-
Kev
8AM and I already won the 'most pointless mail to standards@ of the day' award.
-
jonasw
great, poezio is massively confused by this MUC. Trying to answer nontheless: how do you end up with 2046 octets? the "@" surely is needed?
-
Kev
Nope.
-
Kev
What do you need the @ for?
-
jonasw
Kev, to separate localpart and domain?
-
Kev
Why do you need to do that?
-
Kev
(I'm not being dense, you'll get there in a moment :))
-
jonasw
oh my god, are you suggesting to put a 1023-octet localpart and a 1023-octet domainpart into the thing without separation because it can be inferred by the length and absence of an "@" where the separation happen??✎ -
jonasw
oh my god, are you suggesting to put a 1023-octet localpart and a 1023-octet domainpart into the thing without separation because it can be inferred by the length and absence of an "@" where the separation happens? ✏
-
Kev
:)
-
jonasw
oh my god
-
Kev
:)
-
jonasw
you can’t do that to me
-
jonasw
good morning Kev, you already made my day :-)
-
Kev
No, I'm not suggesting it's a good idea, but it's 8AM and I felt the world deserved to suffer.
-
jonasw
I am amused at this point :)
-
jonasw
I’m sorry that you feel the need to make the world suffer, wanna talk about it? :)
-
jonasw
(this idea is so insane and I can, in a very *very* weird way relate to it, doing embedded work from time to time)
-
jonasw
(it keeps making me laugh)
-
jonasw
(if that helps you in any way; if you genuinely want suffering, I’m double-sorry now)
-
Kev
No, not really.
-
Ge0rG
This only works if your upstream implementation actually enforces the 1023 octet limits
-
Ge0rG
But it reminds me of the double-linked-list-with-only-one-pointer trick.
-
jonasw
I don’t want to know.
-
jonasw
(although I’m guilty of using Duff’s-device-coroutines)
-
flow
hmm? and where do you get the length from? Don't you need to store it instead of the separation char?
-
jonasw
flow, the length is in the data field itself; XML delimits it for you
-
jonasw
(and databases would too)
-
Ge0rG
We were talking about sponsoring individual XMPP developers recently, and maybe this one might work out for some: https://www.buymeacoffee.com/
-
jonasw
what’s the difference to patreon and liberapay?
-
jonasw
> We offer Paypal and Stripe as payout options.
-
jonasw
meh
-
Ge0rG
jonasw: better branding.
-
Ge0rG
Stripe does IBAN payouts, though
-
jonasw
I signed up for liberapay and just realized that they didn’t ask me for a password yet.
-
jonasw
that’s smooth onbording I’ll say
-
Ge0rG
> Unlike other non-profit platforms, Liberapay is neutral. You can create an account without having to wait for us to approve it, and we won't kick you out unless you break the law or the terms of service. Heh. But I kind of like the overall thing
-
jonasw
"but"?
-
Ge0rG
I don't know about them, but most payment processors have very vague ToS, so you'll end up kicked anyway
-
mathieui
jonasw, that’s kind of similar to the policy of the "kickstarter for fascists" started by far-right groups
-
daniel
mathieui: wasn't that more like patreon? Because patreon kicked Lauren southern?
-
Tobias
So seems like the MLS WG is pretty limited in their planned supported scenarios.
-
flow
Tobias, how come?
-
Tobias
https://mailarchive.ietf.org/arch/msg/mls/b5YoQfdeFcoLYrFdxbZmdX__jWA
-
Tobias
See this thread
-
Dave Cridland
That's a very well-written email to kick things off.
-
flow
Dave Cridland, "within blue light"?
-
flow
hmm, possibly rescue services and such
-
Dave Cridland
flow, Right, sorry, a UK term. People who drive vehicles with blue lights on top - so fire/police/ambulance.
-
Dave Cridland
But also coastguard, mountain rescue, cave rescue, and all sorts. Weird sector, because some of it is Government funded and some is volunteer.
