XSF Discussion - 2019-02-21

is there a way to tell the xmpp server to only send me messages from contacts in my roster? or do some clients have such a feature to drop everything that comes from contacts not in the roster?

yes

:)

which/how?

Privacy lists did this, but we killed it. Now I think clients just don't notify about messages from non-roster entities.

ok, thanks

jubalh: What's your reason for this?

Zash, https://github.com/boothj5/profanity/issues/955

A couple of clients have such anti-spam feature, where non-contacts are required to answer some question before their message is shown to the user.

which kind of clients? would like to see what they do. i thought about just blocking if user enables that feature

I think there's a plugin for Gajim, and something similar for some other client that I'm not sure which one it is. Psi perhaps?

yep Psi

Haven't used this feature myself, I got along by blocking domains for a while.

yeah me too

ok will take a look at those two

profanity is alive?

✏

;)

i try to keep it alive, yes

released a 0.6.0 couple of days ago

OneTeam is a ProcessOne project, isn't it?

oneteam.im isn't responding for me

Guus, yes

jubalh: how alive? maintaining or active development? :)

Guus, it's discontinued

Zash, so far it was maintaining and now i'm slowly transitioning to active development

ah, then we probably should take it off of https://xmpp.org/software/clients.html

but i can only do it in small time chunks because of other obligations

Guus, yes

Doesn't that happen by itself?

closed quite some bugs in recent weeks, and now try to add new features

Nice!

jubalh, is it XEP-0412 compliant yet? :)

jubalh: Can I interest you in doing the timestamp update thing so it shows up on https://xmpp.org/software/clients.html ?

zinid, didnt check, dont think so

Zash, timestamp update thing?

heh

jubalh: https://github.com/xsf/xmpp.org/blob/master/data/README.rst

hm Psi is not in the list.

rion: you too then ↑

ah i thought timestamp update thing is somehow a xep ;)

yeah and please somebody remove OneTeam from the list :)

you mean just updating the entry there

zinid: https://github.com/xsf/xmpp.org/pull/529

sure i'll do this for profanity later toay

would be good to have a xmpp or email reminder for this timestamp thing, I haven't noticed it was off for SàT for a couple of months.

Zash, 👍

hm update-entry.py also did this - "name": "Bruno the Jabber™ Bear", + "name": "Bruno the Jabber\u2122 Bear",

Normalization is fun!

I'll remove this change and do PR

yeah, python is by default very conservative about emitting JSON

Zash, https://github.com/xsf/xmpp.org/pull/530

👍

jubalh: which server software are you using?

Ge0rG, prosody

You can block spam with mod_firewall, I've heard

Ge0rG, I myself block already via prosody. But this issue was not created by me, and I don't know whether the user runs his own server

> would be good to have a xmpp or email reminder for this timestamp thing, I haven't noticed it was off for SàT for a couple of months. That kind of defeats the purpose of having the timeout.

But you can easily add a recurring reminder in your own calendar. 😉

Guus: why would that be defeating the purpose? A reminder doesn't prevent the manual update, which is the real indicator of project activity.

goffi: caring enough to have your own reminder is even more indicatior of project activity.

I disagree

that's only an indicator that the project author enabled the reminder

Ge0rG: Guus: it forces me to install a calendar or something to set up a reminder, while for XSF it's just about a script in cron which do an XMPP send.

goffi: what about you configuring a cron which do an XMPP send?

Ge0rG: that exactly what I'm asking for

goffi: essentially everybody in XSF is absolutely overloaded with work.

on clients dev side it mean that they have to setup a server, make a regular sync with git repos, and do a cron to check that. And trust me all client devs are overloaded too.

goffi: you don't need any of that. Just a cron job: `30 8 21 2 * echo 'renew my xmpp.org software'`

Ge0rG: supposing all client devs have a anacron or similar available, and check logs. Just this morning has shown that 2 clients were not visible because devs have missed it. As a result, the list of client is not up to date. If think it's a pity as it could be easily fixed. But not need to talk about that for hours.

goffi: I'm sure you have read the rationale in https://xmpp.org/2017/03/new-xmpp-software-listing-rules/

Ge0rG: yes I know that, I don't see how it changes any bit of what I've said.

https://news.ycombinator.com/item?id=19216077

I, for one, think that email is just a xep

https://news.ycombinator.com/item?id=19216252 sarcasm overflow!

https://slashdot.org/story/99/01/04/1621211/open-real-time-messaging-system

Ge0rG, please reply that? :P

o/

ralphm, do we have meeting today?

