-
Ge0rG
xnyhps: Y U h4xed my car? https://www.bleepingcomputer.com/news/security/volkswagen-and-audi-cars-vulnerable-to-remote-hacking/
-
Maranda
Yay perhaps "Watchdogs 2" style
- Ge0rG ain't no consolero
-
Maranda
Your loss
-
Ge0rG
I'm playing sokoban today. The old house is full of boxes, and the transporter guys will arrive in T-22h
-
Ge0rG
And I still have to put most of the things I own into boxes.
-
Maranda
Hmm on a different topic does yax.im fetches a static public servers list from somewhere? If it does at all
-
Maranda
Sounds fun
-
Ge0rG
Maranda: you mean yaxim, the client, not yax.im the server?
-
Maranda
And s/Yax.im/Yaxim/
-
Maranda
No the client obviously
-
Ge0rG
Maranda: https://github.com/pfleidi/yaxim/blob/master/res/values/servers.xml
-
Ge0rG
That URL doesn't work any more
-
Ge0rG
The original source is lost.
-
Maranda
Ge0rG I re enabled IBR (I implemented account locking and e-mail verification for it, so it's rather safe) now I need to scour all clients who singled out my server and re-add it 🙄
-
Maranda
PR incoming soon
-
Maranda
Btw
-
Ge0rG
Maranda: yaxim doesn't support entering the email address / data-forms
-
Ge0rG
Maranda: feel free to PR that as well
-
Maranda
Ge0rG damn you! 🤣
-
Holger
Almost no clients do.
-
pep.
Which is sad
-
Maranda
Well Gajim does and that is sorted
-
Maranda
I suppose that saves me sending PRs all around
-
Maranda
As usual spent time implementing something that will be unused
- Maranda thinks "That's XMPP lads ®️"
-
Holger
Ah I thought not even Gajim supported this last time I checked.
-
Holger
Maranda: Does it support the email field or the form or both?
-
Maranda
Holger it does support all custom fields
-
Maranda
s/custom/additional registration/ rather
-
Maranda
If you enable verification it'll make e-mail mandatory
-
Maranda
And I guess "both"
-
Holger
Sounds good.
-
Ge0rG
Gajim's user onboarding is so messed up, I don't even want to think about it
-
Maranda
Ge0rG, I don't find it so messed and it supports dataforms element pretty well
-
Maranda
https://upload.lightwitch.org/share/WMKL7jaY5eHb9786/ibr-forms.png
-
Ge0rG
Maranda: what did you have to enter in the screen before?
-
Maranda
just accounts, new account, and if you don't have any it'll bring you there automagically?
-
Ge0rG
how did you chose the server?
-
Maranda
register a new account > list of servers
-
Maranda
how is that messed?
-
SamWhited
This is a vaguely interesting thread if you want to see how people that aren't in this room think about instant messaging: https://twitter.com/actuallyalice/status/990889721525161986
-
Maranda
we need 90s messaging back, where you'd have msn, yahoo, jabber, ICQ all running from 1 app
-
Maranda
huhu
-
moparisthebest
Maranda, can't you do that using pidgin right now?
-
Maranda
moparisthebest, sorry I'm quoting one of the tweets
-
Maranda
I should have actually quoted it
-
moparisthebest
oops, I should read previous posts sometimes :)
-
Maranda
And I should stretch bbl
-
lovetox
they could use just sms
-
moparisthebest
did someone say https://jmp.chat/ ?
-
moparisthebest
https://signal.org/blog/looking-back-on-the-front/ "Amazon threatens to suspend Signal's AWS account over censorship circumvention"
-
UsL
interesting.. Time to choose smthng else than a centralized solution like that..
-
moparisthebest
maybe some type of federated standard might be a good choice
-
Wiktor
moparisthebest: in case you're interested in what would Signal guys respond to "federated would help" https://news.ycombinator.com/item?id=16870595
-
moparisthebest
I'll summarize that:
-
moparisthebest
"there are serveral other properties and trade-offs like then we couldn't lock people into our walled garden"
-
Wiktor
I think it's a valid point that if you have federated but only a handful of big servers, it's still easy to block, I think zinid mentioned this previously (but I may be wrong). The rest is of course marketing but that's obvious :)
-
moparisthebest
sure I agree with that
-
moparisthebest
but the point is to have a bunch of small ones
-
moparisthebest
the bigger ones have more resources to resort to hacks like signal
-
moparisthebest
(multiple servers, answer differently to different regions, etc)
-
Wiktor
> but the point is to have a bunch of small ones And I agree with that 👍
-
moparisthebest
and if the govt starts blocking them, new ones can start up to replace those
-
Wiktor
One way or another it's interesting to see how Moxie resolves their problems, well, usually it's better to learn on someone else's problems
-
moparisthebest
it becomes a game of whack-a-mole
-
Wiktor
Yes, but until your identity is tied to domain name you'd have to setup your roster each time you switch a server
-
moparisthebest
well we could expand the protocol to make things like that easier
-
moparisthebest
(or just save them locally on the client and share them across accounts, no protocol involved)
-
Ge0rG
Like Briar?
-
Wiktor
Identify user by keys not domains... And we're back to OpenPGP!
-
moparisthebest
hmm that is an interesting thought
-
moparisthebest
the onion-like setup would in theory allow you to chat with 1 person on multiple JIDs, identified by key
-
moparisthebest
and since there rosters are 100% client-side anyway, you could hop servers as much as you wanted
-
Ge0rG
> @signalapp Time to move to the blockchain!:D https://twitter.com/pray4crypto/status/991390269798010880 nailed it!
-
Wiktor
Sign your subscription requests and clients can see you're the same person :)
-
Zash
But federation isn't about censorship resistance.
-
Ge0rG
Zash: no? I'm out then!
-
moparisthebest
Wiktor, yea but who wants to leak to the servers that you are the same person? :)
-
Wiktor
Did I forget "encrypted with OMEMO" ? Encryption here and there a little always help... :)
-
moparisthebest
anyone know a server in the wild that implements this websocket discovery method? https://tools.ietf.org/html/rfc7395#section-4
-
Wiktor
moparisthebest: conversations.im
-
Wiktor
But they lack correct CORS headers for web clients for this file... Forgot to report that
-
moparisthebest
thanks!
-
Wiktor
No problem, I tested one web client there, worked like a charm. Actually this is just a file and both ejabberd and Prosody have websocket support. So it's trivial to set up.
-
Ge0rG
Oh, is my client desynchronized, or is the board meeting still ongoing?
-
ralphm
I thought I fixed that
-
ralphm
set the topic to
XSF Discussion | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
-
ralphm
I blame Conversations
-
moparisthebest
yea Wiktor I just wanted to see an example of an actual file in the wild :)
-
Wiktor
Got it :)
-
Ge0rG
ralphm: thanks!
-
Zash
Looks like I still have one too
-
ralphm
Zash: but federation does address some issues caused by attempts to censorship. E.g. the blockage in Russia of AWS would not affect servers hosted in Russia.
-
Andrew Nenakhov
ralphm, unless servers hosted in Russia will also be blocked from AWS. And they will be, eventually.
-
Wiktor
I think the point is just that Russia users could talk to their friends in Russia without problems (unaffected by AWS).
-
Andrew Nenakhov
No. Russian servers would be asked to give up data or be shut down
-
ralphm
Which is different threat.
-
Andrew Nenakhov
Actually it's the same threat. Local servers can be blocked using same method as international ones. Authorities just have even more leverage over local services because they can not only block server but also physically access it.