XSF Discussion - 2018-03-19

  1. Holger has left
  2. Guus has left
  3. alexis has left
  4. Dave Cridland has left
  5. Dave Cridland has left
  6. Guus has left
  7. la|r|ma has left
  8. Dave Cridland has left
  9. Dave Cridland has left
  10. Dave Cridland has left
  11. Dave Cridland has joined
  12. lskdjf has joined
  13. Dave Cridland For what it's worth, we copied the password text straight from the original, and the security considerations are really a first cut, but I think passwords are fine here, it's just that they're not real security.
  14. lovetox has left
  15. Guus has left
  16. lumi has left
  17. lumi has joined
  18. Guus has left
  19. Guus has left
  20. Dave Cridland has left
  21. Dave Cridland has left
  22. valo has joined
  23. SamWhited has joined
  24. Guus has left
  25. waqas has left
  26. waqas has joined
  27. waqas has left
  28. nyco has left
  29. nyco has joined
  30. waqas has joined
  31. waqas has left
  32. waqas has joined
  33. waqas has left
  34. waqas has joined
  35. waqas has left
  36. waqas has joined
  37. Guus has left
  38. Guus has left
  39. blabla has joined
  40. Syndace has left
  41. Syndace has joined
  42. Guus has left
  43. Steve Kille has left
  44. jere has joined
  45. Guus has left
  46. Guus has left
  47. valo has joined
  48. Guus has left
  49. Guus has left
  50. mrdoctorwho has left
  51. Guus has left
  52. moparisthebest has joined
  53. lskdjf has left
  54. Guus has left
  55. alexis has left
  56. ralphm has left
  57. Guus has left
  58. Guus has left
  59. jere has joined
  60. Dave Cridland has left
  61. Dave Cridland has left
  62. tux has joined
  63. Guus has left
  64. Guus has joined
  65. SamWhited has left
  66. la|r|ma has joined
  67. rion has joined
  68. Guus has left
  69. rion has left
  70. rion has joined
  71. Guus has left
  72. Guus has left
  73. rion has left
  74. Guus has left
  75. ralphm has left
  76. Dave Cridland has left
  77. Dave Cridland has left
  78. Dave Cridland has left
  79. Dave Cridland has left
  80. Guus has left
  81. alexis has left
  82. Nekit has joined
  83. rion has joined
  84. Guus has left
  85. Guus has left
  86. Guus has joined
  87. rion has left
  88. Dave Cridland has left
  89. Dave Cridland has left
  90. alexis has left
  91. Guus has left
  92. lumi has left
  93. Yagiza has joined
  94. alexis has left
  95. Guus has left
  96. Guus has joined
  97. Zash has joined
  98. rion has joined
  99. matlag has joined
  100. matlag has joined
  101. Guus has left
  102. mimi89999 has left
  103. mimi89999 has left
  104. mimi89999 has joined
  105. j.r has joined
  106. j.r has joined
  107. Ge0rG has left
  108. Guus has left
  109. ralphm has left
  110. j.r has joined
  111. j.r has joined
  112. Guus has left
  113. goffi has joined
  114. Guus has left
  115. Dave Cridland has left
  116. Dave Cridland has left
  117. marmistrz has left
  118. LNJ has joined
  119. Guus has left
  120. Guus has left
  121. Dave Cridland has left
  122. Dave Cridland has left
  123. marmistrz has left
  124. Dave Cridland has left
  125. waqas has left
  126. Guus has left
  127. LNJ has left
  128. ralphm has left
  129. Dave Cridland has left
  130. goffi has left
  131. Dave Cridland has left
  132. Dave Cridland has left
  133. Dave Cridland has left
  134. Dave Cridland has left
  135. alexis has left
  136. SaltyBones Passwords are not real security? :)
  137. ludo has joined
  138. @Alacer has left
  139. jonasw Ge0rG’s implementing at-least-once semantics :)
  140. @Alacer has joined
  141. @Alacer has left
  142. remko has joined
  143. @Alacer has joined
  144. Ge0rG SaltyBones: MUC passwords aren't
  145. rion has left
  146. Dave Cridland has left
  147. Dave Cridland has left
  148. j.r has joined
  149. tim@boese-ban.de has joined
  150. marc has left
  151. Guus has left
  152. moparisthebest has left
  153. j.r has joined
  154. nyco has left
  155. nyco has joined
  156. ralphm has joined
  157. SaltyBones has left
  158. Kev has joined
  159. Guus has left
  160. ludo has left
  161. Dave Cridland has left
  162. Dave Cridland has left
  163. Andrew Nenakhov has left
  164. Andrew Nenakhov has joined
  165. alexis has left
  166. Andrew Nenakhov has left
  167. Andrew Nenakhov has joined
  168. Steve Kille has joined
  169. Guus has left
  170. Guus has left
  171. rion has joined
  172. SaltyBones has joined
  173. Dave Cridland has left
  174. Guus has left
  175. Dave Cridland has left
  176. Ge0rG has left
  177. Zash has left
  178. Dave Cridland has left
  179. SaltyBones Ge0rG, why not? I have no clue how those work...
  180. jonasw <password>foo</password>
  181. jonasw seen by your server
  182. Steve Kille has left
  183. Zash I haven't really seen many password-protected MUCs
  184. jonasw yeah, members-only feels more effective and useful anyways
  185. Steve Kille has joined
  186. alexis has left
  187. alexis has joined
  188. Ge0rG has joined
  189. Valerian has joined
  190. Steve Kille has left
  191. Valerian has left
  192. Valerian has joined
  193. remko has left
  194. daniel has left
  195. moparisthebest has joined
  196. daniel has left
  197. remko has left
  198. Zash A one-time-use password that grats membership would have been nice. Probably could hack it serverside, but are clients going to keep sending the password?