I can't make it

In car

Traffic jam now

No worries Guus, take care

I'm semi-around, have a bad headache... so I won't complain if we skip this week

MattJ, doesn't look like Board is present so.. :) Get well soon

Thanks

> https://news.ycombinator.com/item?id=19216252 sarcasm overflow! I also replied 🙂

https://news.ycombinator.com/item?id=19216963

🍿

Andrew Nenakhov: so I charged my iPhone now. Xabber beta on TestFlight is a month old. My xabber.com account shows as "offline", despite being activated. The first tab (messages?) is empty and the add dialog has no action buttons. The second tab is completely blank.

do you need a video of that?

of you eating 🍿

https://upload.yax.im/upload/73-dxDyvscbeeqyY/XabberFail.mp4

Ge0rG, We didn't give this area any work. Looking for other things to marvel at.

Andrew Nenakhov: by "this area" you are speaking of Xabber/iOS?

I think Ge0rG is trying to say that the current UI as-is is confusing to him and it appears to be not working at all

jonas’: there is "confusing" and there is "broken".

I have to agree that all those empty fields are extremely confusing/misleading/broken-looking

Hard stuff is not adding contacts, but consistently working with message archive

Andrew Nenakhov: I can not login. I can not send messages. What should there be in that consistently hard message archive?

And there are no offline messages on xabber.com

Yes! Offline messages is an outdated concept.

Ge0rG, I can log in, can send messages. If you can't, file an issue with test accounts on your server. Probably smth wrong with that.

isn’t the video showing xabber.com as serevr?

Hardly. Registration on that server is not free.

login, online and messages are outdated concepts

> Registration on that server is not free. That would be a better error message than "Offline".

so yay, I can login to xabber.org but not to .com.

now I have two accounts configured with no way to delete the broken one.

But I still can't add contacts or send messages.

Ge0rG, try doing it an iOS way.

Andrew Nenakhov: doing what, what way?

Ge0rG, > now I have two accounts configured with no way to delete the broken one.

That is done the iOS way

By swiping it? I tried.

oh, I'm getting downvoted on HN, lovely

zinid: they know a troll. :P

> By swiping it? I tried. Go to connection settings

Andrew Nenakhov: been there

Ge0rG, any reply to matrix talibans is trolling, okay

zinid: not any. Just yours 😁

c’mon, Ge0rG

https://xmpp.redsolution.com/upload/4bddf4f264f5c6577f16551f16a0abdf3f7ff84d/BhZOF4b0/IMG_20190221_205419.jpg

speaking about xmpp promotion

In Xabber iOS adding contacts, and settings in general are the least worked on parts. Cause they are too trivial and in inconsequential.

Andrew Nenakhov: now *this* is fucking well hidden. Settings -> Account -> Connection -> all the way down to the basement

Andrew Nenakhov: why isn't it at the bottom of Account?

Ge0rG, then reply to matrix dude something, stoping eating pop-corn, or just take your ass and upvote those who replied

good, it supports stream compression

We know we can do it any time putting in a couple of days of work

> We know we can do it any time putting in a couple of days of work Awesome.

So why wasting time on that when we have more potentially deal breakers in front of us?

Andrew Nenakhov: so what *are* you working on?

New-MUC?

itym GC1.0-NIH

Like a library to decode/encode ogg for example

aren’t there libraries to do that already?

You know that saying about you needing to learn walking before starting to fly?

jonas’, you'd be surprised, but no, there is no ogg lib for iOS

In 2019!

thefuck

if this is for telephony, go straight to opus

Andrew Nenakhov: okay, congratulations. you have explained to me how to use the account setup part of your non-working client

That's exactly what we went for

Andrew Nenakhov: why can't I send and receive fucking text messages, like it's 2002?

