XSF Discussion - 2024-08-10


  1. moparisthebest

    I appreciate all the feedback I got here and elsewhere, I have updated https://www.moparisthebest.com/against-silos-signal/ and hopefully addressed it all, please give another look and let me know if not

  2. moparisthebest

    even the CSS issue Guus found, though just by updating my theme :D

  3. admin

    Mopar you darn “cargo cultist” you! /sarc Jokes aside, you have penned an excellent piece here. Sometimes being an “expert” interferes with one’s common sense. The only “typo” I might address is “e2e” I think you mean “E2EE”.

  4. Menel

    As long as nobody writes e2ee encryption 🙂

  5. fugata

    > XMPP vs. Matrix https://news.ycombinator.com/item?id=41200028

  6. MSavoritias fae.ve

    its funny how this being the orange site i dont need to click to know what it is XD

  7. roloi

    Hello everyone

  8. roloi

    Can help me

  9. roloi

    i dont understant about the use server connection

  10. fugata

    Strangely, there was barely any (HN) interest in this post I made about a week ago. > The Quick and Easy Guide to Jabber/XMPP https://news.ycombinator.com/item?id=41134533

  11. Zash

    fugata, I don't think HN is the best target audience for that kind of post. It's a site run by a startup incubator.

  12. moparisthebest

    Lol every now and then I'll read hn comments and immediately regret it

  13. moparisthebest

    > I think it's time XMPP moved past XML, like maybe to json or something... I plan to try this one day Cool story buddy I'm on the edge of my seat

  14. singpolyma

    > fugata, I don't think HN is the best target audience for that kind of post. It's a site run by a startup incubator. I'm not sure how that's relevant? It's not like all users are startup people, nor is it true that people who run or work for startups are particularly predisposed to dislike xmpp vs anyone else

  15. edhelas

    There's no AI nor blockchain nor VR built in, and no JSON :(

  16. Seve

    > Lol every now and then I'll read hn comments and immediately regret it > >> I think it's time XMPP moved past XML, like maybe to json or something... I plan to try this one day > Cool story buddy I'm on the edge of my seat one suggested yaml xD

  17. Zash

    singpolyma, I was more thinking about the end user focus. But sure, no absolutes.

  18. fugata

    I probably didn't use a sufficiently-provocative title. Like "Why you should drop everything and switch to XMPP this instant".

  19. fugata

    I probably didn't use a sufficiently provocative title. Like "Why you should drop everything and switch to XMPP this instant".

  20. Zash

    That too!

  21. Zash

    And you forgot to have a sockpuppet post some controversial opinion as first comment that everyone else had to disagree with :)

  22. fugata

    😅

  23. lissine

    >> I think it's time XMPP moved past XML, like maybe to json or something... I plan to try this one day > Cool story buddy I'm on the edge of my seat That would hurt extensibility, right?

  24. moparisthebest

    Without https://www.moparisthebest.com/images/jsonschema.jpg it would :)

  25. moparisthebest

    Sure was nice for Venezuela and Russia to do this in support of my blog post https://www.theverge.com/2024/8/9/24217008/signal-blocked-venezuela-russia

  26. fugata

    The Indian government banned Element and Briar some time ago 🤔 They could just as well ban XMPP as a whole - I doubt technical measures (like federation) are much help here.

  27. fugata

    The Indian government banned Element and Briar some time ago 🤔 They could just as well ban XMPP as a whole - I doubt technical measures (like federation) are much help against abusive states.

  28. moparisthebest

    They are a huge help, as you only need to connect to 1 server (any server) and you suddenly have access to the whole network

  29. moparisthebest

    Does signal support connecting on an .onion address? Many XMPP servers do. Along with many other ways, oppressive govts can't ever block them all without blocking the whole internet (and even then... Satellites/radio/etc

  30. kurisu

    > There's no AI nor blockchain nor VR built in, and no JSON :( Xml was the blockchain from back then, far more overused and abused. Xmpp is one such example.