-
Ge0rG
That escalated quickly
- ralphm bangs gavel
-
ralphm
set the topic to
XSF Board Meeting | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
-
MattJ
Good afternoon
-
ralphm
0. Welcome and agenda
- Guus plots to replace the gavel with a rubber one for next time.
-
ralphm
Hi!
-
ralphm
Who do we have?
-
MattJ
Me
-
Guus
I
-
ralphm
Martin and nyco?
-
ralphm
Guess not.
-
ralphm
Any additions to the agenda?
-
Guus
I've added commteam membership requests to Trello earlier
-
Guus
(also, minutes?)
-
ralphm
Guus: I'm following the left-most column of Trello
-
ralphm
1. Confirm minute taker
-
ralphm
Who (including floor) can do this?
-
Guus
if not anyone from the floor, I will
-
ralphm
Thanks GUus✎ -
ralphm
Thanks Guus ✏
-
ralphm
2. Board priorities
-
ralphm
We still need to settle the meeting which nyco was setting up
-
Guus
I'm tempted to say that given our track record, that meeting that we're holding this off for isn't going to happen.
-
Guus
can we come to a conclusion on this without that meeting?
-
ralphm
I guess, but let's keep this on for one more week. Doing this with just 3/5 is not helpful
-
Guus
agreed.
-
MattJ
My proposal to make progress on this...
-
MattJ
I'd like to do another membership survey (though I know some people don't believe it holds much value)
-
Guus
I'm with the latter, but it doesn't hurt to have one either.
-
MattJ
I can draft something up, and we'll at least have something to discuss
-
MattJ
Right now it's such a broad open-ended topic, this "board priorities" thing really gets to me
-
ralphm
Yeah, I agree
-
MattJ
If all we need to do is agree that we want to make XMPP more popular and combat spam, let's just do it
-
MattJ
and remove this card
-
Ge0rG
what about making Jabber more popular?
-
ralphm
Let's not have this discussion right now.
-
Guus
Mattj, please go ahead. Anything to move forward.
-
ralphm
Yep
-
ralphm
3. Additions to Work Teams
-
MattJ
Ok, I'll add it to my to-do(TM)
-
Guus
JC asked me to add those names up for a board vote
-
ralphm
From what I understood after the meeting last week, Winfried should have been part of the communications team. I'm +1 on adding him.
-
Guus
I'm very happy for anyone to contribute, and strongly believe the board should facilitate where we can, as I'm convinced that this benefits us all. My voting behavior on team membership issues is therefor "yes, unless".
-
Guus
Communication work team membership allows people to communicate on behalf of the XSF (by granting access to our social media accounts, and by allowing them to directly make changes to our public website).
-
Guus
Although he appears to be very motivated and puts in a lot of effort, I am not comfortable with Ludovic communicating on behalf of the XSF: I've experienced his style to be badgering, to the point of great annoyance, pressing non-issues, or issues that I disagree with.
-
Guus
I've seen, and have heard of, similar issues between him and others.
-
Guus
I'm therefor -1 on adding Ludovic as a member of the Communnication work team.
-
Guus
I have no concerns regarding Winfried's membership of the Communications work team. I'm +1 on that.
-
ralphm
I agree with all of that Guus.
-
MattJ
Likewise on both counts
-
jonasw
I’m glad to see that I’m not the only one.
-
ralphm
Ok. Motion to add Winfried carries. Motion to add Ludovic doesn't carry.
-
ralphm
4. SPAM SIG
-
ralphm
This was discussed after last weeks meeting briefly.
-
MattJ
If this is an open group that essentially consists of a mailing list and MUC room, I have no objections
-
ralphm
I want to reiterate here that the (previous) board has voted this down, and I intend to stick by that decision until there's a better proposal.
-
MattJ
I think the initial request was for a closed group
-
Guus
If this facilitates an effort, I'm not against this.
-
ralphm
MattJ: right, but a SIG is more than that and I don't see why this needs to be an XSF activity.
-
ralphm
See also the operators mailinglist
-
ralphm
a SIG is open by definition
-
Ge0rG
the reason to make this an XSF-approved thing is to show that we are committed to fighting spam, and that we are actually doing something
-
Guus
I'm not on there, I think. Was there a relevant discussion, or is that an alternate venue you're referring to?
