XSF Discussion - 2019-08-26

  1. mimi89999 has left
  2. lskdjf has left
  3. karoshi has left
  4. mimi89999 has joined
  5. karoshi has joined
  6. mimi89999 has left
  7. mimi89999 has joined
  8. mimi89999 has left
  9. mimi89999 has joined
  10. mimi89999 has left
  11. mimi89999 has joined
  12. mimi89999 has left
  13. mimi89999 has joined
  14. mimi89999 has left
  15. mimi89999 has joined
  16. mimi89999 has left
  17. mimi89999 has joined
  18. Chobbes has left
  19. zach has left
  20. zach has joined
  21. Chobbes has joined
  22. Daniel has left
  23. Douglas Terabyte has left
  24. Douglas Terabyte has joined
  25. Chobbes has left
  26. pdurbin has joined
  27. Daniel has joined
  28. Douglas Terabyte has left
  29. LNJ has joined
  30. pdurbin has left
  31. UsL has left
  32. UsL has joined
  33. zach has left
  34. zach has joined
  35. matlag has joined
  36. Douglas Terabyte has joined
  37. neshtaxmpp has left
  38. neshtaxmpp has joined
  39. karoshi has left
  40. adityaborikar has joined
  41. adityaborikar has left
  42. adityaborikar has joined
  43. pdurbin has joined
  44. adityaborikar has left
  45. lumi has left
  46. arc has left
  47. arc has joined
  48. jcbrand has joined
  49. pdurbin has left
  50. zach has left
  51. zach has joined
  52. pdurbin has joined
  53. Lance has joined
  54. andy has joined
  55. LNJ has left
  56. LNJ has joined
  57. jcbrand has left
  58. Tobias has joined
  59. pdurbin has left
  60. jcbrand has joined
  61. pdurbin has joined
  62. zach has left
  63. zach has joined
  64. Nekit has joined
  65. Lance has left
  66. adityaborikar has joined
  67. LNJ has left
  68. zach has left
  69. zach has joined
  70. Daniel has left
  71. Daniel has joined
  72. Daniel has left
  73. waqas has left
  74. waqas has joined
  75. jabberjocke has joined
  76. goffi has joined
  77. jabberjocke has left
  78. waqas has left
  79. marc_ has left
  80. Douglas Terabyte has left
  81. Douglas Terabyte has joined
  82. UsL has left
  83. UsL has joined
  84. karoshi has joined
  85. zach has left
  86. zach has joined
  87. Daniel has joined
  88. marc_ has joined
  89. ralphm Interesting issue, regarding matching phone numbers in Telegram: https://www.forbes.com/sites/zakdoffman/2019/08/25/chinese-agencies-crack-telegram-a-timely-warning-for-end-to-end-encryption/
  90. larma has left
  91. larma has joined
  92. zach has left
  93. zach has joined
  94. jabberjocke has joined
  95. alameyo has left
  96. alameyo has joined
  97. Maranda has left
  98. Mikaela has joined
  99. mimi89999 has left
  100. jabberjocke has left
  101. alameyo has left
  102. zach has left
  103. alameyo has joined
  104. Maranda has joined
  105. sezuan has joined
  106. moparisthebest has left
  107. moparisthebest has joined
  108. zach has joined
  109. mimi89999 has joined
  110. adityaborikar has left
  111. igoose has joined
  112. alameyo has left
  113. alameyo has joined
  114. alameyo has left
  115. vanitasvitae has left
  116. alameyo has joined
  117. arc has left
  118. arc has joined
  119. zach has left
  120. zach has joined
  121. adityaborikar has joined
  122. afrogeek has left
  123. alameyo has left
  124. alameyo has joined
  125. alameyo has left
  126. arc has left
  127. arc has joined
  128. arc has left
  129. arc has joined
  130. jabberjocke has joined
  131. Mikaela has left
  132. afrogeek has joined
  133. APach has left
  134. Mikaela has joined
  135. zach has left
  136. zach has joined
  137. APach has joined
  138. jubalh has joined
  139. alameyo has joined
  140. LNJ has joined
  141. rion has left
  142. mimi89999 has left
  143. mimi89999 has joined
  144. LNJ has left
  145. rion has joined
  146. adityaborikar has left
  147. adityaborikar has joined
  148. COM8 has joined
  149. ralphm has left
  150. COM8 has left
  151. ralphm has joined
  152. lskdjf has joined
  153. arc has left
  154. arc has joined
  155. zach has left
  156. zach has joined
  157. ralphm Just debugged an interesting issue with MAM messages being filtered out for MUCs, with prosody and mod_block_strangers.
