Ge0rGhttps://www.schneier.com/blog/archives/2018/01/detecting_drone.html another nail in the coffin of stream compression. I totally missed that back in January
jonaswawesome
jonaswcan we use that to decrypt and de-DRM HDMI streams?
Andrew Nenakhov"In other words, they can see what the drone sees," - seems like total bullshit
Andrew NenakhovThey can detect patterns within compressed stream (idle/rapidly changing), not the stream itself.
rishiraj22has left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
ralphmhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Dave Cridlandhas left
alacerhas left
Dave Cridlandhas joined
rishiraj22has left
ThibGhas left
ThibGhas joined
rishiraj22has left
rishiraj22has left
rainslidehas joined
anjanhas joined
Yagizahas left
Yagizahas joined
rainslidehas left
Valerianhas left
rainslidehas joined
Valerianhas joined
lnjhas joined
rishiraj22has left
rishiraj22has left
Dave Cridlandhas left
rishiraj22has left
Dave Cridlandhas joined
rainslidehas left
Valerianhas left
Valerianhas joined
la|r|mahas joined
lskdjfhas joined
Valerianhas left
Valerianhas joined
rishiraj22has left
rtq3has joined
alacerhas joined
alexishas left
alexishas joined
Yagizahas left
rishiraj22has left
Dave Cridlandhas left
Dave Cridlandhas joined
alacerhas left
alacerhas joined
vanitasvitaehas left
alacerhas left
alacerhas joined
marmistrzhas left
rishiraj22has left
SaltyBoneshas left
alacerhas left
ThibGhas left
ThibGhas joined
rishiraj22has left
jubalhhas joined
rishiraj22has left
rishiraj22has left
rtq3has left
rishiraj22has left
lumihas joined
Valerianhas left
la|r|mahas joined
la|r|mahas joined
Valerianhas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas left
la|r|mahas joined
Zashhas left
marmistrzhas joined
tuxhas left
rtq3has joined
alacerhas joined
lnjhas left
Valerianhas left
rishiraj22has left
rishiraj22has left
rishiraj22has left
labdsfTLDR: If you suspect that drone is filming you, move rapidly and see if it transmits more
rishiraj22has left
rishiraj22has left
Yagizahas left
rishiraj22has left
rishiraj22has joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
rishiraj22has left
rishiraj22has joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Neustradamushas left
Andrew Nenakhovhas joined
la|r|mahas left
rishiraj22has left
rishiraj22has joined
lskdjfhas joined
rishiraj22has left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
rionhas joined
Valerianhas joined
rtq3has left
rtq3has joined
rtq3has left
rtq3has joined
Tobiashas left
rishiraj22has joined
rishiraj22has left
rishiraj22has joined
Tobiashas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
labdsfdaniel, why do you say Conversations resources are not permanent?
la|r|mahas joined
la|r|mahas joined
labdsfwhen are they changed?
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
rishiraj22has left
rishiraj22has joined
la|r|mahas joined
la|r|mahas joined
labdsfI am thinking about how to fix it in Gajim and it seems just writing permanent resource in config is not a good idea, because configs may be synchronized
la|r|mahas joined
la|r|mahas joined
rishiraj22has left
rishiraj22has joined
la|r|mahas joined
daniellabdsf: when a server provides me with a different one or if I'm logged out because of duplicate resource or not permitted to bind
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
labdsfthat seems like a solution, thanks
la|r|mahas joined
la|r|mahas joined
labdsfjust regenerate resource if it is duplicate
la|r|mahas joined
jonaswyupp
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas left
Ge0rGExcept that a *sane* server will assume that the second bind is the same client, coming from a network change, and kill the old session.
lumihas joined
danielI've seen plenty of server that will prevent your bind
danielJabberd maybe?
rtq3has left
Ge0rGdaniel: yes, there are some servers that do that. No, it doesn't make it a good idea.
doshas joined
SaltyBoneshas left
danieli think there is also an ejabberd config that will just give you a new random resource
marmistrzhas joined
rishiraj22has left
rishiraj22has joined
danielat least i have seen that behaviour in the wild
Ge0rGthere is also a prosody module for that.
