with XMPP, and I'm building a XMPP client
stefandxmhas left
rionhas left
SaltyBones
I didn't mean to criticize just curious.
goffi
it's OK to criticize, as long as it's not aggressive :)
moparisthebest
there is the saying that if all you have is a hammer everything looks like a nail, it's still not always the right tool for the job
SaltyBones
So you are building synchronizing on top of jingle ft?
Kev
moparisthebest: And that's a significant problem with people thinking everything needs to happen over HTTP, right? :)
andyhas joined
goffi
SaltyBones: no synchronizing (at least not for now), just sharing files.
goffi
and also everything is linked to my XMPP account, so permission is trivial to handle.
SaltyBones
goffi, how is file sharing different from file transfer then?
Tobias
goffi, +1...getting permissions right with different user groups that fetch stuff via HTTP server gets tricky
Holger
The right tool for the job is FTP.
moparisthebest
Kev, the reverse is true also, matrix was the opposite mistake :P
Kev
Holger: SFTP, I think.
Tobias
Holger, right...which is for files, not just for Hypertext
goffi
SaltyBones: you can have a list of files, hierarchy, check XEP-0329 it's the one I'm using
moparisthebest
FTP is the right tool for no job :P
Zash
Nothing wrong with FTP
moparisthebest
nothing wrong with SFTP, loads wrong with FTP
Tobias
Zash, as long as you tunnel it over HTTPS, right? :)
Zash
Hrr
SamWhited
Which one is SFTP? Is that file transfer over SSH or FTP over TLS?
moparisthebest
over ssh, the other is ftps
SamWhited
One day I will remember which one is SFTP and which one is FTPS
goffi
(jingle can use HTTP by the way)
Zash
sftp isn't related to ftp afaik, other than in purpose
moparisthebest
yep completely different
moparisthebest
there was a really good rundown of all the reasons FTP is terrible written by the author of a really popular FTP server, but I can't seem to find it now...
Zash
Everything is terrible
Zash
If you think something isn't terrible, you aren't looking close enough
SamWhited
Not everything is equally terrible though. Some things are less terrible than others.
moparisthebest
https://mywiki.wooledge.org/FtpMustDie ah there it is
tim@boese-ban.dehas left
ralphmhas left
Marandahas left
SaltyBones
magic wormhole is kind of cute
Zash
"It's old, therefore obsolete"
Holger
Bashing FTP is so boring.
Holger
Yeah.
andyhas left
daniel
Complains about FTP being obsolete. Does so on a website that is impossible to read on a mobile phone...
andyhas joined
moparisthebest
not being usable behind NAT or knowing whether uploads/downloads completed etc is also a thing not great for a file transfer mechanism
moparisthebest
it's not just the 'old' part
Zash
NAT is the evil here, not FTP
Holger
moparisthebest: It's usable behind NAT if your firewall admin isn't stupid, or if you use passive FTP.
moparisthebest
not disagreeing with you, but can't change the world
SamWhited
It doesn't matter which thing is broken and wrong if the thing I want to use doesn't work. I don't really care whos fault it is or who did or did not work around NATs.
Holger
moparisthebest: It's unencrypted if you don't use TLS, just like HTTP.
moparisthebest
it also allows data to be unencrypted even if you do use TLS, unless you do special things
SamWhited
I am tempted to say that there is no situation in which FTP is the correct tool for the job when rsync exists, except that as far as I can tell the rsync protocol is completely undocumented.
SaltyBones
The universal law of users: Whatever changed last is responsible for all problems. :)
Holger
moparisthebest: What? I don't know of an FTPS client that requests unencrypted transfer by default.
rtq3has left
rtq3has joined
Holger
SamWhited: rsync is *very* expensive.
moparisthebest
hopefully not
SamWhited
Holger: that's fair
SaltyBones
goffi, does the jingle ft understand when your devices are both on lan and then send the file locally?
SamWhited
although it's not a problem I run into most of the time, I can see that being an issue if you have older or very limited hardware
jjrh
Zash, amen.
