XSF Discussion - 2019-08-26


  1. mimi89999 has left

  2. lskdjf has left

  3. karoshi has left

  4. mimi89999 has joined

  5. karoshi has joined

  6. mimi89999 has left

  7. mimi89999 has joined

  8. mimi89999 has left

  9. mimi89999 has joined

  10. mimi89999 has left

  11. mimi89999 has joined

  12. mimi89999 has left

  13. mimi89999 has joined

  14. mimi89999 has left

  15. mimi89999 has joined

  16. mimi89999 has left

  17. mimi89999 has joined

  18. Chobbes has left

  19. zach has left

  20. zach has joined

  21. Chobbes has joined

  22. Daniel has left

  23. Douglas Terabyte has left

  24. Douglas Terabyte has joined

  25. Chobbes has left

  26. pdurbin has joined

  27. Daniel has joined

  28. Douglas Terabyte has left

  29. LNJ has joined

  30. pdurbin has left

  31. UsL has left

  32. UsL has joined

  33. zach has left

  34. zach has joined

  35. matlag has joined

  36. Douglas Terabyte has joined

  37. neshtaxmpp has left

  38. neshtaxmpp has joined

  39. karoshi has left

  40. adityaborikar has joined

  41. adityaborikar has left

  42. adityaborikar has joined

  43. pdurbin has joined

  44. adityaborikar has left

  45. lumi has left

  46. arc has left

  47. arc has joined

  48. jcbrand has joined

  49. pdurbin has left

  50. zach has left

  51. zach has joined

  52. pdurbin has joined

  53. Lance has joined

  54. andy has joined

  55. LNJ has left

  56. LNJ has joined

  57. jcbrand has left

  58. Tobias has joined

  59. pdurbin has left

  60. jcbrand has joined

  61. pdurbin has joined

  62. zach has left

  63. zach has joined

  64. Nekit has joined

  65. Lance has left

  66. adityaborikar has joined

  67. LNJ has left

  68. zach has left

  69. zach has joined

  70. Daniel has left

  71. Daniel has joined

  72. Daniel has left

  73. waqas has left

  74. waqas has joined

  75. jabberjocke has joined

  76. goffi has joined

  77. jabberjocke has left

  78. waqas has left

  79. marc_ has left

  80. Douglas Terabyte has left

  81. Douglas Terabyte has joined

  82. UsL has left

  83. UsL has joined

  84. karoshi has joined

  85. zach has left

  86. zach has joined

  87. Daniel has joined

  88. marc_ has joined

  89. ralphm

    Interesting issue, regarding matching phone numbers in Telegram: https://www.forbes.com/sites/zakdoffman/2019/08/25/chinese-agencies-crack-telegram-a-timely-warning-for-end-to-end-encryption/

  90. larma has left

  91. larma has joined

  92. zach has left

  93. zach has joined

  94. jabberjocke has joined

  95. alameyo has left

  96. alameyo has joined

  97. Maranda has left

  98. Mikaela has joined

  99. mimi89999 has left

  100. jabberjocke has left

  101. alameyo has left

  102. zach has left

  103. alameyo has joined

  104. Maranda has joined

  105. sezuan has joined

  106. moparisthebest has left

  107. moparisthebest has joined

  108. zach has joined

  109. mimi89999 has joined

  110. adityaborikar has left

  111. igoose has joined

  112. alameyo has left

  113. alameyo has joined

  114. alameyo has left

  115. vanitasvitae has left

  116. alameyo has joined

  117. arc has left

  118. arc has joined

  119. zach has left

  120. zach has joined

  121. adityaborikar has joined

  122. afrogeek has left

  123. alameyo has left

  124. alameyo has joined

  125. alameyo has left

  126. arc has left

  127. arc has joined

  128. arc has left

  129. arc has joined

  130. jabberjocke has joined

  131. Mikaela has left

  132. afrogeek has joined

  133. APach has left

  134. Mikaela has joined

  135. zach has left

  136. zach has joined

  137. APach has joined

  138. jubalh has joined

  139. alameyo has joined

  140. LNJ has joined

  141. rion has left

  142. mimi89999 has left

  143. mimi89999 has joined

  144. LNJ has left

  145. rion has joined

  146. adityaborikar has left

  147. adityaborikar has joined

  148. COM8 has joined

  149. ralphm has left

  150. COM8 has left

  151. ralphm has joined

  152. lskdjf has joined

  153. arc has left

  154. arc has joined

  155. zach has left

  156. zach has joined

  157. ralphm

    Just debugged an interesting issue with MAM messages being filtered out for MUCs, with prosody and mod_block_strangers.