-
Ge0rG
I don't care much about the formal structure
-
ralphm
Ge0rG: until the direction of the XSF changes, we are a standards body
-
Ge0rG
ralphm: then it's time to change directions
-
MattJ
I don't see much of a difference between this and other SIGs we've formed in the past
-
MattJ
I'm not in favour of the spam manifesto being an XSF activity, for sure
-
ralphm
Ge0rG: and not everything XMPP under the sun has to be an XSF activity for work to get done. I tried explaining this on various occasions, and I don't understand why you don't get that.
-
ralphm
So work on it, if there are things you can't do, propose a XEP and we'll vote on this again.
-
ralphm
(a XEP for a SIG. XEPs for protocol can go directly to the Council)
-
Ge0rG
ralphm: while I agree that we as the XSF have very limited manpower, my hope is that at least we as the XSF have a wider outreach, so we can have more contributions.
-
ralphm
Ge0rG: there's nothing the XSF does to 'widen outreach'
-
Ge0rG
ralphm: you should discuss that with the comms-wg
-
ralphm
I suggest you get something started, tell the Comms team what you are doing and they can add a line or two in their news letter.
-
ralphm
5. AOB
-
ralphm
Anything else?
-
Guus
the ED search and bus factor thingy?
-
Guus
bus factor wise, we're waiting for Peter's contact at the bank to return, I think? I'll ask him about that
-
ralphm
thanks
-
Guus
the Executive Director replacement, I still am unclear what needs to happen there.
-
Guus
but we should get that sorted (or removed)
-
ralphm
I'd like that to be part of our Priorities discussion, if we ever have one.
-
Guus
we're not simply asking for someone to take over from Peter?
-
ralphm
As was brought up briefly around the Summit, we need to know what we expect this person to do, outside of the profile that was defined long time ago.
-
Guus
sensible. But, perhaps take that out of context of the prio thingy - to not overload that effort?
-
goffi
does putting the newsletter license under CC By-SA need a board vote? I've made a P.R. for that, jc is OK for it (I've asked yesterday)
-
Guus
(goffi, I don't know to be honest)
-
jonasw
I don’t think so, frankly.
-
ralphm
goffi, it probably would
-
jonasw
do we have something which puts all rights on work made on the website under XSF ownership?
-
MattJ
Does the XSF even hold the copyright?
-
ralphm
Let me check that.
-
jonasw
if not, JC probably has the permissions to put it under any license he likes
-
ralphm
If it is an XSF activity, yes
-
MattJ
He's not paid for it
-
Zash
Neither are XEP authors?
-
ralphm
I think payment is not a factor
-
ralphm
XEPs are explicitly attributed to the XSF
-
goffi
XEP authors give ownership explicitly (I've done it)
-
ralphm
I think going forward, it makes a lot of sense for the XSF to own the copyright to things it publishes
-
jonasw
defining a license for website content would be a good idea.
-
ralphm
I seem to remember we had this
-
jonasw
or rather: digging in the archives whether there actually *is* a license on website content and it just got lost in transition
-
Guus
that might not be the worst of ideas
-
jonasw
checking archive.org now
-
ralphm
jonasw: thanks
-
Guus
Shall we move that to next week then?
-
ralphm
Let's continue this out of band, and maybe add an item to our Trello
-
jonasw
https://web.archive.org/web/20070707184343/http://www.xmpp.org/about/copyright.shtml
-
jonasw
CC-BY
-
ralphm
2.5
-
ralphm
(apparently)
-
Guus
Shall we restore that to our current website?
-
jonasw
I don’t find a similar attribution in the 2011 version
-
jonasw
so technically the content created inbetween is probably in limbo
-
ralphm
It probably got lost in all the site changes
-
Guus
I think it's reasonable to assume that it was not intentionally dropped and replaced by <nothing>.
-
jonasw
yeah
-
ralphm
Agreed
-
ralphm
I +1 your suggestion, Guus
-
Guus
martin (hi!), mattj?