Ge0rGIn the Age Of MAM, this is not as bad as it used to be.
MattJFWIW although I now favour clients requesting per-client static resources, I didn't mention what the server actually assigns them :)
danielis "there is a prosody module for that" the new "the simpsons did it"?
ZashOld tho
Ge0rGMattJ: I'm interested in how you imagine the whole process to play out, then.
MattJIs there any more to it than that?
rishiraj22has left
rishiraj22has joined
rishiraj22has left
rishiraj22has joined
MattJClient should request a resource of <some installation-unique string>, it doesn't need to be what the server actually uses as the public resource for that session
Ge0rGMattJ: so you do assign another resource to the client? Do you expect the client to request the newly-assigned resource on next connection then? And re-assign again?
Zashhas left
MattJNo, why would it do that?
MattJI expect the client to always request the same resource
rishiraj22has left
rishiraj22has joined
Neustradamushas left
jonaswMattJ, if the server gives me a different resource in the bind response, I think I’ll use that resource from then onwards ...
MattJWhy?
Ge0rGSee, you don't even have a coherent image of your idea.
MattJConsider that the server's logic (as it typically is today) when that happens is "override the client's resource with a random one"
Ge0rGWhy should that be a good idea, again?
MattJRequesting the one the server assigns you will just get you a new different random one?
MattJs/?$//
MattJso why would you bother? Just request the one you want
jonaswMattJ, yeah, in that case, it doesn’t matter whether I try my configured resource all over again
Neustradamushas joined
jonaswbut if a server allows me to stay consistent, I can have that
jonaswhm
jonaswI kinda see your point
Ge0rGI don't.
MattJIf the server overrides your resource once, it will again :)
jonaswwhy go through the hassle of updating the stored resource when it won’t work anyways
Ge0rGIt *could* work if the server had a list of well-known resources for that account, and checked that for matches.
Ge0rGIt needs that list anyway to kill your stale session on a reconnect.
Neustradamushas joined
lskdjfhas joined
Ge0rGYou know, like above: Replaced by new connection (conflict)
MattJIt makes no sense to me that a client would store the resource beyond the lifetime of a single session
jonaswMattJ, yeah, nevermind on that one
MattJGe0rG, that old thing :)
jonaswre-rolling a new resource on <conflict/> makes sense though
Ge0rGexcept that <conflict/> doesn't make sense.
jonaswwhy not?
jonaswGe0rG, if somebody copied their JabberCat config to a new machine and they connect it while the other machine is connected too, I get a <conflict/>
jonaswI need to handel that and re-roll the resource
Ge0rGjonasw: wait, your *old* session gets a conflict?
jonaswyes
Ge0rGAaah!
jonasw(it doesn’t matter though)
Ge0rGgot enlightened now.
jonasw(even if the new session gets a conflict)
rishiraj22has left
Ge0rGjonasw: it does make a difference.
jonasw(A server could for example decide to let the new session conflict if it received a ping-pong just now)
Ge0rGjonasw: if your *new* session gets a conflict, it might be because the server still hangs on your old session.
Ge0rGbut it's dead for all practical matters.
jonaswsure, but what am I supposed to do?
jonaswnot connect until that session dies?
Ge0rGcall the server hotline
jonaswor roll a new resource and be able to connect?
Ge0rGHmm.... hide the error or show the error.
rishiraj22has joined
jonaswtricky question indeed
Ge0rGSomebody should re-do https://wiki.xmpp.org/web/XMPP_IM_Client_Design_Guidelines#Do_not_to_encode_any_semantics_into_the_resource.2C_let_the_server_generate_a_resource_for_you
rishiraj22has left
rishiraj22has joined
mimi89999has left
rishiraj22has left
alexishas left
Syndacehas joined
Syndacehas joined
rionhas left
rionhas joined
alexishas joined
nycohas left
nycohas joined
goffiGe0rG: I think I've actually followed this page, and today people have a different song
Ge0rGgoffi: I have hated that section, with a passion, for a long time.