  158. ralphm

    https://issues.prosody.im/1410

  159. ralphm

    I think that MIX would handle that better, but it is a good use case to keep in mind.

  160. ralphm

    (also, thanks Zash)

  161. Zash

    np

  162. Zash

    Why would MIX handle it better?

  163. jonas’

    "use case"

  164. ralphm

    because you send presence to the channel JID

  165. ralphm

    Zash: so archived messages come in from the same JID, and wouldn't be a 'stranger'

  166. ralphm

    Zash: oh, and a channel is also a contact if you consider roster integration

  167. ralphm

    jonas’: hmm? This is not a valid use case?

  168. jonas’

    I’m not sure if I’d call it a use case :)

  169. jonas’

    but that may be just my english

  170. ralphm

    I meant the use case of wanting to block messages from strangers, and not getting any MUC archives (at all).

  171. Zash

    Not blocking full JID messages might help

  172. ralphm

    Just because MUC is weird in that you send presence to room@server/nick, and get archived messages from room@server, and the filter cannot easily know the former.

  173. ralphm

    Zash: it wouldn't help not getting spam, though.

  174. Zash

    You could keep track of outgoing stanzas of other types, eg the iq stanza

  175. Zash

    If full jids weren't static... sure

  176. ralphm

    Zash: because a server will happily send messages directed to a full JID to whichever other resource.

  177. ralphm

    the resource being dynamic wouldn't help

  178. jonas’

    IM-NG would help with that.

  179. alameyo has left

  180. alameyo has joined

  181. ralphm

    well, MIX would also help, but for now we have neither

  182. Zash

    Not blocking like mod_block_strangers does would help too

  183. Andrew Nenakhov has joined

  184. Zash

    ralphm: I think the full JID "redirect" works by treating the message as a bare jid, and then mod_block_strangers would block it

  185. Zash

    So then if resources were session identifiers instead of long-term easily guessable device identifiers then it would be hard for spammers

  186. ralphm

    right

  187. ralphm

    And indeed, maybe mod_block_strangers isn't the best approach. I can imagine various cases where you'd receive a message stanzas from a non-contact that you didn't direct presence to (bare or full).

  188. ralphm

    And didn't want it blocked.

  189. Zash

    There are better approaches now, ask Ge0rG

  190. alameyo has left

  191. alameyo has joined

  192. Ge0rG

    mod_firewall works with heuristics.

  193. Ge0rG

    Also blocking messages from strangers, server-wide, is a very bad idea.

  194. Ge0rG

    There is a prosody module to keep track of MUCs, so mod_block_strangers could at least plug into that for whitelisting purposes

  195. ralphm

    Ge0rG: so far mod_block_strangers worked pretty well for me, and the module you refer to is mentioned in the ticket linked above :-D

  196. ralphm

    I'll check out mod_firewall

  197. vanitasvitae has joined

  198. Nekit has left

  199. Nekit has joined

  200. larma has left

  201. larma has joined

  202. madhur.garg has left

  203. Andrew Nenakhov has left

  204. madhur.garg has joined

  205. ralphm

    Ge0rG: also, I think that if you define rules for mod_firewall, you have to take this issue into account, as I don't think it is covered by the example in the documentation: ```# Rule to bounce messages from senders not in the roster who haven't been sent directed presence NOT IN ROSTER? NOT SENT DIRECTED PRESENCE TO SENDER? BOUNCE=service-unavailable```

  206. Ge0rG

    ralphm: my rules depend on the user not being in the roster, but there are some other elements involved.

  207. ralphm

    So do you think MAM archives for MUC work properly with mod_firewall?

  208. Ge0rG

    ralphm: there is a disapproved SPAM WG for that, in which you can become a member after signing an NDA with the blood of your first-born.

  209. ralphm

    That's a good filter

  210. Ge0rG

    ralphm: I haven't tested it

  211. Ge0rG

    ralphm: I assume so, because my heuristics strongly depend on the message body, and MAM fetches don't have a body

  212. ralphm

    ah

  213. ralphm

    I suppose mod_block_strangers could consider that, too

  214. COM8 has joined

  215. zach has left

  216. zach has joined

  217. adityaborikar has left

  218. Ge0rG

    I'm anticipating the MAM version of https://rt-solutions.de/de/2017/01/cve-2017-5589_xmpp_carbons/

  219. ralphm

    Well, sure, if a client isn't checking that it actually requested MAM and is waiting for <fin/>, and/or doesn't check the origin, this is going to suck.