  199. jonasw Zash, that’s the MUC invitation thing I asked for a few months ago when the whole PARS stuff was going on
  200. Ge0rG has joined
  201. Guus has left
  202. Alex has joined
  203. ludo has joined
  204. ralphm has left
  205. ralphm has joined
  206. Zash How often are people changing their bookmarks from two clients at once?
  207. Zash I had the same question about MAM settings IIRC
  208. MattJ As I said on the list, the same applies to just about every operation we have
  209. nyco has left
  210. Zash -xep 0395
  211. Bunneh Zash: Atomically Compare-And-Publish PubSub Items (Standards Track, Experimental, 2017-11-29) See: https://xmpp.org/extensions/xep-0395.html
  212. Zash Oh dear publish-options
  213. nyco has joined
  214. ralphm has joined
  215. Zash MattJ: Oh, you said that now? I was still reading the one before yours :)
  216. ludo has left
  217. xnyhps has left
  218. SaltyBones has left
  219. SaltyBones has joined
  220. Dave Cridland has left
  221. marmistrz has left
  222. flow xep395 was written with things like groupchat subject nodes in mind, FWIW
  223. tux has joined
  224. flow i.e. items that could be potentially modified by multiple entities
  225. Guus has left
  226. Dave Cridland has left
  227. Dave Cridland has left
  228. Dave Cridland has left
  229. Dave Cridland has left
  230. Nekit has joined
  231. Dave Cridland has left
  232. Guus has left
  233. SaltyBones has left
  234. Ge0rG has left
  235. Alex has left
  236. Ge0rG has left
  237. daniel has left
  238. Ge0rG has left
  239. efrit has joined
  240. ludo has joined
  241. Alex has joined
  242. ludo has left
  243. ludo has joined
  244. daniel has left
  245. daniel has joined
  246. Guus has left
  247. ludo has left
  248. tim@boese-ban.de has left
  249. jubalh has joined
  250. jubalh has left
  251. lumi has joined
  252. efrit has left
  253. ludo has joined
  254. pep. Fun fact, related to the groupchat terminology thread, https://docs.mattermost.com/help/getting-started/organizing-conversations.html, Mattermost has "private channels" _and_ "group messages", that are literally the same thing from what I understand, apart that group messages are limited to 7 members.
  255. pep. *puzzled*
  256. Valerian has left
  257. Valerian has joined
  258. ludo has left
  259. alexis has left
  260. alexis has joined
  261. alexis has joined
  262. alexis has left
  263. Valerian has left
  264. alexis has joined
  265. pep. "Group message channels are useful for fluid/ad-hoc conversations among users. Private channels are more useful when there's a concrete topic to discuss and you want to preserve the message history, or at least have an easy way to collect and refer to it later. You can also add more people to an existing private channel conversation and make it public later." From a mattermost person.
  266. jonasw so for group messages there’s no history?
  267. pep. apparently.
  268. jonasw hmm
  269. pep. I don't like this split personally
  270. pep. I want history, everywhere, all the time
  271. jonasw that solves the "what about history in an ad-hoc group discussion?" issue clearly :D
  272. jonasw pep., was discussed at summit, it’s not trivial
  273. pep. how so
  274. jonasw for example, group conversation between Alice, Bob and Carol. At some point, Bob and Carol talk about Dianne, maybe planning an Intervention for her weird behaviour regarding hats. Then the discussion evolves and they need to invite Dianne to discuss some plans next week.
  275. jonasw if Dianne has access to the history, that’s bad
  276. jonasw if Alice, Bob and Carol need to do UI dances to prevent her from doing so, that’s also bad.
  277. pep. they create another channel and move on?
  278. Kev I like Slack's approach here, personally.
  279. jonasw Kev, how does slack handle this?
  280. Kev "Would you like to preserve history? If you do, Dianne will be able to see it. If you don't, it will be removed for everyone"
  281. jonasw (also, I have no idea how I came up with the hats thing and now I kinda want to know what Dianne does with hats.)
  282. jonasw Kev, when inviting a new person or when first creating the channel?
  283. Kev It's not perfect, obviously, but it's functional enough and not surprising.
  284. Kev When inviting a new person to a private channel.
  285. alexis has joined
  286. jonasw that’s neat
  287. Zash It's possible to restrict history to only those present to see it
  288. jonasw Zash, with MUC, that’s not great either, because you drop out temporarily during connectivity issues.
  289. marmistrz has left
  290. Zash jonasw: Well, you can base it on affiliation, not presence.
  291. jonasw Zash, right
  292. Kev Most people have no affiliation
  293. Kev But yes.
  294. Zash Depends on the room
  295. jonasw Kev, in private channels, you’d typically need member affiliation
  296. jonasw because you want them to be members-only
  297. Zash If it's for private team chat then they probably do
  298. jonasw so that makes sense.
  299. pep. I usually set affiliations on my channels
  300. Kev It's not hugely straightforward to limit per-message history based on affilation at that time, though.
  301. efrit has joined
  302. pep. But that could be automated anyway
  303. Kev Possible, obviously, but not hugely straightforward.
  304. jonasw Kev, implementation-wise?
  305. Kev Yeah.
  306. pep. jonasw> if Dianne has access to the history, that’s bad jonasw> if Alice, Bob and Carol need to do UI dances to prevent her from doing so, that’s also bad. pep.> they create another channel and move on? jonasw ^, probably what's happening internally in mattermost already
  307. pep. When inviting a new person
  308. Zash I imagine it gets complicated if you want newly invited persons to see some history from before they were invited, but not all
  309. Zash Where on the metaphorical scale from 'actual private room' to 'written notes on a public board' scale do you wanna be?
  310. jonasw has left
  311. jonasw has joined
  312. Zash "bulletin board" was the term
  313. pep. Everybody's got different use cases, so trying to please everyone is hard
  314. pep. I think we should just give up already
  315. jonasw rm -rf xmpp.org
  316. pep. git push
  317. Zash The life of a potato-farming hermit is the ultimate solution
  318. nyco has left
  319. Andrew Nenakhov has left
  320. Andrew Nenakhov has joined
  321. pep. Is there any "goal" defined by the XSF as to what they're trying to achieve. What public they're targetting
  322. edhelas ln -s xmpp.org matrix.org
  323. jonasw edhelas, :(
  324. jonasw pep., no
  325. Zash pep.: XEP-hearding
  326. pep. If not I thought that should be on the list
  327. jonasw yeah, that
  328. Zash herd-ing?
  329. Zash how2engrish
  330. Andrew Nenakhov has joined
  331. pep. I think.
  332. jonasw the XSF isn’t targeting any public. the folks authoring XEPs and developing software are.
  333. pep. Yeah, that's a bit too broad
  334. jonasw the subgroup of that which is interested in making a good IM system should probably come up with something though.
  335. Zash I do think it'd be nice if Council or Board wrote some kind of vision statement.
  336. edhelas the issue is that lots of app are also using XMPP for non-IM stuff
  337. pep. Then I can just read the statement and say "Ok I want in", or "It's not for me", and not try hard to move it my way when it's never going to go where I want
  338. edhelas I fully understand that it's the core thing but sometime it's a bit too focused
  339. edhelas https://mail.jabber.org/pipermail/standards/2018-March/034655.html
  340. edhelas also with the Markdown/XHTML-IM thing
  341. Valerian has joined
  342. alexis has left
  343. alexis has joined
  344. jonasw I wish we had a way to link to/show in the XEP list different versions of the same XEP easily.