Ge0rG, this client is not even released

Ge0rG, you can't send messages because you are lame

Andrew Nenakhov: you know that part about "public beta tests"?

you announce it. People test it and report back. Unless they realize after five minutes that it's a broken mockup with your company logo on top

you'are all a bunch of neurons

Andrew Nenakhov: why can't I *receive* messages, then?

Ge0rG, cause you are lame, I guess. For me Xabber works extremely well now.

Those parts of it that work, at least ;)

Andrew Nenakhov: send a message to ge0rg@xabber.org

Andrew Nenakhov, only ass-ugly yaxim works for him

The most funniests thing is this: I receive back a 0184 receipt, but the message doesn't arrive in Xabber.

Andrew Nenakhov: Ha! I got a notification from you. Tapped it. Xabber crashed.

Ge0rG, last time you told me to file a bug report when I said something like that about another client

Ge0rG, so go file a fucking bug report!

zinid: why? The developer doesn't believe me anyway. I'm a liar.

maybe with a stacktrace they will

Most likely the version on test flight is fairly old.

Ge0rG, because you're indeed a liar?

> Most likely the version on test flight is fairly old. Yes. One month.

okay, at this point, I’d like to point out to *all* participants of this conversation (yes, you too, Ge0rG), that the level of toxicity you’ve reached is terrible and you all should take a step back.

jonas’: thank you (Y)

jonas’: sorry. I'm calm now.

🍿 no, they are just starting...

Ge0rG, if you don’t want to debug xabber, then just don’. Andrew Nenakhov, if you want Ge0rG to help you make xabber better (because I don’t doubt that there are issues), please point out the info you need in bugreports and how Ge0rG can gather it (mind that he’s not an iOS dev).

thanks

Xabber is not even a beta release, it's a rolling alpha builds. Some parts of it work (and do it great. Like, you've seen many clients that load recent chats history in a consistent way?). Some can react to it positively, some can go to very trivial to do areas of app and point fingers.

So I actually don't care for pointed fingers. :) We know what we do and why we do it in this exact order, and we'll release when we're ready.

🤐

I would rather suggest to Andrew Nenakhov to stop paying attention to Ge0rG since he's known hypocrite with double standards. And rather focus on client development - the task Ge0rG definitely failed 🙂

now I shut up 😀

Lol )

Also, better check this niiiiice vCard view

https://xmpp.redsolution.com/upload/4bddf4f264f5c6577f16551f16a0abdf3f7ff84d/TJKNGQTe/IMG_20190221_211000209.jpg

that’s indeed nice

jonas’, thanks

question regarding OMEMO: "A random preKeyPublic entry is selected, and used to build an SignalProtocol session." why a random one from the list?

To minimize conflicts, I guess

there is no protocol support to tell the server "give me a unique prekey"

ah later one we remove a key from the list, I see

got it got it :)

so lets say 20 preKeyPublic entries got published, which is hte minimum as i understand it, and i have 5 clients online. als they choose a random key. if they collide how is that detected again? i'm not clear about this part

jubalh: as soon as you used a prekey, the other side is supposed to update the list in PEP

Ge0rG, "it depends"

Once your client receives a prekey message for a certain prekey, it deletes said key. So if yet another client builds a session with that exact key, your client will be unable to decrypt that prekey message.

vanitasvitae, you means once you have confirmation that the session is initiated, right?

(I also need to understand the thing as I fear I'm going to spend time debugging it in the near future)

Hehe

> vanitasvitae, you means once you have confirmation that the session is initiated, right? ?

It deletes the prekey after it successfully decrypted the prekey message which initiates a session.

Right

Oh, wait so, you to me and me to you, that's two different sessions?

Whoever invented per device keys shall burn in hell forever

master key has other disadvantages fwiw

pep. a session can have more than one stage here

first you chose a prekey and send X messages, thats stage 1, it has not yet the full security propertys

so you have a session in stage 1

after some time the other side answers, this pushs the session into stage 2

and from that point on you have all the propertys like FS and what not

in stage one its like pgp i think

in the sense that it has no FS, if someone gets your secret key he can decrypt all past and future message of a stage 1

session