  31. Zash

    And don't forget to vote, or use whichever box is appropriate in your particular dystopia.

  32. kurisu

    > Does signal support connecting on an .onion address? Many XMPP servers do. Along with many other ways, oppressive govts can't ever block them all without blocking the whole internet (and even then... Satellites/radio/etc There's no practical difference to the end user if they connect to a clearnet website via tor or an onion service.

  33. moparisthebest

    kurisu: the difference is the clearnet way is blocked by their govt and the .onion service is not

  34. kurisu

    >via tor

  35. singpolyma

    Also there's no way to distinguish xmpp traffic in general from other kinds of traffic. There are ways to detect many popular deployments but it's always possible to use a mode that can't be distinguished

  36. singpolyma

    Tor is one of those ways, but you don't need that extreme to prevent blocking

  37. singpolyma

    Though it'll be cat and mouse and they find and block each server you use over time

  38. moparisthebest

    Right, servers/clients can be as creative as they want with their c2s methods, while still keeping contact with the entire federated network

  39. kurisu

    In practice Conversations just outright refused to work with any server I tried on my uni network the admins of which I am sure never even heard of xmpp. Maybe it was because of starttls.

  40. singpolyma

    Probably they blocked 5222 and no server you tried was on an allowed port

  41. Zash

    kurisu, did you try complaining to the network admins?

  42. kurisu

    why when I cold just enable vpn. They wouldn't rush in to unblock something that probably only one person ever used on their network in that entire uni's history lol

  43. Zash

    How do you know you're the only one? Why would the admins do anything if nobody says anything?

  44. kurisu

    >How do you know you're the only one? Just being realist

  45. kurisu

    If it were some university in europe I could expect at least one other person to have used xmpp at some point in their history

  46. Zash

    Well suppose you're not the only one, and the others think the same thing.

  47. moparisthebest

    > In practice Conversations just outright refused to work with any server I tried on my uni network the admins of which I am sure never even heard of xmpp. Maybe it was because of starttls. kurisu: this, except s/uni/work/, was the reason I created and implemented '368 and why my server listens on 443, conversations and other clients have just worked from every network since...

  48. Seve

    yup, here one of the xmpp blocked in EU universities victims

  49. Seve

    yup, here one of the xmpp blocked in EU universities victims (in the past)

  50. lissine

    > yup, here one of the xmpp blocked in EU universities victims (in the past) Universities don't block xmpp. But rather, their firewall has a small set of ports allowed, and xmpp ports aren't in that set.

  51. Menel

    From my experience it is often they allow every port or only 53,80,443

  52. Zash

    and 5228

  53. Zash

    occationally email c2s ports

  54. Menel

    Ah yes forgot the mail ports. websites and mail... That's all there is

  55. Zash

    and ironically, google / apple push notification services (xmpp-derived)

  56. deport

    Does this port blocking even have security benefits or is it more like superstition?

  57. Menel

    Security might be a string word. But it will lessen non well educated people using something like torrents in the network etc.

  58. moparisthebest

    Superstition

  59. Menel

    Security might be a stong word. But it will lessen non well educated people using something like torrents in the network etc.

  60. mdosch

    Seems my university was not hostile. I remember using xmpp there.

  61. moparisthebest

    I don't think anyone thinks "I'm going to block XMPP" rather they are sold a pack of lies by a "security" vendor and set up a "firewall" for "security" and it blocks everything but https

  62. Zash

    and then they receive a fancy diploma-looking paper saying "ISO-something-or-other Certification"

  63. moparisthebest

    Correct, I call it "security by checkbox"

  64. moparisthebest

    [x] installed security appliance

  65. moparisthebest

    Now we are secure! My work here is done.

  66. Roloi

    Server connection? For xmpp or jabber

  67. Roloi

    Can help me ?

  68. fugata

    Roloi: I don't think I understand your problem, can you describe it in detail?