  345. nyco has joined
  346. jonasw in the context of the compliance suites
  347. vanitasvitae that would be great indeed
  348. jonasw it would be great to have a current version which is shown by default when accessing the link
  349. jonasw and a staging version where development of the new release takes place
  350. vanitasvitae Its frustrating to find out what changed from one version to another without using git
  351. vanitasvitae also the attic is often missing versions which complicates the situation even more
  352. daniel has left
  353. daniel has joined
  354. jonasw yeah, I’m sorry
  355. jonasw attic is a manual process
  356. jonasw gotta run, see you later
  357. vanitasvitae it shouldn't be though
  358. vanitasvitae 🙂
  359. Zash "historical reasons"
  360. jonasw has left
  361. Neustradamus has left
  362. Neustradamus has joined
  363. Kev We used to have the difftool, but history wasn't kind to it.
  364. Zash I do have a half-working markdown based comparison tool
  365. Zash Just needs motivation and time
  366. daniel has left
  367. daniel has joined
  368. daniel has left
  369. daniel has joined
  370. daniel has left
  371. daniel has joined
  372. lumi has joined
  373. daniel has left
  374. vanitasvitae has left
  375. daniel has joined
  376. efrit has left
  377. matlag has joined
  378. matlag has joined
  379. la|r|ma has joined
  380. Tobias has joined
  381. Andrew Nenakhov has left
  382. Andrew Nenakhov has joined
  383. Guus has left
  384. Guus has left
  385. Andrew Nenakhov has left
  386. Andrew Nenakhov has joined
  387. lumi has joined
  388. Valerian has left
  389. Valerian has joined
  390. mimi89999 has joined
  391. Holger has left
  392. Kev has left
  393. Valerian has left
  394. la|r|ma has left
  395. Guus has left
  396. la|r|ma has joined
  397. ludo has joined
  398. Valerian has joined
  399. marmistrz has joined
  400. pep. There's no standard place for a server to advertise privacy policy, EULA, etc., from what I understand. It would be good to have one
  401. jonasw yes.
  402. pep. Would it make sense to incorporate that in an existing XEP? A New one?
  403. jonasw pep., cp xep-template.xml inbox/eula.xml && $EDITOR inbox/eula.xml
  404. pep. :P
  405. pep. Something à la {xep contact}?
  406. Bunneh pep.: Multiple matches: Contact Addresses for XMPP Services https://xmpp.org/extensions/xep-0157.html Metacontacts https://xmpp.org/extensions/xep-0209.html
  407. alexis has left
  408. pep. 0157
  409. alexis has joined
  410. ludo has left
  411. moparisthebest has left
  412. Zash Something in IBR(2?) probably
  413. marmistrz has joined
  414. pep. Would make sense. I guess you can already do that with forms? Or just redirect to a web page for the whole thing, but I do prefer the "in-band" part of IBR.
  415. pep. Though admittedly, EULA would most likely be an http link
  416. jonasw it would be good to hvae the common things as structured data so that clients can display a summary
  417. jonasw like: [ ] encrypted storage data automatically deleted after [ ] days …
  418. Zash It would be good if this could be negotiated
  419. Zash As in, that the client can say "I understand these things"
  420. Zash Or you end up like if you try to use extended registration forms now, with nothing working and no way to indicate why
  421. jonasw Zash, yeah sure
  422. pep. yeah, having data forms support for IBR in clients would help
  423. lskdjf has left
  424. moparisthebest "XEP-XXXX Standardized list of things server admins can lie about" ?
  425. moparisthebest keeps logs, encrypted storage, we promise to try SUPER HARD not to look at your data
  426. pep. moparisthebest, better than non standardized list of things that server admins can lie about? :)
  427. jonasw moparisthebest, sure, they can lie about, but if they make false statements they’re liable for that
  428. Zash Can't just go on the internet and tell lies
  429. jonasw but statements are required as per EU-GDPR
  430. moparisthebest just seems super useless
  431. jonasw so better have some standardised way to make it easy for everyone
  432. moparisthebest oh who would have guessed govt regulation would turn out to be useless :)
  433. Zash Um
  434. pep. moparisthebest, you trust or you don't trust statements of your server admin, that's your issue
  435. pep. But let them tell their lies
  436. moparisthebest pep., I'd rather avoid the false sense of security and foster a healthy distrust of server admins
  437. Zash Civilized society needs its privacy statements and agreements.
  438. pep. moparisthebest, I want my users to be aware of how I operate
  439. pep. Otherwise they don't get to use my service
  440. moparisthebest meh I don't think it does Zash , I'd prefer to just solve the problem with technology
  441. moparisthebest otherwise why even bother with things like TLS ? just ask intermediaries to promise not to look at your traffic?
  442. Zash You know what they say about technical solutions to social problems?
  443. Zash Why bother with locks. It's pretty easy to pick them anyways.
  444. Zash Locks aren't entirely a techical thing. It's part social signal, part technical.
  445. Zash And then things like the legaly system to deal with people who break it. And insurance to reduce the damages.
  446. Zash Main reason why TLS needs to basically be perfect is that those civilization things don't scale to Internet-sized groups
  447. waqas has joined
  448. moparisthebest I guess the scaling thing is the concern, if I run a server for friends/family, we don't need any statements/agreements, and if I run a server for the public, statements/agreements are useless because they are unenforceable anyway, and they don't trust me
  449. Zash I do wonder how GDPR relates to self-/small-group-of-friends hosting
  450. marmistrz has joined
  451. jonasw Zash, tricky, I’m not sure if third parties can hold you liable.
  452. marmistrz has left
  453. Zash moparisthebest: Myeah, we haven't completely figured out how society works with Internet-scale communications yet.
  454. jonasw moparisthebest, let’s talk about unenforceable again when the privacy regulator comes knocking on your door because there’s evidence that your public service stored my messages without my consent :)
  455. jonasw (of course, you can point at your records and say "but you enabled MAM" and then I’m like "wtf are you talking about" and then we figure out that my client did that behind my back and now nobody knows who the f* is actually liable for that)
  456. alexis has joined
  457. Zash We can't have 100% perfect enforcement. But most people are mostly honest most of the time, so usually things work out fine.