  158. ralphm https://issues.prosody.im/1410
  159. ralphm I think that MIX would handle that better, but it is a good use case to keep in mind.
  160. ralphm (also, thanks Zash)
  161. Zash np
  162. Zash Why would MIX handle it better?
  163. jonas’ "use case"
  164. ralphm because you send presence to the channel JID
  165. ralphm Zash: so archived messages come in from the same JID, and wouldn't be a 'stranger'
  166. ralphm Zash: oh, and a channel is also a contact if you consider roster integration
  167. ralphm jonas’: hmm? This is not a valid use case?
  168. jonas’ I’m not sure if I’d call it a use case :)
  169. jonas’ but that may be just my english
  170. ralphm I meant the use case of wanting to block messages from strangers, and not getting any MUC archives (at all).
  171. Zash Not blocking full JID messages might help
  172. ralphm Just because MUC is weird in that you send presence to room@server/nick, and get archived messages from room@server, and the filter cannot easily know the former.
  173. ralphm Zash: it wouldn't help not getting spam, though.
  174. Zash You could keep track of outgoing stanzas of other types, eg the iq stanza
  175. Zash If full jids weren't static... sure
  176. ralphm Zash: because a server will happily send messages directed to a full JID to whichever other resource.
  177. ralphm the resource being dynamic wouldn't help
  178. jonas’ IM-NG would help with that.
  179. alameyo has left
  180. alameyo has joined
  181. ralphm well, MIX would also help, but for now we have neither
  182. Zash Not blocking like mod_block_strangers does would help too
  183. Andrew Nenakhov has joined
  184. Zash ralphm: I think the full JID "redirect" works by treating the message as a bare jid, and then mod_block_strangers would block it
  185. Zash So then if resources were session identifiers instead of long-term easily guessable device identifiers then it would be hard for spammers
  186. ralphm right
  187. ralphm And indeed, maybe mod_block_strangers isn't the best approach. I can imagine various cases where you'd receive a message stanzas from a non-contact that you didn't direct presence to (bare or full).
  188. ralphm And didn't want it blocked.
  189. Zash There are better approaches now, ask Ge0rG
  190. alameyo has left
  191. alameyo has joined
  192. Ge0rG mod_firewall works with heuristics.
  193. Ge0rG Also blocking messages from strangers, server-wide, is a very bad idea.
  194. Ge0rG There is a prosody module to keep track of MUCs, so mod_block_strangers could at least plug into that for whitelisting purposes
  195. ralphm Ge0rG: so far mod_block_strangers worked pretty well for me, and the module you refer to is mentioned in the ticket linked above :-D
  196. ralphm I'll check out mod_firewall
  197. vanitasvitae has joined
  198. Nekit has left
  199. Nekit has joined
  200. larma has left
  201. larma has joined
  202. madhur.garg has left
  203. Andrew Nenakhov has left
  204. madhur.garg has joined
  205. ralphm Ge0rG: also, I think that if you define rules for mod_firewall, you have to take this issue into account, as I don't think it is covered by the example in the documentation: ```# Rule to bounce messages from senders not in the roster who haven't been sent directed presence NOT IN ROSTER? NOT SENT DIRECTED PRESENCE TO SENDER? BOUNCE=service-unavailable```
  206. Ge0rG ralphm: my rules depend on the user not being in the roster, but there are some other elements involved.
  207. ralphm So do you think MAM archives for MUC work properly with mod_firewall?
  208. Ge0rG ralphm: there is a disapproved SPAM WG for that, in which you can become a member after signing an NDA with the blood of your first-born.
  209. ralphm That's a good filter
  210. Ge0rG ralphm: I haven't tested it
  211. Ge0rG ralphm: I assume so, because my heuristics strongly depend on the message body, and MAM fetches don't have a body
  212. ralphm ah
  213. ralphm I suppose mod_block_strangers could consider that, too
  214. COM8 has joined
  215. zach has left
  216. zach has joined
  217. adityaborikar has left
  218. Ge0rG I'm anticipating the MAM version of https://rt-solutions.de/de/2017/01/cve-2017-5589_xmpp_carbons/
  219. ralphm Well, sure, if a client isn't checking that it actually requested MAM and is waiting for <fin/>, and/or doesn't check the origin, this is going to suck.