Ge0rGBut I'm not here for wiki editing wars, so I always hoped the original author would become convinced and change it.
jonaswGe0rG, modify it!
goffithat's why a XEP (or better a new version of the RFC) should be clear on the subject.
jonaswwho is the origina lauthor
Ge0rGI thought it was MattJ, but it looks like not.
waqashas left
goffiwith a XEP there is a debate on standard, and council will arbitrate if there is any conflict.
Ge0rGgoffi: there was a debate on standards, and we went home with multiple strong opinions.
alexishas joined
jonasw*.xmpp *.split
goffiso can somebody write some official proposal? As a client dev I don't really care which way is chosen to generate resource, but I would like to have a clear way and if possible some rationale to explain why.
Ge0rGI think jonasw volunteers for that 😁
Andrew Nenakhovhas joined
Ge0rGgoffi: the XSF traditionally isn't very strong at putting the rationale for protocols into its protocol specifications, and this one is 95% rationale.
rionhas left
rionhas joined
jonaswGe0rG, EBUSY
goffiwell the important is not the tradition here, the important is to simplify life for everybody. And I don't think it worth spending time and energy to know how to generate resource
Ge0rGgoffi: the point is: this is not protocol, this is best-practices.
goffithere are several XEPS for best practice already
Ge0rGso it might be a good informational XEP indeed.
goffiyep
jerehas joined
rishiraj22has joined
Ge0rGbut then, as there is no consensus, and there are conflicting opinions, it's hard.
goffi**on beatles music** All we need is specs, tadalala
Zashhas left
goffiGe0rG: the council is here to arbitrate once all opinions have been exposed.
rishiraj22has left
rishiraj22has joined
Ge0rGgoffi: what if the conflict is among council members?
goffiwell let's solve problem when they come?
Neustradamushas left
Neustradamushas joined
Ge0rGhttps://wiki.xmpp.org/web/XEP-Remarks/XEP-0045:_Multi-User_Chat#Matching_Your_Reflected_Message would also make a great informational XEP
Ge0rGAnd https://wiki.xmpp.org/web/XEP-Remarks/XEP-0045:_Multi-User_Chat#Am_I_still_there.3F as well
blablahas left
Neustradamushas left
Neustradamushas joined
Ge0rGAlso somebody should walk the wiki for all ML references made before 2016 and update the links
rishiraj22has left
rishiraj22has joined
rishiraj22has left
rishiraj22has joined
flowIt may already help if a wiki page would list all competing proposals regarding resource handling. we may find out that there is in fact a way to reach consensus. (I thought we have consensus FWIW)
Ge0rGthere is bind2.
Ge0rGAnd there is Zuul.
flowZuul?
Ge0rGThere is no Dana, only Zuul!
vanitasvitaehas left
rishiraj22has left
rishiraj22has joined
Wiktorhehe, and the hidden Mozilla egg: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
vanitasvitaehas joined
rishiraj22has left
rishiraj22has joined
rishiraj22has left
rishiraj22has joined
j.rhas joined
j.rhas joined
rishiraj22has left
rishiraj22has joined
rishiraj22has left
rishiraj22has joined
SaltyBoneshas left
rishiraj22has left
rishiraj22has left
rtq3has joined
Nekithas left
labdsfhas left
rishiraj22has left
alexishas left
alexishas joined
alexishas left
tuxhas joined
alexishas joined
Valerianhas left
rishiraj22has left
Andrew Nenakhovhas left
jubalhhas joined
jubalhhas joined
Wiktorhas joined
Valerianhas joined
marmistrzhas joined
labdsfhas left
marmistrzhas joined
Zashhas left
moparisthebesthas left
SaltyBoneshas left
Andrew Nenakhovhas joined
mimi89999has joined
rishiraj22has left
labdsfhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
labdsfhas left
doshas left
doshas joined
rishiraj22has left
marmistrzhas joined
rishiraj22has left
rishiraj22has joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Yagizahas left
Yagizahas joined
rishiraj22has left
andyhas left
Andrew Nenakhovhas joined
rishiraj22has left
rishiraj22has left
lnjhas left
Andrew Nenakhovhas left
rishiraj22has left
Andrew Nenakhovhas joined
blablahas joined
jubalhhas joined
blablahas left
blablahas joined
vanitasvitaehas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
vanitasvitaehas left
SaltyBoneshas left
Zashhas left
mrdoctorwhohas joined
SamWhitedhas left
SamWhitedhas joined
Zashhas left
rishiraj22has left
ThibGhas joined
Zashhas left
ThibGhas joined
marmistrzhas joined
rishiraj22has left
rishiraj22has left
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Guushas left
Valerianhas left
rishiraj22has left
danielhas left
jubalhhas joined
Ge0rGhas joined
Valerianhas joined
Guushas left
lumihas joined
jubalhhas joined
fippohttps://twitter.com/w3cdevs/status/1006544269149077504 -- might be relevant for some european folks here
rishiraj22has left
Ge0rGYes, let's get some money to create more APIs to track web victims.