-
MattJ
Yes, +1
-
ralphm
Carries
-
ralphm
Ok, I think that's it for today.
-
ralphm
6. Date of Next
-
ralphm
+1W
-
ralphm
7. Close
-
ralphm
Thanks all!
-
Guus
wfm
- ralphm bangs gavel
-
ralphm
set the topic to
XSF Discussion | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
-
MattJ
Thanks
-
SaltyBones
Holger, could you unban me from the ejabberd muc? -_-
- Guus considered _not_ making a reference to 'magic words' briefly, but desided against it.
-
SaltyBones
Holger, could you unban me from the ejabberd muc, please?
-
SaltyBones
:)
-
intosi
Alohomora might've worked as well. Guus was very unspecific.
-
Guus
:)
-
SaltyBones
Avada Kedavra!
-
intosi
Well, that wouldn't be my choice, really. You want to open a lock, not kill the admin.
-
intosi
Dark wizardry is frowned upon by most operators.
-
SaltyBones
I only remember that and Lumos. :p
-
jonasw
SaltyBones, Vingardio Leviosa?
-
jonasw
(wutschen und wedeln!)
-
SaltyBones
Expecto Patronum!
-
Kev
Our testing framework for M-Link has an expectation framework called Expecto, and the 'check everything is the way it should be and fail the test otherwise' call is ->patronum().
-
Kev
So many of our unit tests end with the line expecto_->patronum();
-
intosi
How would you expect to get marks for Charms if you can't even be bothered to use the right one if it's provided on a silver plate? ;)
-
Ge0rG
Kev: what's the `_` for? singleton?
-
intosi
member
-
Ge0rG
wasn't the member `_` a prefix, typically?
-
Kev
Prefixes are magic in C++, and you have to be very careful to get them right. So it's safer (and reads better) to just suffix.
-
Ge0rG
> Each name that begins with an underscore is reserved to the implementation for use as a name in the global namespace. Oh, didn't know *that*
-
Ge0rG
C++ is full of surprises, even to experienced developers
-
SaltyBones
I completely agree and hate it for that.
-
jonasw
I thought it was just _Uppercase?
-
jonasw
fun
-
jonasw
I’m using m_foo now anyways
-
Ge0rG
jonasw: _Uppercase is reserved in any scope, _* only in global scope
-
jonasw
ah okay
-
Ge0rG
I'm sure this distinction is never going to bite anyone.
-
rion
omg.. ~/projects/psi/git$ grep -P '\b_\S+' --include '*.cpp' -r . | wc -l 1782
-
jonasw
rion, foo._ would be safe IIUC
-
Kev
Ge0rG: I chose my words carefully :)
-
Ge0rG
Kev: as you always do, indeed.
-
Kev
Wibble.
-
intosi
Kev: working on RowanIM again?
-
Kev
Something like that.
-
Kev
Maybe we should rename Swift to Adder or something.
-
Kev
Until Apple then releases a new calculator or something.
-
intosi
Sounds like a cunning plan.
-
Dave Cridland
jonasw, I always use m_xyz for non-public members, too.
-
SaltyBones
When discussing IDs yesterday it was a common view that servers want to pick IDs for MAM storage.
-
SaltyBones
I'm wondering if that flexibility is actually being used and is necessary?
-
MattJ
Yes, it's being used
-
SaltyBones
Don't all servers have to basically perform the same operations on the archive and need the same index?
-
MattJ
The id can help encode indexing information
-
SaltyBones
Is that something that could or should be standardized because all servers need it?
-
SaltyBones
What kind of stuff do you encode there?
-
MattJ
No, it shouldn't be standardized - it's not even standardized in Prosody, because it depends what storage you are using
-
Kev
It should be standardised that the server chooses, if that's the question.
-
MattJ
Oh, right, sure. I assumed the question was "should the encoded information be standardized?"