  220. Ge0rG ralphm: you know how client developers work? It works? ship ip!
  221. alameyo has left
  222. ralphm All devs, really.
  223. Ge0rG Right.
  224. alameyo has joined
  225. LNJ has joined
  226. Ge0rG So all I need to do is: 1) wait for wide-scale MAM deployment 2) request an appropriate number of CVE IDs
  227. ralphm I have no idea how well MAM is deployed.
  228. Ge0rG There is a bunch of clients.
  229. Ge0rG yaxim soon to be among them
  230. Ge0rG // TODO: check origin
  231. ralphm I have used gajim and conversations for a long time, I must be spoiled
  232. ralphm Curious if Daniel knows of-hand if Conversations is checking the origin.
  233. Daniel not reading the entire backlog? but checking the from of MAM messages? yes i do
  234. Daniel also the query id
  235. ralphm Nice
  236. aj has left
  237. Daniel so even if one check fails; you'd have to guess a random query id
  238. ralphm So if it doesn't match it just ignores it (for the purposes of being interpreted as a MAM message).
  239. Daniel yes
  240. ralphm yay
  241. Ge0rG I had to work around the regular message parser parsing MAM messages, because it's running in a separate thread pool and I couldn't control when it ends. Luckily, this also fixed the issue.
  242. COM8 has left
  243. jabberjocke has left
  244. COM8 has joined
  245. adityaborikar has joined
  246. typikol has joined
  247. adityaborikar has left
  248. typikol has left
  249. zach has left
  250. zach has joined
  251. j.r has left
  252. j.r has joined
  253. pdurbin has left
  254. adityaborikar has joined
  255. COM8 has left
  256. COM8 has joined
  257. jabberjocke has joined
  258. COM8 has left
  259. COM8 has joined
  260. COM8 has left
  261. zach has left
  262. zach has joined
  263. lumi has joined
  264. adityaborikar has left
  265. adityaborikar has joined
  266. adityaborikar has left
  267. aj has joined
  268. adityaborikar has joined
  269. adityaborikar has left
  270. madhur.garg has left
  271. madhur.garg has joined
  272. Nekit has left
  273. zach has left
  274. zach has joined
  275. Nekit has joined
  276. Chobbes has joined
  277. zach has left
  278. zach has joined
  279. debacle has joined
  280. adityaborikar has joined
  281. adityaborikar has left
  282. LNJ has left
  283. zach has left
  284. zach has joined
  285. madhur.garg has left
  286. madhur.garg has joined
  287. Chobbes has left
  288. Chobbes has joined
  289. pdurbin has joined
  290. sonny has joined
  291. LNJ has joined
  292. pdurbin has left
  293. zach has left
  294. zach has joined
  295. debacle has left
  296. igoose has left
  297. zach has left
  298. zach has joined
  299. matlag has left
  300. matlag has joined
  301. Chobbes has left
  302. adityaborikar has joined
  303. zach has left
  304. zach has joined
  305. Allo has left
  306. zach has left
  307. zach has joined
  308. sonny has left
  309. zach has left
  310. zach has joined
  311. igoose has joined
  312. sonny has joined
  313. sonny has left
  314. sonny has joined
  315. madhur.garg has left
  316. madhur.garg has joined
  317. Chobbes has joined
  318. zach has left
  319. zach has joined
  320. pdurbin has joined
  321. jjrh has joined
  322. jjrh has left
  323. jjrh has joined
  324. kokonoe has left
  325. kokonoe has joined
  326. madhur.garg has left
  327. madhur.garg has joined
  328. Nekit has left
  329. jubalh has left
  330. COM8 has joined
  331. COM8 has left
  332. COM8 has joined
  333. pdurbin has left
  334. Nekit has joined
  335. COM8 has left
  336. jubalh has joined
  337. COM8 has joined
  338. jubalh has left
  339. COM8 has left
  340. COM8 has joined
  341. COM8 has left
  342. j.r has left
  343. zach has left
  344. zach has joined
  345. lovetox has joined
  346. mathieui Hi, someone just asked me about https://xmpp.org/extensions/inbox/message-retraction.html and I could not find any strong rejections of this, so maybe it could go forward? Half of the usage can be substituted by message corrections (removing messages you sent accidentally), the other half (moderating messages of other people in public channels) can be really needed
  347. mathieui (e.g. you have a public channel and would like to be able to remove dick picks from the history after banning the one who sent it)
  348. zach has left
  349. zach has joined
  350. mathieui (especially if people are using a client which, for user-friendliness reasons, displays pictures by default)
  351. linkmauve has joined
  352. LNJ has left
  353. pep. MR 20190626T13:10:14Z 000 <dwd>  So it looks, to me, that message-deletion was almost accepted, but had its name changed as a result of council feedback - but I can't see it actually getting rejected. MR 20190626T13:10:47Z 000 <pep.>  Somebody not following up? MR 20190626T13:10:59Z 000 <dwd>  It was four years ago, though. But I think the general feel back then was that as long as we called it "retraction" and not "deletion", it'd be OK. MR 20190626T13:11:19Z 000 <dwd>  pep., Very hard to tell. I suspect it fell through the inter-council gap.