  458. jonasw (alternatively, you figure out that prosody has been enabling MAM without explicit consent since forever and you’re screwed because you didn’t properly vet the software you’re using)
  460. jonasw pep., speaking of things, one probably also needs versioning for the privacy policy when we’re doing that
  461. jonasw Zash, that’s why I said "you’re screwed" and not "the prosody folks are screwed" :)
  462. jonasw pep., so that servers can keep track of the version of the policy accepted by the user and re-ask them when things ch ange
  463. Zash The balancing act between consent of the user, intent of the admin, UX ...
  464. moparisthebest also how do they expect to enforce this over the 90% of internet they have 0 control over?
  465. moparisthebest I'm not even sure if, being a US citizen, this applies to me if my server is in germany...
  466. Zash Yeah, how do these things work with federation?
  467. jonasw moparisthebest, it obviously only affects entities offering services in the EU.
  468. jonasw moparisthebest, doesn’t matter, it applies to you if you have EU customers.
  469. jonasw (or users)
  470. moparisthebest jonasw, citizens of EU, servers of EU, or users in EU
  471. moparisthebest ok, so users in EU, and if I don't comply, how do they expect to force me to?
  472. jonasw I have no idea
  473. jonasw but users may prefer EU services over US services for this reason.
  474. moparisthebest if I visit the EU one day they arrest me? :P
  475. Zash Extradition agreements are fun.
  476. moparisthebest I'll just never come to EU then I guess
  477. jonasw just like I’ll never come to the US :-)
  478. jonasw or russia for that matter.
  479. moparisthebest Zash, I can't imagine those would apply, that'd be kind of crazy
  480. moparisthebest oops an EU user accessed the server you run in your house in USA, we are gonna send you to EU prison now...
  481. jonasw moparisthebest, EU is taking data protection rather seriously nowadays, I’m not sure what the punishments are though.
  482. Zash moparisthebest: Uh, I'd rather imagine that the EU isn't insane like that.
  483. Zash Glob help you if you share some copyrighted files tho
  484. jonasw having the GDPR stuff pre-IBR via stream feature magic would be great, it could be incorporated into xmpp.net
  485. jonasw if anybody dares to touch the code that is.
  486. moparisthebest so speaking of what Zash said, bob.com promises no logs, but bob@bob.com messages tom@tom.com and tom.com logs *everything*
  487. moparisthebest how does this work?
  488. jonasw moparisthebest, no idea.
  489. daniel has left
  490. moparisthebest did the administrator of bob.com just break a law
  491. jonasw probably not
  492. daniel has joined
  493. Zash moparisthebest: As I said, clarity on how these things relate to non-commercial self-hosting would be good.
  494. moparisthebest ah that gives you a warm and fuzzy feeling
  495. jonasw can the XSF sponsor a lawyer to figure out those use-cases?
  496. moparisthebest I'm probably not going to jail for running a public xmpp server :)
  497. Zash jonasw: and/or the IETF?
  498. jonasw Zash, maybe
  499. jonasw should put that on boards agenda
  500. moparisthebest everyone run their own xmpp server! you might not even go to jail for it in the EU! :)
  501. Zash Operators of email and other federated things are probably interested as well
  502. moparisthebest yea the answer would probably be identical for email
  503. Zash moparisthebest: It depends!
  504. Zash Email is store-and-forward.
  505. Zash IM is ... not?
  506. Zash Wasn't.
  507. Zash Is now, with MAM :/
  508. Zash Data at rest is considered differently from data in flight.
  509. Zash Sometimes? IANAL.
  510. moparisthebest well smacks is kinda store and forward, so is offline messaging, muc backlog thing
  511. moparisthebest I think it's safe to say 99% of xmpp messages today are store and forward, or at least you can't tell when sending them so you have to treat them as such?
  512. Zash Technically, it's all store and forward
  513. Zash Down to the packet routing
  514. moparisthebest yea...
  515. moparisthebest seems odd to treat them differently
  516. Zash Legally ... hrrrr
  517. moparisthebest I mean, this is what happens when you get politicians dictating technology, nothing but bad things
  518. Zash > A series of tubes
  519. pep. jonasw, re versioning, yes that'd be cool
  520. pep. Also keep track of acks?
  521. Zash Re that, you could check how it's done in ACME
  522. Zash IIRC you reply with a hash of the legalstuff.pdf
  523. pep. Zash, I'll have a look thanks
  524. Kev has joined
  525. jonasw gonna send board@ an email
  526. jonasw done
  527. pep. http://logs.xmpp.org/xsf/ not available on https?
  528. moparisthebest I guess the disconnect makes sense, I'm a programmer, I like technical solutions, politicians are lawyers, they like legal solutions :P
  529. pep. domain not in SANs
  530. moparisthebest and of course only 1 is the correct way... :)
  531. pep. Who do I need to ping to add it?
  532. daniel has left
  533. daniel has joined
  534. jonasw at least Romeo Montague and Juliet Capulet are actually useful examples in this case (regarding Article 9, "Processing of […] data concerning a natural person’s sex life […] shall be prohibited.")
  535. jonasw pep., probably someone from iteam. intosi maybe.
  536. Ge0rG jonasw: I'm probably half in jail already for running a public xmpp server in the EU
  537. jonasw Ge0rG, \o/
  538. jonasw you’ll be interested in next board meeting then ;-)
  539. pep. I'll watch closely as well
  540. Ge0rG Regarding that Sex life thing, now I'm supposed to check all http upload files and immediately delete dick pics?
  541. jonasw Ge0rG, no, you just need consent.
  542. jonasw Article 9 (2) is a long list of exceptions to teh general "shall be prohibited", one of which is "the data subject has given explicit consent to the processing of those personal data for one or more specified purposes, except where Union or Member State law provide that the prohibition referred to in paragraph 1 may not be lifted by the data subject;"
  543. Ge0rG jonasw: I've asked a GDPR specialist recently, and he ran away crying after seeing my server deployment
  544. jonasw haha
  545. jonasw I bet.
  546. pep. :D
  547. moparisthebest explicit consent like "By continuing to use this service, you explicitly consent to..." ?
  548. Guus has left
  549. Guus has left
  550. jonasw dunno
  551. pep. I'm going to https://www.cambridgenetwork.co.uk/events/gdpr-itgovernance-march2018/ this week. Let's see if I gather anything interesting
  552. Ge0rG I need to convince my boss that writing a policy for yax.im will be a nice exercise for our younger colleagues
  553. jonasw pep., neat.