Seve/SouLhas joined
vanitasvitaehas left
moparisthebest
anyway this is what I have against jingle for file transfer for, you end up doing complicated negotiation, and then 99.9% of the time uploading to a TURN server anyway
moparisthebest
except unlike HTTP, you have to do it multiple times for each resource that wants the file
Maranda
FTP? Who uses FTP nowadays anyways...
moparisthebest
and if you don't have access to a TURN server it just fails, most xmpp servers support http upload nowadays, many more than have turn servers...
jjrh
Maranda, a surprisingly large amount of people.
xnyhpshas joined
waqashas joined
SamWhited
Unencrypted anonymous FTP is still the only decent way I've found of transfering files between my phone and my computer, although I desperately wish there were another way
lovetoxhas joined
moparisthebest
that's my 2 cents anyway goffi , you are going to put all this work into this amazing software that just won't work on the majority of servers for the majority of users...
jjrh
adb push / pull?
daniel
SamWhited: locally or over the network?
moparisthebest
SamWhited, android phone?
Marandathinks he presses that SCP button in SSH clients from quite a while.
SamWhited
moparisthebest: yes
SamWhited
daniel: either, I normally do it over lan
daniel
mtp works fine for me
jjrh
mtp is kinda slow
SamWhited
yah, mtp always takes forever for me; not sure why.
Zash
I use scp/rsync on my phone.
daniel
Probably depends on the implementation?
daniel
I don't transfer large files though
jonasw
mtp doesnβt work for me :(
moparisthebest
nextcloud/syncthing or also I had an sftp server on my phone looking now...
SamWhited
I tend to be backing up lots of little-to-medium sized files. Pictures and music mostly.
I really should figure out how to do ssh/rsync, that would be nicer.
SamWhited
oh hey, that looks promising, thanks.
jonasw
jjrh, so the only way to sensibly transfer files from a commodity device to another one is with a CLI command? seriously? :D
moparisthebest
that supports ssh/rsync, I recall having permissions issues though...
Zash
tarpipes!
jonasw
SamWhited, I use KDE Connect and MTP, and if neither works (which happens, annoyingly) I eject the SD card.
moparisthebest
haha Zash yes that's actually how I ended up transfering a whole internal sdcard once
jjrh
jonasw, of course not. But adb is pretty easy to script, plug in your phone and have a udev rule pull everything.
moparisthebest
something like tar [stuff] | adb shell su tar [stuff]
moparisthebest
adb over wifi
Maranda
and usb file transfers on my phone aren't that slow anyways.
Maranda
brb
danielhas left
danielhas joined
rtq3has left
SaltyBones
I have nextcloud. Works fine for small files or if you have time. :)
daniel
> SamWhited, https://arachnoid.com/android/SSHelper/
Oh that looks cool. Thx
rtq3has joined
Holger
You guys are all too bored (like me). A useless comment mentioning FTP is enough to spawn a 30 minute discussion on random file transfer issues.
Yagiza
Well... is there any XEP, which describes using TURN servers for Jingle FT?
SamWhited
This is great, I've already got it working better than the last SSH thing I triedβ¦
SamWhited
thanks for the recommendation.
jonaswhas left
Guushas left
moparisthebest
Holger, clearly file transfer is one of the great unsolved problems of computing
daniel
Yagiza: the jingle ft xep is agnostic of transport. So it should just work(tm)
daniel
I don't know if many people do implement it though
Holger
moparisthebest: True. But I think this works with more or less arbitray IT questions.
daniel
Most people use socks
moparisthebest
this morning a co-worker was trying to send me a 3kb PDF over skype for business and it wouldn't work, ended up emailing it :'(
moparisthebest
also companies pay a lot for that software
jjrhhas left
MattJ
I tried emailing a tarball of .lua files to someone this morning, Gmail rejected it for security reasons and I ended up scp'ing to my server and sending them a URL
Yagiza
daniel, I thought Jingle FT uses the same transport types, which SI FT uses: IBB, SOCKS5 and OOB.
moparisthebest
so, http upload is the only thing that worked? :P
jonaswhas left
Zash
Yay only the popular thing works because it's popular.
Zash
Ya'll know how much I hate things that are popular because of their popularity?
moparisthebest
I still agree that sucks, but your choice is just never transfer the file on principle, or, use the way that works
ralphmhas joined
andyhas left
andyhas joined
SamWhited
It's not popular because of it's popularity, it's popular because it's simple and HTTP is a better tool for the job. It was literally made for downloading small files. Sucks for larger files, but most users want to send cat gifs so I don't really care.
moparisthebest
you could also use sneakernet with a flash drive, but http is easier
goffi
SaltyBones: yes, that's one of the interest of the thing
Zash
But it's suffocating everything else :(
Zash
We can't have innovation at the lower layers anymore, and that makes me sad
moparisthebest
that's true, udp/tcp is all we can ever have
jubalhhas left
moparisthebest
and even then tcp is just getting re-invented over udp with things like QUIC
Zash
And soon only TCP/TLS/HTTP
goffi
moparisthebest: it's not only with the server, it's also between users (ex. tranfering files from your phone to your desktop machine)
Maranda
cat gifs π» π
waqashas left
jjrhhas left
jjrhhas left
jonaswhas left
Maranda
But didn't someone just want to use BoB for those things :P?
danielhas left
danielhas joined
winfriedhas joined
Zash
goffi?
goffi
Zash: yes?