  354. mathieui oh I missed that because I only grepped retraction
  355. pep. So yeah I guess somebody could repropose it
  356. Dele (Mobile) has joined
  357. igoose has left
  358. zach has left
  359. zach has joined
  360. sonny has left
  361. sonny has joined
  362. Nekit has left
  363. Nekit has joined
  364. sezuan has left
  365. ralphm FWIW, retraction is much better than deletion indeed, as the latter can not actually be guaranteed.
  366. Maranda has left
  367. Maranda has joined
  368. Nekit has left
  369. Nekit has joined
  370. LNJ has joined
  371. Lance has joined
  372. zach has left
  373. zach has joined
  374. COM8 has joined
  375. sonny has left
  376. COM8 has left
  377. COM8 has joined
  378. COM8 has left
  379. adityaborikar has left
  380. COM8 has joined
  381. COM8 has left
  382. COM8 has joined
  383. COM8 has left
  384. mimi89999 has left
  385. mimi89999 has joined
  386. Ge0rG I'm sure nobody from council will try to block this until reference attachments are sorted out
  387. zach has left
  388. LNJ has left
  389. zach has joined
  390. jonas’ I sense sarcasm
  391. Alex has left
  392. adityaborikar has joined
  393. Ge0rG There is also an impending inter council gap.
  394. ralphm I don't see an issue accepting it as a XEP.
  395. ralphm Of course there are comments on it. One obvious one: what kind of id to pass.
  396. Ge0rG ralphm: maybe you didn't keep up with the submission of Reactions, then.
  397. ralphm The example shows the stanza id, but it is not explicit.
  398. ralphm Ge0rG: you missed all the messages I sent last week?
  399. Ge0rG ralphm: messages to standards@? Maybe I've just skimmed them and forgot immediately, because there was nothing I disagreed with?
  400. Ge0rG I'd have to check my mailbox.
  401. zach has left
  402. zach has joined
  403. ralphm But yes, I do wonder what happened with "ah, yes, we should indeed have a XEP covering this use case. Accepted. Now, let's write the long email on things that could be better in this proposal."
  404. ralphm Ge0rG: no, in here
  405. Ge0rG ralphm: can I repeat my excuse? It was a very long and very hot day, and my train is late.
  406. Ge0rG When the train eventually arrives, I'll try to find a seat where I can use my laptop to read up on things.
  407. ralphm Sure, it's been 32 °C here
  408. COM8 has joined
  409. COM8 has left
  410. Lance I'm author on that proto xep, but very little memory about it now. I burned out on a lot of stuff around that time, so probably lost in a todo pile.
  411. ralphm Lance: but back in the game now?
  412. Lance Enough to say send it back to Council for a vote and feedback.
  413. ralphm 🤣
  414. Ge0rG 🙈🙉🙊
  415. Lance My (extremely vague) recollection is that the part that I actually wanted was MUC moderation controls, and there were some questions if doing moderation via messages was appropriate vs having iq methods on a room.
  416. ralphm Do you mean beyond people retracting their own messages?
  417. zach has left
  418. zach has joined
  419. Lance Yeah. Admin/moderator cleanup cases
  420. ralphm I'd expect those to be operations on the channel, indeed with iqs, with notifications coming from the room.
  421. lskdjf has left
  422. lskdjf has joined
  423. Lance Right. I think _that_ is what waylaid the proposal from moving forward, and would still need to be solved.
  424. ralphm Well, I don't think it should hold up the spec from being accepted.