  554. jonasw I’ll dump the things I threw at board here so you can mention it there, pep.: There was some discussion in xsf@ today (actually, is right now). Some of the points which were mentioned: General question: Are IM messages to be considered "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation" in general (article 9)? (I suspect so, IANAL.) If not, I think most of the following points are moot-ish. Situation A: romeo@montague.lit talks to juliet@capulet.lit. While romeo is aware of the privacy policy of montague.lit (he acknowledged it when registering), he is not aware of the privacy policy of capulet.lit. capulet.lit decided to store all IM messages forever, which is probably(? IANAL) something they need explicit consent for even from other domains. Situation B: capulet.lit has a MAM service, but it is opt-in to ensure consent from the users. (Suppose here that we have protocol to actually show a privacy policy when users opt-in to MAM.) juliet uses a client which turns on MAM by default. Who is liable when juliet complains that capulet.lit is storing messages? And how to avoid this? Situation C: coven@chat.shakespeare.lit is a private MUC with MUC MAM enabled. Is this covered by Article 9 (2) (e) ("processing relates to personal data which are manifestly made public by the data subject;")? I suspect not, and then we’d need ways to convey the terms of archival and to express consent when joining such a MUC. Is this situation different if the MUC is public? I suspect that this will have to do a lot with how the UI presents it.
  555. Ge0rG moparisthebest: like with the EU cookie warning...
  556. SamWhited I've been working on GDPR compliance stuff for weeks now… I'm starting to get chills whenever someone mentions it. Opened this room and thought I'd accidentally started work chat instead.
  557. jonasw SamWhited, :)
  558. pep. SamWhited, :D
  559. MattJ Does anyone actually have the answers to these questions?
  560. Ge0rG MattJ: do you consider "pay a €100k compliance violation fee and stop the offending behavior" a valid answer?
  561. moparisthebest it seems to me the law was specifically crafted to target walled gardens, not federated systems, and it basically makes it impossible to run federated systems...
  562. jonasw MattJ, you’ll find out thursday! (board@xmpp.org is the right adress to dump board agenda at, isn’t it?)
  563. MattJ jonasw, I don't know... I haven't received any email, so I don't know where it went to
  564. moparisthebest which, politicians ignoring xmpp, fair, but they ignored email too? surely they know about email
  565. jonasw moparisthebest, they might not know how email works
  566. moparisthebest true, if they think of email as gmail...
  567. pep. jonasw, their technical team *might*
  568. jonasw MattJ, I can’t add an agendum to the board trello, can you do that for me when I forward you my email?
  569. MattJ jonasw, shall do
  570. MattJ Ge0rG, I mean, I understand a lot of people are making money from GDPR consulting, but has anyone to date received a €100k compliance violation fee?
  571. moparisthebest what if everyone just pulls what I pull on my IRC server, put a statement like "Due to GDPR, citizens of EU are forbidden from using this server" up
  572. moparisthebest and then just not enforce it in practice?
  573. Ge0rG MattJ: no, because the GDPR isn't in effect yet
  574. MattJ Exactly
  575. jonasw MattJ, enforcement afaik only starts on may 25th
  576. MattJ So nobody knows how the legislation will be interpreted by the courts
  577. MattJ I find it unlikely that they would conclude that a non-commercial XMPP service that does not make any money would be forced to pay a €100k fine because they stored someone's groupchat message in an archive
  578. Ge0rG MattJ: the first step will be for the data protection offices to ask companies for their policy documents
  579. Ge0rG MattJ: unlikely isn't impossible
  580. moparisthebest MattJ, and what about a commercial xmpp service that charges $2 per month or something
  581. MattJ No, nothing is impossible
  582. MattJ moparisthebest, fines are usually proportional to company revenue
  583. Ge0rG MattJ: I'm not sure if you would bet your private possessions on that low probability
  584. MattJ IANAL, I'm not telling anyone they shouldn't worry about GDPR, I'm just questioning how much you can take a lawyers word today about whether e.g. storing chatroom messages in an archive is legal or not
  585. Ge0rG MattJ: the lawyers don't know either, so they predict the worst case
  586. MattJ of course
  587. MattJ but we already know the worst case, without paying the lawyers anything
  588. MattJ If you have to ask, you probably shouldn't be storing it if you want to be 100% safe
  589. jonasw I tried to ask very fundamental questions though. questions to which we should already have an answer before the first xmpp service is sued.
  590. jonasw like the federation thing
  591. jonasw and with answer I mean a technical way to achieve what’s needed to comply.
  592. jonasw like what we were discussing earlier with the potential privacy policy XEP
  593. Ge0rG There was a nice court ruling in Germany recently, regarding WhatsApp. A WhatsApp User requires written consent from all contacts to put their phone number into the cloud.
  594. Ge0rG That sounds like we need consent from each MUC participant
  595. jonasw oddly, people haven’t stopped using whatsapp :(
  596. Ge0rG jonasw: yes, probably out of ignorance.
  597. jonasw Ge0rG, for public MUCs probably not due to Article 9 (2) (e), I guess.
  598. jonasw Ge0rG, no, probably because nobody sues their friends and relatives or people with whom they do business over a phone number upload.
  599. alexis has joined
  600. jonasw I wish $unlovedRelative was using whatsapp. that’s a perfect way to break off contact
  601. jonasw I wish $unlovedRelative was using whatsapp. that’s a perfect way to break off contact *and* get some money out ouf it :>
  602. tim@boese-ban.de jonasw, but only if the relative is unloved by the whole family :-)
  603. jonasw tim@boese-ban.de, true :)
  604. Ge0rG jonasw: you will have a hard time getting money out. The best thing you can hope for is a fine, and you need to tell the relative in advance that you don't consent with sharing of your information with third parties
  605. jubalh has joined
  606. jonasw Ge0rG, do I? isn’t it default that I don’t consent?
  607. Ge0rG jonasw: maybe, but you need a willful violation to provoke a fine
  608. jonasw fine.
  609. jubalh has left
  610. Ge0rG jonasw: I see what you did here.
  611. marmistrz has left
  612. jonasw fine :)
  613. pep. Ge0rG, "willful violation"?
  614. Ge0rG 🤔
  615. Ge0rG pep.: knowing that your behavior is illegal and still continuing. IANAL
  616. pep. I see
  617. pep. "But but, I didn't know"
  618. moparisthebest wait, are you saying ignorance of the law IS an excuse?
  619. j.r has joined
  620. Ge0rG moparisthebest: only regarding the level of fines you expose yourself to.
  621. Ge0rG moparisthebest: if you are not a commercial entity, you are not required to understand and implement all of the GDPR requirements.
