-
Syndace
Following recent discussions about an alternative OMEMO implementation (licensed under a more permissive license than GPL), I want to inform you, that I am currently revisiting my python implementation and I am very happy with what I'm seeing. My implementation uses pynacl (python bindings to the libsodium library), is licensed under MIT and was written from scratch not depending on libsignal. The only puzzle piece I am missing is XEdDSA, which I have a hard time implementing myself. (I can't even tell you why, the algorithm is not too complex but somehow it just won't work :D) I expect the library to be ready for release about one week after I can get XEdDSA to work.
-
Ge0rG
Syndace: it would be great to have more client developers on board, Gajim and poezio maybe?
-
Zash
Has the XEP moved forward on that issue yet?
-
Ge0rG
Are the implementations out there already using the XEP namespace?
-
Syndace
Ge0rG, what do you mean "on board"? As soon as it's released I'm happy about anyone contributing or using the lib, whether the big clients will actually use it is not in my power to decide, but I'll be happy to adjust things to their likings.
-
Syndace
Also just to clarify, I'm not doing any xmpp stanza specific stuff, I'm only doing the crypto (and a bit of the wire format).
-
Ge0rG
Syndace: I'm not closely following the development, but AFAICT there are two different OMEMO libraries in python
-
Syndace
Ge0rG, AFAIK the other one is just a binding to libsignal and not actively maintained
-
Syndace
...and gpl aswell
-
Ge0rG
Syndace: either way, it might be a good thing to plug on the xmpp Newsletter
-
Syndace
Oh, there is a newsletter... :D
-
pep.
What's the issue with GPL, it's not like it wouldn't work with gajim or poezio already. The distribution channel would have to be different that's it
-
pep.
Syndace: it's all new!
-
Syndace
GPL is a thing of taste, we had the discussion in jdev@ a few days ago. It's more about all the available implementations using libsignal, thus OMEMO can't really move forward.
-
daniel
it's awesome that there will be a non-gpl library soon. however gpl hasn't really stopped omemo thus far. i think by now the number of omemo implementations outnumbers the number of jingle file transfer implementations
-
moparisthebest
pep.: Whiny people who hate the gpl seem to be the only problem with the gpl :)
-
moparisthebest
And yes that, seems people who do the actual work don't care, so just ignore the noise
-
Zash
Counter-example: Swift?
-
SaltyBones
swift doesn't have omemo because of gpl?
-
Zash
Disregarding people who can't use GPL code for legal reasons as "whiny peolpe"..
-
marmistrz
Zash: can't they simply move to GPL?
-
Zash
It is GPL
-
Zash
The issue was probably more complicated but I don't know all about that
-
Syndace
How do you send private messages in a MUC o.O?
-
Syndace
That's the first time I saw that :D
-
SaltyBones
depends on your client ;)
-
SaltyBones
maybe you don't ;)
-
Syndace
Conversations atm?
-
Syndace
I'll just answer for everyone here: I don't have a channel or anything for my OMEMO hacking, it's just something I did on my own when I was bored :D
-
SamWhited
Syndace: long press the persons avatar enters the private message mode
-
Syndace
But if anyone wants to talk about it, feel free to create a small muc or pm me
-
Syndace
SamWhited, ah thanks
-
j.r
How can I make something like TTL for xmpp messages?
-
daniel
I think it's pretty rare that a stanza has more than two hops...
-
Zash
MUC
-
daniel
Right
-
daniel
I was about to say. Maybe four if you count muc
-
Ge0rG
Maybe the question is about actual time, not hop count?
-
Zash
-xep amp
-
Bunneh
Zash: Advanced Message Processing (Standards Track, Draft, 2005-11-30) See: https://xmpp.org/extensions/xep-0079.html
-
Zash
That has expiry, right?
-
Zash
But does it have implementations?
-
Ge0rG
https://xmpp.org/extensions/xep-0079.html#conditions-def-expireat
-
j.r
> Maybe the question is about actual time, not hop count? Yes
-
daniel
Amp is not a good xep if you want to implement self destructible messages
-
j.r
> https://xmpp.org/extensions/xep-0079.html#conditions-def-expireat Does this also work with Clients? I mean do they delet the message after the expiration?
-
jonasw
probably not
-
daniel
Of course not.
-
daniel
Only works in proprietary systems
-
j.r
Yes and that's the thing I would have how can a already deliverd message be destroyed on the client?
-
daniel
Just make up your own extension
-
Zash
<clippy> It looks like you want to implement DRM. Please don't.
-
daniel
I lost count on how many times I implemented that
-
j.r
> <clippy> It looks like you want to implement DRM. Please don't. No I just want self destroying messages like in Telegram
-
jonasw
that’s DRM :-)
-
jonasw
j.r, self-destructing messages don’t really work in a federated system.
-
jonasw
they don’t even really work in a non-federated non-proprietary system
-
jonasw
but in a federated, non-proprietary system there’s no chance.
-
Zash
It's incompatible with universal turing machines under the control of users.
-
jonasw
yeah
-
Zash
Just like DRM
-
Zash
Logical impossibility.
-
jonasw
Zash, how about Secure Enclave? :>
-
daniel
jonasw: depends on your definition of work
-
jonasw
daniel, "is an actual security device which can be relied upon"
-
Zash
jonasw: I don't know what you are talking about and I probably don't want to.
-
j.r
OK so it isn't possible in Xmpp right?
-
Zash
And don't mention homomorphic computation!
-
daniel
j.r: yes it is.
-
daniel
But not in jabber
-
jonasw
Zash, let me ruin your day: that fancy feature in intel processors (SGX) where you can run stuff in isolation from the OS. nice for cloud users, because they can be sure that their stuff is untouched by the provider via remote attestation and whatnot. but in the end it’ll probably be used to make DRM (more) watertight.