-
SaltyBones
Yes, it was. :)✎ -
SaltyBones
Yes, it was (what MattJ said). :) ✏
-
Zash
We have a translation layer for a legacy storage mode where you need the date and offset to identify messages
-
SaltyBones
O_o
-
jonasw
https://unicode.org/reports/tr51/#Longer_Term and the XSF as a whole, regarding emoji and stickers
-
moparisthebest
unicode was a mistake
-
Zash
wat
-
Ge0rG
unicode has failed
-
Zash
at what
-
Zash
https://xkcd.com/1953/
-
intosi
They just have to add teletext codepoints and colour selectors, and Bob's your uncle.
-
moparisthebest
that XKCD could not be more accurate
-
SaltyBones
MattJ, Zash: so one thing that was not completely explained yesterday is why we do mam queries with stanza-ID. Would it be so much more complicated to query by client ID?
-
Zash
SaltyBones: O(n)
-
SaltyBones
Can't you translate the client ID into something that can be an index? If I understand the problem correctly...
-
Zash
There's no index
-
Kev
Zash: There is an index, it's just not conventional.
-
SaltyBones
So what s the O(n)?
-
Kev
Searching the entire archive for the right id.
-
Zash
It avoids O(n) by being able to skip to the right day, because there's some time info embedded in the ID
-
SaltyBones
Interesting...
-
SaltyBones
So there is no index except a rough time?
-
Zash
The legacy thing I mentioned doesn't have an index, just a directory tree.
-
SaltyBones
And then it looks for the exact stanza-ID in the neighborhood?
-
Zash
And it's about as old as Prosody itself, and used for MUC
-
Zash
Who picks the stanza id in MUCs?
-
SaltyBones
Is there any way for the server to check if the queries stanza-ID was good?
-
SaltyBones
(efficiently)
-
SaltyBones
I suppose you already answered that...
-
Zash
And who picks the stanza id on messages from 2009?
-
SaltyBones
Are you asking me?
-
Zash
I'm actually talking about the thing behind http://logs.xmpp.org/xsf/
-
SaltyBones
Because I have no clue. ;/
-
SaltyBones
I m just wondering if we could avoid clients having to deal with stanza-IDs
-
SaltyBones
Maybe they could just query by timestamp
-
SaltyBones
I don't know. I'm just curious. ;)
-
Kev
As a client author, I don't think it's worth the effort. This is not providing much value, while many other things need solving.
-
lovetox
SaltyBones, if there was an easy solution the people here would already have done it
-
lovetox
everything has pro and cons
-
SaltyBones
I agree but some of those are invisible to me. ;)
-
SaltyBones
Kev: Would that hold even if you were writing one from scratch?
-
Kev
Yes.
-
SaltyBones
Ok
-
SaltyBones
Then I'll just type up a summary of this and yesterday's discussion for the mailing list.
-
Kev
As a server author, I also don't want to have ids that I need to index in some way being assigned to me instead of having me generate them (applies to resources as well as MAM, in fact) :)
-
lovetox
with current mam:2 the whole process is not elegant but it works
-
lovetox
so indeed there are other things we could spend energy on
-
moparisthebest
you already do Kev , JIDs for example
-
Kev
Not quite the same.
-
moparisthebest
it's an arbitrary string you have to index and search on
-
moparisthebest
pretty sure it's exactly the same
-
Kev
I promise it's not.
-
jonasw
SaltyBones, as a client author, I prefer bouncing another stanza ID around over using timestamps for querying
-
jonasw
timestamps are the most awful thing
-
SaltyBones
:)
-
moparisthebest
this trustico certificate business is the best entertainment I've seen for awhile
-
Zash
Anyone got any good arguments on this topic? https://mastodon.xyz/@HerraBRE/99605039095553757
-
SaltyBones
Good arguments for which side? ;)
-
moparisthebest
that's just dumb
-
moparisthebest
it's public knowledge that google etc just mines everyone's data, it's in their TOS
-
moparisthebest
he is saying a friend/family that hosts a server can also do that, which is true
-
moparisthebest
the solution is to use a protocol that lets you hide as much data as possible, so you can trust anyone else as little as possible
-
jjrh
Isn't the argument more that your friends/family are more likely to violate your privacy so being a needle in a haystack (aka using gmail vs a email hosting a family/friend setup and maintains) you probably are less likely to have your privacy violated
-
SaltyBones
Yes, and that the data mining by Google is less harmful than snooping spouses. At least short term that s probably true
-
SaltyBones
That's btw why I like e2e. I don't have access anymore. Awesome!