  220. Ge0rG

    ralphm: you know how client developers work? It works? ship ip!

  221. alameyo has left

  222. ralphm

    All devs, really.

  223. Ge0rG

    Right.

  224. alameyo has joined

  225. LNJ has joined

  226. Ge0rG

    So all I need to do is: 1) wait for wide-scale MAM deployment 2) request an appropriate number of CVE IDs

  227. ralphm

    I have no idea how well MAM is deployed.

  228. Ge0rG

    There is a bunch of clients.

  229. Ge0rG

    yaxim soon to be among them

  230. Ge0rG

    // TODO: check origin

  231. ralphm

    I have used gajim and conversations for a long time, I must be spoiled

  232. ralphm

    Curious if Daniel knows of-hand if Conversations is checking the origin.

  233. Daniel

    not reading the entire backlog? but checking the from of MAM messages? yes i do

  234. Daniel

    also the query id

  235. ralphm

    Nice

  236. aj has left

  237. Daniel

    so even if one check fails; you'd have to guess a random query id

  238. ralphm

    So if it doesn't match it just ignores it (for the purposes of being interpreted as a MAM message).

  239. Daniel

    yes

  240. ralphm

    yay

  241. Ge0rG

    I had to work around the regular message parser parsing MAM messages, because it's running in a separate thread pool and I couldn't control when it ends. Luckily, this also fixed the issue.

  242. COM8 has left

  243. jabberjocke has left

  244. COM8 has joined

  245. adityaborikar has joined

  246. typikol has joined

  247. adityaborikar has left

  248. typikol has left

  249. zach has left

  250. zach has joined

  251. j.r has left

  252. j.r has joined

  253. pdurbin has left

  254. adityaborikar has joined

  255. COM8 has left

  256. COM8 has joined

  257. jabberjocke has joined

  258. COM8 has left

  259. COM8 has joined

  260. COM8 has left

  261. zach has left

  262. zach has joined

  263. lumi has joined

  264. adityaborikar has left

  265. adityaborikar has joined

  266. adityaborikar has left

  267. aj has joined

  268. adityaborikar has joined

  269. adityaborikar has left

  270. madhur.garg has left

  271. madhur.garg has joined

  272. Nekit has left

  273. zach has left

  274. zach has joined

  275. Nekit has joined

  276. Chobbes has joined

  277. zach has left

  278. zach has joined

  279. debacle has joined

  280. adityaborikar has joined

  281. adityaborikar has left

  282. LNJ has left

  283. zach has left

  284. zach has joined

  285. madhur.garg has left

  286. madhur.garg has joined

  287. Chobbes has left

  288. Chobbes has joined

  289. pdurbin has joined

  290. sonny has joined

  291. LNJ has joined

  292. pdurbin has left

  293. zach has left

  294. zach has joined

  295. debacle has left

  296. igoose has left

  297. zach has left

  298. zach has joined

  299. matlag has left

  300. matlag has joined

  301. Chobbes has left

  302. adityaborikar has joined

  303. zach has left

  304. zach has joined

  305. Allo has left

  306. zach has left

  307. zach has joined

  308. sonny has left

  309. zach has left

  310. zach has joined

  311. igoose has joined

  312. sonny has joined

  313. sonny has left

  314. sonny has joined

  315. madhur.garg has left

  316. madhur.garg has joined

  317. Chobbes has joined

  318. zach has left

  319. zach has joined

  320. pdurbin has joined

  321. jjrh has joined

  322. jjrh has left

  323. jjrh has joined

  324. kokonoe has left

  325. kokonoe has joined

  326. madhur.garg has left

  327. madhur.garg has joined

  328. Nekit has left

  329. jubalh has left

  330. COM8 has joined

  331. COM8 has left

  332. COM8 has joined

  333. pdurbin has left

  334. Nekit has joined

  335. COM8 has left

  336. jubalh has joined

  337. COM8 has joined

  338. jubalh has left

  339. COM8 has left

  340. COM8 has joined

  341. COM8 has left

  342. j.r has left

  343. zach has left

  344. zach has joined

  345. lovetox has joined

  346. mathieui

    Hi, someone just asked me about https://xmpp.org/extensions/inbox/message-retraction.html and I could not find any strong rejections of this, so maybe it could go forward? Half of the usage can be substituted by message corrections (removing messages you sent accidentally), the other half (moderating messages of other people in public channels) can be really needed

  347. mathieui

    (e.g. you have a public channel and would like to be able to remove dick picks from the history after banning the one who sent it)

  348. zach has left

  349. zach has joined

  350. mathieui

    (especially if people are using a client which, for user-friendliness reasons, displays pictures by default)

  351. linkmauve has joined

  352. LNJ has left

  353. pep.