-
j.r
> j.r: yes it is. > But not in jabber OK bad to know
-
jonasw
you can of course invent something and try to make clients implement it. but if a new (or very old) client doesn’t implement it, tough luck.
-
jonasw
not to mention actively evil clients
-
j.r
> you can of course invent something and try to make clients implement it. but if a new (or very old) client doesn’t implement it, tough luck. > not to mention actively evil clients Ok
-
jonasw
but an actively evil telegram client or a thing which screencaps the device/whatever would do the same
-
jonasw
self-destructing messages is bullshit
-
Zash
You can have an <please-delete-me after="timestamp"/>, but you can't be 100% sure that it'll be respected
-
Zash
If you are ok with that then go for it
-
jonasw
yeah, that
-
Zash
Altho that applies to all protocol
-
j.r
> You can have an <please-delete-me after="timestamp"/>, but you can't be 100% sure that it'll be respected > If you are ok with that then go for it But that's possible?
-
Zash
Thanks to the X in XMPP, yes
-
Zash
And with caps, you can know if other clients claim to suppport it
-
Zash
But with MAM and carbons...
-
jonasw
you’d have to check that all the peers clients and the peers MAM support it.
-
Zash
And your own MAM
-
jonasw
and then hope that they don’t come online after you sending t he message with another client which supports MAM but not your fancy deletion protocol
-
jonasw
yeah, that too
-
Zash
and your own other clients
-
jonasw
lots of moving parts
-
Zash
So, not really something that can reliably be deployed in an open system
-
j.r
OK thank you
-
Kev
Deeply offtopic, but - if installing a Linux desktop these days, does one bother with swap? 16GB RAM.
-
jonasw
Kev, depends on whether you want to be able to do suspend-to-disk
-
jonasw
if not, probably not. killing whatever is eating 16 GiB RAM is *probably* better than freezing your system while trying to swap.
-
Kev
Ta.
-
jonasw
especially if you do development work. I always try to remember to swapoff -a just in case I create memleak.
-
jonasw
*create a memleak
-
Kev
Just put an SSD in my games laptop and thought I might as well dual-boot Ubuntu. So let's see how badly this wrecks booting Windows :)
-
Zash
Swap enabled but swappiness tuned down
-
jonasw
(I once had a memleak which filled memory *so* fast that I didn’t realize it was a memleak and thought it was just killing the GPU (some graphics stuff). took me a while to realize...)
-
Kev
Good show.
-
Zash
IIRC the thing is that without swap, you get the OOM killer as soon as memory is filled
-
jonasw
yeah, that’s a feature if memory isn’t going to be filled unless by accident
-
Zash
s/by accident/by hip electron app of the month/
- jonasw looks at free
-
pep.
Kev: I don't have swap tbh, but I'm not a RAM eater
-
jonasw
Kev, okay, add some swap. I am currently at 21 GiB used and I don’t even know how.
-
jonasw
much of it seems to be firefox
- Zash looks at htop
-
Kev
Too late now, OS is half installed :(
-
Zash
Why is all my RAM used?
-
jonasw
ah well
-
Zash
WebKitWebProcess 25..38
-
Zash
And Firefox
-
jonasw
Kev, yeah, it’ll probably be fine. and if it isn’t, you can still add a swapfile
-
pep.
Also btrfs. I would need to have a separate partition not as a volume like my rootfs or homefs
- Zash has vm.swappiness=10 now apparently
-
Zash
I read some long rant that convinced me that running without swap was bad and swappiness=0 was bad
-
Ge0rG
pep.: you should stop whatever you are doing and migrate away from btrfd
-
Ge0rG
*btrfs
-
marc
Ge0rG, are you going to respond to Kevs mail regarding 401?
-
Ge0rG
marc: the one about using data forms?
-
marc
Ge0rG, the last one from 28.02
-
marc
ping
-
Ge0rG
marc: I came to the conclusion that Kev is right and that data forms are the right way to go
-
marc
Ge0rG: okay, if everybody is fine with it let's merge my two PRs?
-
Ge0rG
marc: yes please. Cc jonasw
-
Ge0rG
marc: yes please. Cc jonasw
-
Ge0rG
marc: yes please. Cc jonasw
-
marc
Ge0rG: did you write the last message two times?
-
moparisthebest
j.r: is there any protocol where self destructing messages work?
-
Ge0rG
marc: no, it looks like a bug in yaxim
-
moparisthebest
Ie that prevents even something simple like a picture of the screen
-
marc
Ge0rG: okay, because C shows it two times, Gajim only once
-
moparisthebest
Because you could implement it in xmpp the same way, and it'd work with the same level of security, that is, none
-
Ge0rG
And yaxim shows it three times. 🤦♂️
-
Zash
I see three, last one delayed
-
Zash
Out of order too
-
marc
strange
-
Ge0rG
Could somebody pm me the raw xml please
-
Ge0rG
Oh, looks like a race condition during stream resumption, where sending a message right before <resumed/> will duplicate it
-
Ge0rG
And then it also becomes an "offline message" in yaxim, causing a third transmission
-
Zash
It doesn't actually get sent on the wire before <resumed/> tho?
-
Zash
orwait
-
Ge0rG
Zash: it's sent after <resume>
-
Zash
Between <resume> and <resumed> be dragons.
-
Ge0rG
Yes. Plenty of them
-
Zash
It's nice being the server in that case.
-
Ge0rG
Zash: because you can just queue messages as long as there is a zombie session?
-
edhelas
https://petermolnar.net/instant-messenger-hell/