fippoheh :-)
rishiraj22has left
danielhas left
Guushas left
rishiraj22has left
rishiraj22has left
alexishas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Guushas left
Valerianhas left
Valerianhas joined
Andrew Nenakhovhas joined
labdsfhas left
kasper.dementhas left
kasper.dementhas joined
Lancehas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
rishiraj22has left
Guushas left
Guushas left
Guushas left
Guushas left
Guushas joined
rishiraj22has left
Guushas left
Guushas left
Guushas left
Guushas left
Guushas joined
marmistrzhas joined
jubalhhas joined
Andrew Nenakhovhas left
ralphmhas left
rishiraj22has left
labdsfhas left
rishiraj22has left
goffihas left
winfriedhas joined
winfriedhas joined
vanitasvitaehas left
labdsfGe0rG, I have found your slides btw: https://wiki.xmpp.org/web/Georg%27s_Talk_on_Message_routing
Ge0rGAm I supposed to defend my position in there?
Ge0rG6121 also doesn't know about carbons, MAM, and four hundred other protocol extensions
Guushas left
Kevhas left
jubalhhas joined
Guushas left
Guushas left
Guushas left
Valerianhas left
Valerianhas joined
Valerianhas left
vanitasvitaehas left
Tobiashas joined
jjrhhas left
vanitasvitaehas left
Guushas left
Guushas left
vanitasvitaehas left
tuxhas joined
andyhas joined
vanitasvitaehas left
vanitasvitaehas left
Chobbeshas joined
Guushas left
marmistrzhas left
vanitasvitaehas left
SaltyBoneshas left
rishiraj22has left
vanitasvitaehas left
tahas joined
vanitasvitaehas left
alexishas joined
alacerhas left
Andrew Nenakhovhas joined
alacerhas joined
rishiraj22has left
tahas left
alexishas left
vanitasvitaehas left
alexishas joined
Andrew Nenakhovhas left
vanitasvitaehas left
vanitasvitaehas left
vanitasvitaehas left
Andrew Nenakhovhas joined
rishiraj22has left
jubalhhas joined
jjrhhas left
vanitasvitaehas left
Yagizahas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
kasper.dementhas left
rishiraj22has left
rishiraj22has left
Lancehas left
rtq3has left
labdsfhas left
labdsfhas left
Guushas left
Guushas left
Guushas joined
winfriedhas joined
rishiraj22has left
marchas left
winfriedhas left
labdsfhas left
labdsfhas left
jubalhhas joined
Ge0rGhas left
Dave Cridlandhas left
Dave Cridlandhas left
winfriedhas left
Dave Cridlandhas left
kasper.dementhas joined
Dave Cridlandhas left
jjrhhas left
Dave Cridlandhas left
Dave Cridlandhas left
Kevhas left
Dave Cridlandhas left
rishiraj22has left
labdsfPersistent resources in Gajim seem to be already fixed, just need to wait for it to hit the repos, closed the bug: https://dev.gajim.org/gajim/gajim/issues/9193
danielhas left
danielhas joined
labdsfcloned the master, started testing and found that it wrote the random part into config