  622. Ge0rG Maybe.
  623. Ge0rG At least it is rather improbable that you will be sued for uploading your grandma's cookie receipt to AWS
  624. jonasw how about your grandmas erotic friend fictions?
  625. Ge0rG jonasw: it depends whether those are real or imaginary friends. With fiction you are subject to copyright, where the civil liability depends on the number of potential readers, with non fiction you are subject to GDPR, and you know the fines there.
  626. jonasw well your grandma would be a real person and thus at least one subject in that fiction story would be real.
  627. jonasw (at least that’s the limited understanding I got on erotic friend fictions)
  628. Ge0rG jonasw: I would argue that fiction doesn't count as sensitive PII, but probably only if it's clearly labeled as fiction.
  629. moparisthebest also a possibly upcoming EU law would require disabling e2e and scanning/filtering all stanzas sent https://blog.github.com/2018-03-14-eu-proposal-upload-filters-code/ :'(
  630. Ge0rG I'd be the first one to deploy an OMEMO block filter...
  631. SamWhited *sigh* I can never decide which I hate more, how much we under-regulate the tech industry, or how much Europe overregulates it.
  632. SamWhited ("we" being the U.S.)
  633. pep. Depends on the regulations?
  634. moparisthebest I'm in a different camp, I think all the regulations are bad
  635. LNJ has joined
  636. j.r has left
  637. j.r has joined
  638. rion has left
  639. Dave Cridland has left
  640. lumi has left
  641. pep. jonasw, you mentioned "encryption" when talking about server policies. Disk encryption? Protecting against the hosting provider? They have do have full control over the equipment, I guess paranoïa can go pretty far, how would you deploy that?
  642. jonasw pep., I have no idea. I was desperately trying to think of a second thing :)
  643. pep. hehe
  644. Dave Cridland has left
  645. andrey.g moparisthebest‎, I'm wondering, how the world would look, if not only artificial regulations but also the natural one "only the fittest will survive" would disappear...
  646. jonasw hah
  647. alexis has left
  648. alexis has joined
  649. Valerian has left
  650. Valerian has joined
  651. moparisthebest andrey.g, not really sure what you mean, but I'm fine with natural regulations, the artificial ones are the problem
  652. moparisthebest also wouldn't call them 'natural regulations' but meh :)
  653. andrey.g moparisthebest‎, so we have different meanings of "all" regulations.
  654. waqas has left
  655. moparisthebest like I said I wouldn't call like natural laws regulations
  656. pep. jonasw, a bit more thinking tells me I can't be technically sure the hosting provider doesn't have access to my system. Best is to be the provider.. I guess that works for small deployments but that's about it
  657. MattJ jonasw, https://trello.com/c/t79C3Yds/307-gdpr-advice added
  658. Ge0rG pep.: Intel SGX attempts to work around that, with limited success
  659. Valerian has left
  660. Valerian has joined
  661. moparisthebest I thought intel SGX was completely broken
  662. pep. Ge0rG, if it was my hardware in the DC that would be a bit easier to do encryption I guess?. That still doesn't prevent DC people from fiddling with it. Is that what SGX is for?
  663. pep. If it's just a question of liability then I guess I don't need encryption at all, if a leak was caused by a hardware issues, or software issues at the virtualization level, I was told I could probably take it to the hosting provider.
  664. pep. Otherwise, if it's mistrust towards the provider, first I'm in a bad position, second, if I still want to do something about it, I guess LUKS on my rootfs with dropbear-in-initramfs would prevent "casual snooping". But protects in no way against a bit more elaborated "attacks"
  665. pep. (They have access to the virtualization software after all)
  666. moparisthebest pep., yea that's how my dedicated server in germany is set up, but it's really just to protect against the 'hard drives re-used without wiping' attack
  667. j.r has joined
  668. j.r has joined
  669. alexis has left
  670. alexis has joined
  671. LNJ has left
  672. Kev has left
  673. jonasw MattJ, thank you very much
  674. alexis has left
  675. alexis has joined
  676. tim@boese-ban.de has left
  677. waqas has joined
  678. Dave Cridland has left
  679. jonasw moparisthebest, did you get around to set up your XEP-0368 test setup?
  680. moparisthebest nope, also need to revive that thread and try to get some type of consensus
  681. moparisthebest dino is still doing it wrong (imho), gajim just released 368 support but not sure if it's right or wrong :)
  682. jjrh has left
  683. jjrh has left
  684. jjrh has left
  685. jonasw what is "wrong"?
  686. moparisthebest trying first xep-368 record, failing to connect, not trying any subsequent record
  687. jonasw mmm
  688. Zash Does it work?
  689. moparisthebest in my specific case, the error it encountered was not-valid-xml, it gets HTTP back
  690. jonasw we have a PR for ALPN for aioxmpp, but I’m hesitant to merge it without testing.
  691. Kev 'It compiles, ship it'.
  692. jonasw Kev, that’s a very very very bad idea for python code ;-)
  693. Kev Or in the case of Python, 'It commits, ship it'.
  694. moparisthebest jonasw, I can give you an account on my server, which requires alpn for ipv4 as the first SRV record, for informal testing
  695. jonasw moparisthebest, that would already be a good start.
  696. Zash 'It turns into .pyc, ship it'
  697. jonasw send credentials to xmpp:jonas@wielicki.name. but don’t forget your privacy policy, I’m in the EU! ;-)
  698. moparisthebest oh right, well just tell me you aren't in the EU and I'll send you one :)
  699. jonasw I may or may not be in the EU.