Zash
Wait, wanted to not use bob because of size restrictions
goffi
no
Yagiza
Maranda, I'm using BOB for small pics. For large pics I need to implement using something like HTTP File Upload.
BTW, I don't see a way to use HTTP File Upload for file transfer without using Jingle FT or SI FT as session negotiation protocol.
SaltyBones
goffi, I wonder how the fuck that works... :D
Maranda
You do..?
SamWhited
I don't understand what innovating at the lower layers has to do with this; if you want to innovate and make something better than HTTP, do that. Using a bad thing that's complicated and not the right tool for the job isn't going to make it more likely that you displace HTTP.
ovohas left
goffi
SaltyBones: many candidate are tested, with priorities. The direct connection on local network is tried first.
Maranda
To me it looked like XEP 363 used PUTs... But maybe I'm just having allucinations as usual.
ovohas joined
Maranda
I'm not sure where the Jingleing is required in there π€π€
moparisthebest
goffi, it's just highly unlikely p2p will work ever except in the case of LANs, seems odd to optimize for that, but even if you do go that way for p2p transfers, an http server would still be a better place to put uploads than a custom jingle component
goffi
the LAN case in one major use case for me.
goffi
and in my experience P2P is working quite often
goffi
and I have already all jingle implemented, so why should I implement something else ? Specially when there are already XEPs doing what I need
Guushas left
goffi
I really don't see the point of the whole discussion, I've implemented something which is working, based on current XEPs and I'm happy with it (except the point I'm trying to solve on standard@).
jonasw
goffi, how do you solve broadcast/multicast (MUCs) and retrievability while the user is offline?
jonasw
is that the Jingle Component youβre talking about? if so, thatβs amazing
goffi
MUC is no my use can for now, but anyway I have a component so offline retrieving is not a problem at all.
jonasw
I canβt parse that sentence, sorry.
waqashas joined
waqashas left
waqashas joined
goffi
my use case*. Sorry to disturb your parser.
tuxhas joined
Marandahas left
moparisthebest
goffi, what transfer method is used if both clients are on different LANs behind NAT ?
goffi
moparisthebest: check XEP-0234. Socks5 direct, w/ proxy, IBB in that order.
moparisthebest
goffi, and how does this work with multiple clients?
moparisthebest
same account logged in on different resources that is
goffi
I don't get your question, this always work with different clients.
moparisthebest
just super wasteful bandwidth-wise?
moparisthebest
you end up uploading it once for each client?
goffi
what are you talking about?
jonasw
moparisthebest, IIUC, the jingle transfer is handled by a component. the sender uploads once, everyone downloads from componet.
jonasw
itβs kinda like HTTP Upload, but with Jingle instead of HTTP.
jonaswhas left
moparisthebest
if I want to share a picture from my mobile phone to a contact connected from 5 clients, my phone ends up uploading that once for each client no?
Yagiza
moparisthebest, FT XEPs usually used to transfer file from one client to another. Not to share a file.
Yagiza
moparisthebest, for file sharing something like HTTP Upload is better.
moparisthebest
but this is about file sharing no?
Yagiza
moparisthebest, Jingle FT? No.
Yagiza
moparisthebest, it's just a modern way to do the same as SI FT does.
goffi
I think I'll publish a blog post with schematics to make things clear.
jonasw
goffi, sounds like a good plan
moparisthebest
Yagiza, I meant goffi's thing, but yea that'd be nice goffi
Yagiza
moparisthebest, ah, ok
andyhas left
rionhas joined
j.rhas left
j.rhas joined
ovohas left
ovohas joined
Dave Cridlandhas left
jjrhhas left
jjrhhas left
jonaswhas left
Martinhas left
jonaswhas left
lskdjfhas joined
Marandahas joined
jonaswhas left
Lancehas joined
Fabianhas left
Lancehas left
Lancehas joined
Yagizahas left
blablahas joined
jubalhhas joined
matlaghas left
dwdhas left
Lancehas left
ralphmhas left
ralphmhas joined
jonasw
what do you folks think about Trust-On-First-Use pinning for certificate public keys for XMPP servers?
blablahas joined
Steve Killehas left
Steve Killehas left
j.rhas joined
rionhas left
rionhas joined
dwdhas left
stefandxmhas joined
Zash
It's fine until you change the key for whatever reason.