-
jonasw
yeah, great :)
-
jjrh
It's probably true that the negative consequences of someone snooping are far more likely to occur with friends/family. Google might read my email and find out i'm cheating on my wife but all they care about is knowing i'm a good candidate to advertise 2 star motels.
-
SaltyBones
jjrh: That is a wonderful example!
-
moparisthebest
jjrh, except it's public knowledge google violates *everyones* privacy all the time as a matter of business
-
Zash
Incentives
-
moparisthebest
so your likliehood of getting privacy violated on google is 100%
-
moparisthebest
seems like it could be less than 100% elsewhere...
-
jjrh
That's why I said the negative consequences of that.
-
moparisthebest
yea so if you are cheating on your spouse, you probably shouldn't use a server your spouse has access to
-
moparisthebest
but do we have to spell out obvious things?
-
Zash
Other than E2EE, is there anything that can be done in a world of federated friends&family servers wrt incentives for doing the right thing?
-
jjrh
E2EE? end to end encryption?
-
Zash
Y
-
SaltyBones
I think the problem is backwards. :)
-
SaltyBones
We are using F&F because we trust these people more than Google.
-
jonasw
this is a frustrating argument
-
jonasw
this is a frustrating evening
-
moparisthebest
well e2e but there is also things we can do to hide metadata
-
Zash
jonasw: Have you caught some common cold variant too?
-
moparisthebest
that I haven't proposed yet but might get around to some day :P
-
SaltyBones
jonasw: yoga?
-
jonasw
Zash, nah, just Qt
-
SaltyBones
Ah
-
jonasw
(Qt (a) doesn’t support libnotify for whatever f*ing reason there might be and (b) does awful and illogical things to my icons when shoing them in the systray)
-
jjrh
moparisthebest, I think it's more the grey area where you're not doing something obviously wrong but for various reasons may not want your wife to know.
-
moparisthebest
then you shouldn't use a server ran by your wife
-
moparisthebest
that's simple common sense
-
SaltyBones
The point is, trust relationships change but sometimes you notice too late.
-
SaltyBones
However, very often they don't.
-
moparisthebest
besides if you live with a server admin and use their server
-
moparisthebest
and switch to using google, they can also just mitm you or hack your computer
-
moparisthebest
so what's the point here
-
Zash
Having the server admin within a stones throw could serve as an incentive... :)
-
SaltyBones
So, I run my server with a friend who lives in a different country. Your argument simply does not apply.
-
jonasw
moparisthebest, different levels of criminal energy needed
-
SaltyBones
jonasw: maybe, all those things are pretty easy once you go down that road ;)
-
jjrh
Probably a more likely scenario is your wifes aunt runs a email server and snoops most likely unintentionally. The point is more that just because someone at google is - as you said constantly violating your privacy - the likely hood of a - at least immediate - negative impact is far lower
-
jonasw
setting up a sophisticated MitM proxy, installing a rogue CA certificate and ensuring that it can’t be reasonably circumvented requires much more criminal energy compared to grep -Rni "interesting thing" /var/lib/prosody/
-
SaltyBones
jonasw: just installing $snooping_app is also pretty trivial.
-
moparisthebest
I mean I run a server for my family that lives in this house, plus my mom who doesn't
-
moparisthebest
but I also handle all the stuff on my mom's computer too
-
moparisthebest
whether I snoop on the server is irrelevent
-
jonasw
also fun fact: i recently heard a fun story from employees at a *large* international payment processor. apparantly it’s common to find some amusement in the transaction comments, especially since some .. uhm .. adult recreational toy? stores appear to put your whole order list in there :)
-
SaltyBones
jjrh: What bothers me about this is that long term all this data collection about us might have negative consequences. And then it will be very hard to fix. :)
-
moparisthebest
if this is a problem for you the solution is e2e not switch to google
-
moparisthebest
that's insane
-
moparisthebest
SaltyBones, yea it's just harmless data until it gets you and generations of your descendents murdered https://jacquesmattheij.com/if-you-have-nothing-to-hide
-
jonasw
jjrh, precisely the reason why I hate to debug email issues. it often involves looking at logs or data i don’t even want to see.