  700. jubalh has joined
  701. moparisthebest good enough for me, will send you one in a few :)
  702. j.r has joined
  703. daniel has left
  704. j.r has joined
  705. jjrh has left
  706. Valerian has left
  707. Valerian has joined
  708. daniel has left
  709. jjrh has left
  710. jjrh has left
  711. LNJ has joined
  712. matlag has joined
  713. vanitasvitae has left
  714. waqas has left
  715. waqas has joined
  716. j.r has joined
  717. j.r has joined
  718. Dave Cridland has left
  719. @Alacer has left
  720. @Alacer has joined
  721. ralphm has left
  722. Dave Cridland has left
  723. Dave Cridland has left
  724. Dave Cridland has left
  725. Dave Cridland has left
  726. Dave Cridland has left
  727. jubalh has left
  728. jubalh has joined
  729. Dave Cridland has left
  730. tux has left
  731. jubalh has left
  732. daniel has left
  733. ralphm has joined
  734. Dave Cridland has left
  735. j.r has joined
  736. jubalh has joined
  737. jubalh has left
  738. SaltyBones has left
  739. ralphm has joined
  740. marmistrz has joined
  741. marmistrz has joined
  742. Dave Cridland has left
  743. SaltyBones has joined
  744. Yagiza has left
  745. lovetox has joined
  746. Dave Cridland has left
  747. Dave Cridland has left
  748. Seve/SouL has left
  749. Dave Cridland has left
  750. had-hoc has left
  751. Dave Cridland has left
  752. j.r has joined
  753. Dave Cridland has left
  754. marc has joined
  755. SaltyBones has left
  756. SaltyBones has joined
  757. Steve Kille has left
  758. Steve Kille has left
  759. j.r has joined
  760. Steve Kille has joined
  761. Dave Cridland has left
  762. Andrew Nenakhov has left
  763. Andrew Nenakhov has joined
  764. Guus has left
  765. Andrew Nenakhov has left
  766. Andrew Nenakhov has joined
  767. j.r has joined
  768. Dave Cridland has left
  769. iiro.laiho has joined
  770. Guus has left
  771. Dave Cridland has left
  772. Steve Kille has left
  773. Valerian has left
  774. Valerian has joined
  775. Guus has left
  776. jjrh google talk's xmpp support doesn't support message carbons does it?
  777. moparisthebest jjrh, I thought google completely turned off xmpp a couple months ago?
  778. moparisthebest but it never supported carbons anyway I think
  779. Nekit has left
  780. jjrh Nah you can still connect with username @ gmail.com
  781. jjrh (I just tested it today)
  782. Zash Federation is gone tho
  783. moparisthebest oh, so they just killed federation
  784. Dave Cridland has left
  785. LNJ has left
  786. fippo zash: they closed port 5269?
  787. Zash fippo: Yup
  788. Zash Connection refused on all SRV targets
  789. lumi has joined
  790. Zash IIRC they gave out not-authorized errors just before that
  791. Dave Cridland has left
  792. Dave Cridland has left
  793. fippo so how long will it take them to remove the dns records...
  794. Zash ENOENT
  795. Andrew Nenakhov moparisthebest, > oh, so they just killed federation Curse their sudden but inevitable betrayal!
  796. moparisthebest well it hasn't worked acceptably for years so, meh
  797. LNJ has joined
  798. winfried has joined
  799. pep. Andrew Nenakhov, it's not sudden, they announced it at the beginning of 2017, for late June 2017 iirc
  800. Zash Hasn't it basically been outdated since 2006?
  801. Valerian has left
  802. ralphm has left
  803. marmistrz has left
  804. Syndace has left
  805. Syndace has joined
  806. Dave Cridland has left
  807. efrit has joined
  808. LNJ has left
  809. LNJ has joined
  810. Dave Cridland has left
  811. fippo zash: well, someone said "the future is jingle" in 2011
  812. fippo but these days the future is stun2, turn2 and rtp3
  813. Andrew Nenakhov pep., > Andrew Nenakhov, it's not sudden, they announced it at the beginning of 2017, for late June 2017 iirc It's actually dates much earlier. After Google announced Hangouts, they began gradually chopping off parts of xmpp functionality one by one in a period of over 2 years.
  814. Dave Cridland has left
  815. Dave Cridland has left
  816. pep. Andrew Nenakhov: yeah but they officially announced it then
  817. j.r has joined
  818. nyco has left
  819. nyco has joined
  820. Valerian has joined
  821. Guus has left
  822. jubalh has joined
  823. Dave Cridland has left
  824. Dave Cridland has left
  825. Dave Cridland has left
  826. nyco has left
  827. marc has left
  828. Dave Cridland has left
  829. tim@boese-ban.de has joined
  830. @Alacer has left
  831. tim@boese-ban.de has joined
  832. tim@boese-ban.de has left
  833. lskdjf has joined
  834. jubalh has left
  835. marc has left
  836. tim@boese-ban.de has joined
  837. j.r has joined
  838. Guus has left
  839. Nekit has left
  840. Nekit has joined
  841. tim@boese-ban.de has joined
  842. Dave Cridland has left
  843. j.r has joined
  844. Guus has left
  845. waqas has left
  846. Dave Cridland has left
  847. Andrew Nenakhov Not really. They announced that 'nothing changes for current users', but it did, gradually. I'd even call it death by 1000 cuts, because it was clearly done so not to have another uproar like when they killed RSS Reader
  848. Seve/SouL has joined
  849. Guus has left
  850. tux has joined
  851. Dave Cridland has left
  852. Andrew Nenakhov has left
  853. Andrew Nenakhov has left
  854. vanitasvitae has left
  855. waqas has joined
  856. Ge0rG Maybe the responsible project lead was just promoted to greener pastures and the project fell victim to bit rot?
  857. Tobias has joined
  858. LNJ has left
  859. j.r has joined
  860. Tobias has joined
  861. lskdjf has joined
  862. moparisthebest that's the less cynical view
  863. moparisthebest I think what really happened is they wanted to lock users into their walled garden :P
  864. ralphm has joined
  865. Zash Probably a bit of both.
  866. j.r has joined
  867. marmistrz has left
  868. Valerian has left
  869. Valerian has joined
  870. Dave Cridland has left
  871. Andrew Nenakhov has left
  872. Andrew Nenakhov has joined
  873. tux has left
  874. vanitasvitae has left
  875. Dave Cridland has left
  876. jonasw has left
  877. Ge0rG moparisthebest: yes, Google Management stated to lock in users some time around 2005. But I think there is still a large portion of CADT involved.
  878. jonasw you like that acronym, don’t you?
  879. fippo ge0rg: pah, getting rid of xmpp was clearly a technical decision because xmpp is based on http!
  880. Ge0rG jonasw: it perfectly fits how Google does IM.
  881. Dave Cridland has left
  882. jonasw Ge0rG, to me, it feels more like what I’m hearing peripherially (I don’t follow sports, at all) about german football. Team didn’t perform for three weeks? Replace all training personnel.
  883. jonasw Ge0rG, to me, it feels more like what I’m hearing peripherially (I don’t follow sports, at all) about german football. Team didn’t perform for three weeks? Replace all training personnel and start over!