Steve Killehas joined
Dave Cridlandhas left
Dave Cridlandhas left
Syndacehas left
Syndacehas joined
j.rhas joined
dwdhas left
ludohas joined
ludohas joined
jerehas left
jerehas joined
stefandxmhas left
Steve Killehas left
Maranda
Uhhh that annoying iChat disco# bug.
Marandapfts.
Dave Cridlandhas left
marchas left
Dave Cridlandhas left
dwdhas left
j.rhas joined
j.rhas joined
andyhas joined
stefandxmhas joined
andyhas left
andyhas joined
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
dwdhas left
Marandahas joined
dwdhas left
moparisthebest
jonasw, hpkp-type system would be better, there is even a not-yet-submitted xep
moparisthebest
I would love that
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Fabianhas joined
stefandxmhas left
Dave Cridlandhas left
moparisthebest
jonasw, xnyhps is the one who wrote it but I cannot seem to find a copy...
jonasw
moparisthebest, NOOOO
jonasw
we have TLSA for a reason!
moparisthebest
well obviously that's best I agree, but when entire domains never implement DNSSEC...
Guushas left
Marandahas left
Marandahas joined
moparisthebest
sorry entire TLDs is what I meant to say
dwdhas left
jerehas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Marandahas left
Dave Cridlandhas left
dwdhas left
Ge0rG
jonasw: I've written a TOFU kind of library for Android back then for yaxim...
Dave Cridlandhas left
Guushas left
Guushas left
moparisthebest
TOFU is better than nothing but not as good as HPKP
moparisthebest
because you end up asking the user 'SHOULD THEY KEY HAVE CHANGED TO THIS CHUNK OF HEX/BASE64: XXXXX'
moparisthebest
and they have absolutely no way to tell
moparisthebest
as an admin *I* know, and can just set my pins correctly
Ge0rG
moparisthebest: yes, server admins are the ones to know that best.
Dave Cridlandhas left
Ge0rG
moparisthebest: except for the ones who don't give a yota and have self signed certificates in the first place.
Zash
Isn't that being deprecated because people shoot themselves in their foots too often?
moparisthebest
they don't go the extra mile and set up pinned keys either, generally
winfriedhas left
moparisthebest
well iirc chrome is dropping support sometime, I still think that's dumb though
moparisthebest
you can bet they'll leave it enabled for google owned domains
Zash
Isn't that hardcoded in the binary?
Zash
As in, not protocol
winfriedhas left
winfriedhas joined
moparisthebest
google ones are iirc
Ge0rG
You can get your domain onto the preload list with Google and Mozilla. No idea how that scales.
moparisthebest
Ge0rG, only for HSTS, not for HPKP
Ge0rG
moparisthebest: oh, I thought you can get both.
moparisthebest
HSTS == only ever visit this site via HTTPS and enforce valid CA-issued certs, do not allow click-through bypass
moparisthebest
not unless they changed it
rionhas left
Ge0rG
You still can bypass HSTS with the hot key formerly known as "badidea"
Ge0rG
HSTS is probably easier to scale with a bloom filter, as opposed to having a gazillion of server fingerprints shipped in your binary
dwdhas left
j.rhas joined
j.rhas joined
rionhas joined
moparisthebest
mere mortals can't bypass it though, my mom couldn't
rionhas left
Ge0rG
Before I learned that trick I couldn't either, and it was bothering me much.
Dave Cridlandhas left
moparisthebest
very rarely do you want to bypass it
moparisthebest
the whole point is because given the choice, people always click through, and if the site says not to, you shouldn't give people the choice
ludohas joined
dwdhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Ge0rG
But *I* do know what I'm doing, sometimes even better than the admin of the site I want to visit.
Dave Cridlandhas left
Kev
Actually, it's something I'd like to do quite often.
Kev
Because hotels and capture portals.
moparisthebest
yea but you nor I are what anyone would consider average computer users
moparisthebest
Kev, so you allow the MITM to proceed? or you just mean to get to their terrible agreement page?