-
jjrh
I'm by no means saying it's better to use google/be a needle in a haystack. Just that the arguement holds some validity that it's probably true privacy violations with negative impacts are more likely from friends and family.
-
moparisthebest
well that entirely depends on the specific situation you are in though
-
moparisthebest
cheating on your wife - true
-
moparisthebest
planning to blow up a power plant - false
-
jjrh
That's true and really we are basing the idea it's more likely off the assumption the majority of murders/sexual abuse are from friends and family equates to privacy
-
jjrh
Which sounds reasonable but I don't actually know if that's true or not.
-
moparisthebest
if your family is the murdering/abusive type then maybe consider using a different provider
-
moparisthebest
OR MAYBE MOVE AWAY OR SOMETHING MORE SENSIBLE THAN CONSIDERING CHAT PROVIDERS
-
jonasw
it’s not always as simple as that, I bet
-
Zash
It's never easy
-
jonasw
relationships are much more tricky than "don’t do that"
-
jjrh
I tend to want to implicitly trust someone. If I can't trust that you won't ignore the email client I left open when you're checking something unrelated why would I associate with you?
-
Zash
Society is built on lots and lots of implicit trust in others.
-
Zash
Crypto is actually kinda weird in that regard
-
jjrh
Not really - if we could actually trust everyone no one would think about crypto
-
Zash
I mean, a locked door isn't really all that secure, but it's a social signal and you trust most people to respect that most of the time.
-
Zash
.
-
Zash
Net-hickup
-
jjrh
I mean if no one stole anything we wouldn't lock doors
-
moparisthebest
I know people who still don't
-
moparisthebest
I think that's a little dumb, but it's never been a problem yet...
-
Zash
The lock itself is only a part of why.
-
Zash
Morality, the justice system and insurance
-
Zash
The locks themselves just need to be enough of a road block that someone who gets past it clearly demonstrated intent
-
moparisthebest
well there are people that would take something if it wasn't locked, but would never break a lock
-
moparisthebest
that saying a lock keeps an honest man honest or something
-
jjrh
https://www.youtube.com/watch?v=MLjifumRk3Q
-
Seve
-w can
-
Ge0rG
E2EE won't solve the abusive admin problem, because the admin will just look for your metadata
-
moparisthebest
again totally depends on what you expect to remain private
-
moparisthebest
and I think we can do more to minimize metadata in xmpp, in combination with e2e
-
Zash
Which point on the security vs convenience scale do you want?
-
moparisthebest
it's nice to be able to choose
-
jonasw
nah
-
Zash
Choice is hard
-
Ge0rG
moparisthebest: most people can't choose what they want, not even people from this MUC.
-
moparisthebest
have you seen that chat system someone made that requires 3 computers at each end that communicate over 1-way optical links ?
-
jonasw
kthxno
-
moparisthebest
I'm trying to find it but failing...
-
moparisthebest
anyway, that's the 'secure' end of the scale
-
Zash
Let's have that quantum entanglement thing, that'll probably solve all problems!
-
jonasw
I need a quantum bingo
-
jjrh
It's more what the default should be.
-
jjrh
majority of users will use what's default
-
moparisthebest
found it https://github.com/maqp/tfc/
-
moparisthebest
Tinfoil Chat
-
Zash
Send a physical letter!
-
moparisthebest
the diagrams and entire system really is amazing
-
Zash
It's got way better legal protections afaik
-
jjrh
Would be better with photocell and led's. I don't trust optocouplers black box.
-
moparisthebest
yea I think he said the original design had that
-
moparisthebest
or that he based it off that or something
-
moparisthebest
you might as well go all the way if you are going this far I think
-
jjrh
yeah