  884. Ge0rG jonasw: CADT as well.
  885. Ge0rG Except maybe for the higher age of the involved functionaries
  886. LNJ has joined
  887. Zash define CADT?
  888. goffi has left
  889. fippo zash: https://www.jwz.org/doc/cadt.html
  890. fippo zash: you might also want to read up on the kevlar-shitting spiders
  891. Zash Ah, yes
  892. Zash wat
  893. Dave Cridland has left
  894. LNJ has left
  895. Dave Cridland has left
  896. Guus has left
  897. vanitasvitae has left
  898. Andrew Nenakhov has left
  899. Andrew Nenakhov has joined
  900. Andrew Nenakhov has left
  901. Andrew Nenakhov has joined
  902. Andrew Nenakhov has left
  903. Andrew Nenakhov has joined
  904. Andrew Nenakhov has left
  905. Andrew Nenakhov has joined
  906. moparisthebest ah hadn't seen CADT before but I like it
  907. Andrew Nenakhov has joined
  908. Andrew Nenakhov has left
  909. Andrew Nenakhov has joined
  910. marmistrz has left
  911. Dave Cridland has left
  912. jjrh I don't think what google turning off federation was to lock their users in - google doesn't have any issue with that.
  913. Guus has left
  914. jjrh I think they mostly just didn't want to support XMPP. Probably turning off federation made sense since they didn't need to deal with that UI aspect.
  915. jjrh I'm guessing the majority of users didn't really use any of the federation stuff either.
  916. jjrh I never understood the google news reader thing though - ALOT of people used it, there were tons of apps that took advantage of the fact all your RSS subscriptions were on a account just about every android user has.
  917. Guus has left
  918. Andrew Nenakhov Google Reader was good, but current Feedly is better. Though RSS seems to be on decline too, so many websites opt for this stupid telegram channels thing, locking themselves into yet another proprietary service
  919. jjrh The thing that was nice about google reader was you had a dozen or so apps that connected to google reader so you had a good amount of choice.
  920. SamWhited ooh, I haven't seen that one I don't think. I looked desperately for another feed reader that I actually liked after Google Reader shut down, but never found one and eventually gave up.
  921. moparisthebest tt-rss
  922. Alex has left
  923. moparisthebest good web ui, and good android client
  924. SamWhited That would require that I do work.
  925. moparisthebest on the other hand, no one else can turn it off on a whim SamWhited :)
  926. SamWhited Don't care since I can export an OPML bundle
  927. Zash I used liferea back in the day
  928. SamWhited Also, even if I wanted to self host I'm not running PHP on my server.
  929. jonasw good choice.
  930. marmistrz has left
  931. jjrh Yeah there are a few other 'self hosted' choices https://github.com/Kickball/awesome-selfhosted#feed-readers
  932. Zash Now I just randomly go to sites when I remember them. Or I hear about stuff because people link to things.
  933. SamWhited Can liferea sync to some sort of backend and stay in sync with a mobile version? That's basically my only requirement (that and I don't want to host whatever that backend is)
  934. Zash Never got why it had to be a fkn web service
  935. Zash SamWhited: I have no idea that was even a thing people did
  936. waqas mumbles something about webscale
  937. jjrh Feedly is probably what you want - it has a web reader and a android app
  938. SamWhited Oh yes; I don't care if it's a desktop app or a webapp as long as I can read stuff on the bus and not have to figure out what I'd already read later.
  939. SamWhited Feedly does look like waht I was looking for at the time; I might give it a shot.
  940. jjrh What drives me nuts is so many sites don't actually post the whole article in the RSS feed.
  941. SamWhited Ooh yah, that always annoyed me
  942. Zash Reading on a bus seems like a recipie for feeling sick
  943. jjrh it's like a 2 line sentence with a link to the website - and I mean the whole point is I want to read the article in the rss reader optionally offline.
  944. SamWhited Doesn't bother me unless it's one of the big commuter busses
  945. moparisthebest tt-rss lets you write plugins to go to the website and grab the whole article anyway jjrh
  946. moparisthebest because yes, that's obnoxious
  947. jjrh That's nice.
  948. Zash It's probably all just fake news anyways!
  949. SamWhited Liferea looks nice, but doesn't appear to sync to anything, sadly :(
  950. marmistrz has left
  951. jjrh Fake news is still news because people believe it's news and that's relevant
  952. SamWhited That's why I only subscribe to The Onion.
  953. jjrh I mostly read about Canadian politics and no cares about Canada enough about us to create a fake news conspiracy
  954. j.r has left
  955. j.r has joined
  956. remko has left
  957. Alex has joined
  958. Andrew Nenakhov > it's like a 2 line sentence with a link to the website - and I mean the whole point is I want to read the article in the rss reader optionally offline. Websites need eyeballs to show ads. So it's understandable, but is still a nuisance
  959. lskdjf has joined
  960. Tobias has joined
  961. jere has joined
  962. jjrh In some cases - in many others I think they just don't have a clue.
  963. j.r has left
  964. j.r has joined
  965. jjrh but unfortunately for them, google doesn't care about their ad dollars and scrapes their site with their 'newsstand' app or whatever it's called.
  966. jjrh some newspaper sites that have the 'you can read 2 articles for free then you gotta pay' thing are totally defeated by this.
  967. Guus has left
  968. iiro.laiho has left
  969. Nekit has joined
  970. tux has left
  971. Nekit has left
  972. Dave Cridland has left
  973. moparisthebest has left
  974. blabla has joined
  975. marc has joined
  976. blabla has left
  977. ralphm has left
  978. Valerian has left
  979. SamWhited has left
  980. ralphm has joined
  981. blabla has joined
  982. marc has left
  983. Alex has left
  984. ralphm has joined
  985. ralphm has left
  986. la|r|ma has left
  987. Ge0rG Some of the paywall sites also allow you to read stuff if you come from a social network referrer
  988. jubalh has joined
  989. marc has joined
  990. blabla has left
  991. SaltyBones dafuq xmpp? somebody just sent a message without a username to a muc ..by accident!
  992. Dave Cridland has left
  993. SaltyBones has left
  994. Dave Cridland has left
  995. blabla has left
  996. Dave Cridland has left
  997. daniel has left
  998. Dave Cridland has left
  999. Dave Cridland has left
  1000. lskdjf has joined
  1001. moparisthebest has joined
  1002. Seve/SouL has joined
  1003. Dave Cridland has left
  1004. valo has left
  1005. Dave Cridland has left
  1006. Zash has left
  1007. ralphm has joined
  1008. waqas has left
  1009. jubalh has left
  1010. Guus has joined
  1011. Dave Cridland has left
  1012. Dave Cridland has left