Kev
I mean to get to the agreement page.
Kev
I typically browse to 8.8.8.8 these days.
moparisthebest
I usually type in like bob.com for that
moparisthebest
but yea bad systems
SaltyBoneshas left
Zash
example.com!
daniel
neverssl.com
Fabianhas left
Dave Cridlandhas left
moparisthebest
daniel, nice!
Dave Cridlandhas left
dwdhas left
ralphmhas joined
dwdhas left
Dave Cridlandhas left
Ge0rGused to use a large German news portal, but then they switched to https... π
Guus
someone, invite me to a muc please?
daniel
Ge0rG: me too π
daniel
Would probably be a good business model not to offer ssl on your news site. Then people would use it to get around captive portals and spend time on your website while there at it
jonasw
Ge0rG, heise has SSL by now? :-O
danielhas left
danielhas joined
Marandahas joined
moparisthebest
out of curiousity, how many captive portals do you deal with on a weekly basis?
moparisthebest
I see 1 or 2 a year :P
daniel
moparisthebest: our high speed trains have them
moparisthebest
ah, makes sense
SamWhited
Lucky you; I see a captive portal basically every time I'm on the bus, train, or in most coffee shops.
SamWhited
Not that I take the train much (there is a small one, but it doesn't realy go anywhere here) and only some of the busses have wifi, so mostly just coffee shops.
Guushas left
moparisthebest
I see them at hotels, but then there are no trains or buses around here and I don't go to coffee shops so...
daniel
And yes what Sam says. A lot of coffee shops have them
SamWhited
Oh yah, and hotels. Every time I travel.
daniel
There is probably a Firefox plugin that can auto accept the standard ones
daniel
Or if there isn't there should be
daniel
Or just put it in Systemd π
SamWhited
I have strict revocation checking on in Firefox, which is unfortunate since they all block their own OCSP servers and CRLs.
Dave Cridlandhas left
SamWhited
So I generally have to curl to login
moparisthebest
the first thing I do on strange networks is connect to my VPN though, not open up firefox
Kev
I'm not sure how that would help. You won't be able to VPN until you've clicked through the page.
moparisthebest
openconnect/ocserv is great for speed and firewalls
Dave Cridlandhas left
moparisthebest
yea it doesn't work, then I know I need firefox...
marmistrzhas joined
dwdhas left
SamWhited
At least one place I go sometimes works by stealing DNS, so if you use a VPN and know your IP (or hardcode 8.8.8.8 or something) then you don't need to sign inβ¦
Dave Cridlandhas left
Dave Cridlandhas left
SamWhited
That same place also has "admin:password" for the credentials on the router though, so now I don't have a portal at all and if anyone is eating the coffee shop bandwidth with Bittorrent they get mysteriously QoSed.
jonasw
:D
danielhas left
danielhas joined
Dave Cridlandhas left
moparisthebest
sounds like a case of nephew bob the IT guy setting it up for them
dwdhas left
jonaswhas left
efrithas joined
danielhas left
danielhas joined
dwdhas left
danielhas left
danielhas joined
dwdhas left
Dave Cridlandhas left
Guushas left
goffihas left
ludohas left
ludohas joined
Fabianhas joined
tuxhas left
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
Guushas left
jonaswhas left
Marandahas left
Marandahas joined
dwdhas left
j.rhas left
j.rhas joined
stefandxmhas joined
Alexhas left
ovohas left
ovohas joined
Seve/SouLhas joined
rtq3has left
rtq3has joined
ludohas joined
stefandxmhas left
Marandahas joined
danielhas left
Alexhas joined
Dave Cridlandhas left
danielhas joined
j.rhas joined
j.rhas joined
Dave Cridlandhas left
dwdhas left
Tobiashas left
ralphmhas joined
jonaswhas left
Dave Cridlandhas left
dwdhas left
vanitasvitaehas left
jubalhhas joined
marmistrzhas left
dwdhas left
rtq3has left
rtq3has joined
danielhas left
danielhas joined
danielhas left
Dave Cridlandhas left
danielhas joined
Dave Cridlandhas left
dwdhas left
marmistrzhas left
Dave Cridlandhas left
danielhas left
danielhas joined
dwdhas left
andyhas left
Dave Cridlandhas left
Ge0rG
When I'm desperate enough I fire up iodine and tunnel through the captive portal dns