    MR 20190626T13:10:14Z 000 <dwd>  So it looks, to me, that message-deletion was almost accepted, but had its name changed as a result of council feedback - but I can't see it actually getting rejected. MR 20190626T13:10:47Z 000 <pep.>  Somebody not following up? MR 20190626T13:10:59Z 000 <dwd>  It was four years ago, though. But I think the general feel back then was that as long as we called it "retraction" and not "deletion", it'd be OK. MR 20190626T13:11:19Z 000 <dwd>  pep., Very hard to tell. I suspect it fell through the inter-council gap.

  354. mathieui

    oh I missed that because I only grepped retraction

  355. pep.

    So yeah I guess somebody could repropose it

  356. Dele (Mobile) has joined

  357. igoose has left

  358. zach has left

  359. zach has joined

  360. sonny has left

  361. sonny has joined

  362. Nekit has left

  363. Nekit has joined

  364. sezuan has left

  365. ralphm

    FWIW, retraction is much better than deletion indeed, as the latter can not actually be guaranteed.

  366. Maranda has left

  367. Maranda has joined

  368. Nekit has left

  369. Nekit has joined

  370. LNJ has joined

  371. Lance has joined

  372. zach has left

  373. zach has joined

  374. COM8 has joined

  375. sonny has left

  376. COM8 has left

  377. COM8 has joined

  378. COM8 has left

  379. adityaborikar has left

  380. COM8 has joined

  381. COM8 has left

  382. COM8 has joined

  383. COM8 has left

  384. mimi89999 has left

  385. mimi89999 has joined

  386. Ge0rG

    I'm sure nobody from council will try to block this until reference attachments are sorted out

  387. zach has left

  388. LNJ has left

  389. zach has joined

  390. jonas’

    I sense sarcasm

  391. Alex has left

  392. adityaborikar has joined

  393. Ge0rG

    There is also an impending inter council gap.

  394. ralphm

    I don't see an issue accepting it as a XEP.

  395. ralphm

    Of course there are comments on it. One obvious one: what kind of id to pass.

  396. Ge0rG

    ralphm: maybe you didn't keep up with the submission of Reactions, then.

  397. ralphm

    The example shows the stanza id, but it is not explicit.

  398. ralphm

    Ge0rG: you missed all the messages I sent last week?

  399. Ge0rG

    ralphm: messages to standards@? Maybe I've just skimmed them and forgot immediately, because there was nothing I disagreed with?

  400. Ge0rG

    I'd have to check my mailbox.

  401. zach has left

  402. zach has joined

  403. ralphm

    But yes, I do wonder what happened with "ah, yes, we should indeed have a XEP covering this use case. Accepted. Now, let's write the long email on things that could be better in this proposal."

  404. ralphm

    Ge0rG: no, in here

  405. Ge0rG

    ralphm: can I repeat my excuse? It was a very long and very hot day, and my train is late.

  406. Ge0rG

    When the train eventually arrives, I'll try to find a seat where I can use my laptop to read up on things.

  407. ralphm

    Sure, it's been 32 °C here

  408. COM8 has joined

  409. COM8 has left

  410. Lance

    I'm author on that proto xep, but very little memory about it now. I burned out on a lot of stuff around that time, so probably lost in a todo pile.

  411. ralphm

    Lance: but back in the game now?

  412. Lance

    Enough to say send it back to Council for a vote and feedback.

  413. ralphm

    🤣

  414. Ge0rG

    🙈🙉🙊

  415. Lance

    My (extremely vague) recollection is that the part that I actually wanted was MUC moderation controls, and there were some questions if doing moderation via messages was appropriate vs having iq methods on a room.

  416. ralphm

    Do you mean beyond people retracting their own messages?

  417. zach has left

  418. zach has joined

  419. Lance

    Yeah. Admin/moderator cleanup cases

  420. ralphm

    I'd expect those to be operations on the channel, indeed with iqs, with notifications coming from the room.

  421. lskdjf has left

  422. lskdjf has joined

  423. Lance

    Right. I think _that_ is what waylaid the proposal from moving forward, and would still need to be solved.

  424. ralphm

    Well, I don't think it should hold up the spec from being accepted.