  425. lskdjf has left
  426. linkmauve has left
  427. lskdjf has joined
  428. jubalh has joined
  429. jjrh has left
  430. jjrh has joined
  431. jjrh has left
  432. jjrh has joined
  433. j.r has joined
  434. sonny has joined
  435. sonny has left
  436. sonny has joined
  437. jjrh has left
  438. sonny has left
  439. jjrh has joined
  440. Ge0rG Everything should be IQs, especially messages.
  441. sonny has joined
  442. lskdjf has left
  443. lskdjf has joined
  444. lskdjf has left
  445. Dele (Mobile) has left
  446. COM8 has joined
  447. COM8 has left
  448. COM8 has joined
  449. zach has left
  450. zach has joined
  451. COM8 has left
  452. COM8 has joined
  453. COM8 has left
  454. sonny has left
  455. sonny has joined
  456. COM8 has joined
  457. COM8 has left
  458. Lance has left
  459. aj has left
  460. zach has left
  461. zach has joined
  462. jubalh has left
  463. jubalh has joined
  464. Lance has joined
  465. Chobbes has left
  466. Chobbes has joined
  467. zach has left
  468. zach has joined
  469. alameyo has left
  470. alameyo has joined
  471. alameyo has left
  472. zach has left
  473. Nekit has left
  474. zach has joined
  475. sonny has left
  476. sonny has joined
  477. alameyo has joined
  478. lskdjf has joined
  479. jubalh has left
  480. adityaborikar has left
  481. sonny has left
  482. sonny has joined
  483. zach has left
  484. zach has joined
  485. sonny has left
  486. sonny has joined
  487. pdurbin has joined
  488. jubalh has joined
  489. lskdjf has left
  490. pdurbin has left
  491. lskdjf has joined
  492. sonny has left
  493. sonny has joined
  494. zach has left
  495. zach has joined
  496. LNJ has joined
  497. jubalh has left
  498. Chobbes has left
  499. Chobbes has joined
  500. Lance has left
  501. j.r has left
  502. j.r has joined
  503. sonny has left
  504. sonny has joined
  505. zach has left
  506. zach has joined
  507. alameyo has left
  508. alameyo has joined
  509. arc has left
  510. arc has joined
  511. alameyo has left
  512. lskdjf has left
  513. lskdjf has joined
  514. zach has left
  515. zach has joined
  516. lskdjf has left
  517. lskdjf has joined
  518. Nekit has joined
  519. sonny has left
  520. sonny has joined
  521. alameyo has joined
  522. Alex has joined
  523. zach has left
  524. zach has joined
  525. lskdjf has left
  526. lskdjf has joined
  527. lskdjf has left
  528. lskdjf has joined
  529. lskdjf has left
  530. lskdjf has joined
  531. lskdjf has left
  532. lskdjf has joined
  533. patrick has joined
  534. LNJ has left
  535. LNJ has joined
  536. goffi has left
  537. pdurbin has joined
  538. zach has left
  539. LNJ has left
  540. zach has joined
  541. jubalh has joined
  542. pdurbin has left
  543. neshtaxmpp has left
  544. debacle has joined
  545. XSF has joined
  546. jubalh has left
  547. arc has left
  548. arc has joined
  549. zach has left
  550. zach has joined
  551. Tobias has left
  552. jjrh has left
  553. jjrh has joined
  554. jjrh has left
  555. jjrh has joined
  556. jjrh has left
  557. jjrh has joined
  558. jjrh has left
  559. jjrh has joined
  560. Lance has joined
  561. lovetox has left
  562. Chobbes has left
  563. jjrh has left
  564. jjrh has joined
  565. wurstsalat has left
  566. Nekit has left
  567. j.r has left
  568. j.r has joined
  569. waqas has joined
  570. neshtaxmpp has joined
  571. neshtaxmpp has left
  572. zach has left
  573. zach has joined
  574. pdurbin has joined
  575. pdurbin has left
  576. neshtaxmpp has joined
  577. marc_ has left
  578. kokonoe has left
  579. kokonoe has joined
  580. lskdjf has left
  581. rion has left
  582. debacle has left
  583. rion has joined
  584. pdurbin has joined
  585. pdurbin has left
  586. pdurbin has joined
  587. moparisthebest has left
  588. zach has left
  589. zach has joined
  590. moparisthebest has joined
  591. linkmauve has joined
  592. rion has left
  593. UsL has left
  594. UsL has joined
  595. lskdjf has joined
  596. linkmauve has left
  597. larma has left
  598. pdurbin has left
  599. lskdjf has left
  600. larma has joined