  425. lskdjf has left

  426. linkmauve has left

  427. lskdjf has joined

  428. jubalh has joined

  429. jjrh has left

  430. jjrh has joined

  431. jjrh has left

  432. jjrh has joined

  433. j.r has joined

  434. sonny has joined

  435. sonny has left

  436. sonny has joined

  437. jjrh has left

  438. sonny has left

  439. jjrh has joined

  440. Ge0rG

    Everything should be IQs, especially messages.

  441. sonny has joined

  442. lskdjf has left

  443. lskdjf has joined

  444. lskdjf has left

  445. Dele (Mobile) has left

  446. COM8 has joined

  447. COM8 has left

  448. COM8 has joined

  449. zach has left

  450. zach has joined

  451. COM8 has left

  452. COM8 has joined

  453. COM8 has left

  454. sonny has left

  455. sonny has joined

  456. COM8 has joined

  457. COM8 has left

  458. Lance has left

  459. aj has left

  460. zach has left

  461. zach has joined

  462. jubalh has left

  463. jubalh has joined

  464. Lance has joined

  465. Chobbes has left

  466. Chobbes has joined

  467. zach has left

  468. zach has joined

  469. alameyo has left

  470. alameyo has joined

  471. alameyo has left

  472. zach has left

  473. Nekit has left

  474. zach has joined

  475. sonny has left

  476. sonny has joined

  477. alameyo has joined

  478. lskdjf has joined

  479. jubalh has left

  480. adityaborikar has left

  481. sonny has left

  482. sonny has joined

  483. zach has left

  484. zach has joined

  485. sonny has left

  486. sonny has joined

  487. pdurbin has joined

  488. jubalh has joined

  489. lskdjf has left

  490. pdurbin has left

  491. lskdjf has joined

  492. sonny has left

  493. sonny has joined

  494. zach has left

  495. zach has joined

  496. LNJ has joined

  497. jubalh has left

  498. Chobbes has left

  499. Chobbes has joined

  500. Lance has left

  501. j.r has left

  502. j.r has joined

  503. sonny has left

  504. sonny has joined

  505. zach has left

  506. zach has joined

  507. alameyo has left

  508. alameyo has joined

  509. arc has left

  510. arc has joined

  511. alameyo has left

  512. lskdjf has left

  513. lskdjf has joined

  514. zach has left

  515. zach has joined

  516. lskdjf has left

  517. lskdjf has joined

  518. Nekit has joined

  519. sonny has left

  520. sonny has joined

  521. alameyo has joined

  522. Alex has joined

  523. zach has left

  524. zach has joined

  525. lskdjf has left

  526. lskdjf has joined

  527. lskdjf has left

  528. lskdjf has joined

  529. lskdjf has left

  530. lskdjf has joined

  531. lskdjf has left

  532. lskdjf has joined

  533. patrick has joined

  534. LNJ has left

  535. LNJ has joined

  536. goffi has left

  537. pdurbin has joined

  538. zach has left

  539. LNJ has left

  540. zach has joined

  541. jubalh has joined

  542. pdurbin has left

  543. neshtaxmpp has left

  544. debacle has joined

  545. XSF has joined

  546. jubalh has left

  547. arc has left

  548. arc has joined

  549. zach has left

  550. zach has joined

  551. Tobias has left

  552. jjrh has left

  553. jjrh has joined

  554. jjrh has left

  555. jjrh has joined

  556. jjrh has left

  557. jjrh has joined

  558. jjrh has left

  559. jjrh has joined

  560. Lance has joined

  561. lovetox has left

  562. Chobbes has left

  563. jjrh has left

  564. jjrh has joined

  565. wurstsalat has left

  566. Nekit has left

  567. j.r has left

  568. j.r has joined

  569. waqas has joined

  570. neshtaxmpp has joined

  571. neshtaxmpp has left

  572. zach has left

  573. zach has joined

  574. pdurbin has joined

  575. pdurbin has left

  576. neshtaxmpp has joined

  577. marc_ has left

  578. kokonoe has left

  579. kokonoe has joined

  580. lskdjf has left

  581. rion has left

  582. debacle has left

  583. rion has joined

  584. pdurbin has joined

  585. pdurbin has left

  586. pdurbin has joined

  587. moparisthebest has left

  588. zach has left

  589. zach has joined

  590. moparisthebest has joined

  591. linkmauve has joined

  592. rion has left

  593. UsL has left

  594. UsL has joined

  595. lskdjf has joined

  596. linkmauve has left

  597. larma has left

  598. pdurbin has left

  599. lskdjf has left

  600. larma has joined