Skip to main content

Cerca

Elementi taggati con: OMEMO


 

Converse 4 released

After more than 7 months of active development, Converse 4 has finally been released.
Converse is an open source XMPP-based chat client written in JavaScript and which runs in your browser.
This release contains lots of highlights, including rewriting the UI to use Bootstrap 4, support for OMEMO Encryption of private messages, message corrections and file-sharing via HTTP file upload.
XMPP is an IETF standardized messaging and presence protocol with multiple independent server and client implementations.
Unlike other popular open source teamchat applications like Mattermost and Rocket.chat, Converse doesn't depend on any particular server (e.g. backend) application. Any XMPP server which supports the relevant extensions (aka XEPs) will do.
Converse is 100% front-end JavaScript and CSS. The only backend you need is an XMPP server, which you can either set up and host yourself or you can sign up on an existing one.
read more...

#community #xmpp #freesoftware #omemo #im #federation #encryption #converse #jsxc

 

Converse 4.0.0 released


Converse is an XMPP chat client for the web browser, similar to JSXC.

New Features


* #161 XEP-0363: HTTP File Upload
* #194 Include entity capabilities in outgoing presence stanzas
* #337 API call to update a VCard
* #421 XEP-0308: Last Message Correction
* #497 XEP-0384: OMEMO encrypted messaging
* #968 Use nickname from VCard when joining a room
* #986 Affiliation changes aren't displayed in the chat
* #1081 Allow for shift-enter to insert newlines
* #1091 There's now only one CSS file for all view modes.
* #1094 Show room members who aren't currently online
* #1106 Support for Roster Versioning
* #1137 Autocompletion and support for XEP-0372 References, specifically section "3.2 Mentions".
* It's now also possible to edit your VCard via the UI
* Automatically grow/shrink input as text is entered/removed
* MP4 and MP3 files when sent as XEP-0066 Out of Band Data, are now playable directly in chat
* Support for rendering URLs sent according to XEP-0066 Out of Band Data.
* Geo-URIs (e.g. from Conversations) are now replaced by links to openstreetmap (works in reverse also)
* Add a checkbox to indicate whether a trusted device is being used or not.
If the device is not trusted, sessionStorage is used and all user data is deleted from the browser cache upon logout.
If the device is trusted, localStorage is used and user data is cached indefinitely.
* Initial support for XEP-0357 Push Notifications, specifically registering an "App Server".
* Add support for logging in via OAuth (see the oauth_providers setting)
#xmpp #freesoftware #omemo #im #federation #encryption #converse #jsxc

 

#OMEMO in #Monal #XMPP client for #ios


♲ Monal IM ():
iOS has OMEMO working
Just tried out the first beta for iOS 3.1. This is not the most exciting screen shot except for the fact that the messages are OMEMO messages from conversations.


https://monal.im/blog/ios-has-omemo-working/
[l]
iOS has OMEMO working

 

#OMEMO in #Monal #XMPP client for #ios


♲ Monal IM ():
iOS has OMEMO working
Just tried out the first beta for iOS 3.1. This is not the most exciting screen shot except for the fact that the messages are OMEMO messages from conversations.


https://monal.im/blog/ios-has-omemo-working/
[l]
iOS has OMEMO working

 
relaying message from @Debacle on sat@chat.jabberfr.org XMPP room:
Call for help! Just a reminder for those, who love both Salutatoi and Debian: Neither Cagou nor Libervia are packaged for
Debian and nobody volunteered. See https://bugs.debian.org/897232 and https://bugs.debian.org/725761 . I have not enough time to do this myself, but I can sponsor uploads and maybe even help a little bit with packaging. Also, any help with packaging the salutatoi core packages and sat_pubsub is welcome. In case you are interested, please join the Debian XMPP team (https://salsa.debian.org/xmpp-team).
#debian #xmpp #client #salutatoi #desktop #web #omemo #otr #packaging

 
relaying message from @Debacle on sat@chat.jabberfr.org XMPP room:
Call for help! Just a reminder for those, who love both Salutatoi and Debian: Neither Cagou nor Libervia are packaged for
Debian and nobody volunteered. See https://bugs.debian.org/897232 and https://bugs.debian.org/725761 . I have not enough time to do this myself, but I can sponsor uploads and maybe even help a little bit with packaging. Also, any help with packaging the salutatoi core packages and sat_pubsub is welcome. In case you are interested, please join the Debian XMPP team (https://salsa.debian.org/xmpp-team).
#debian #xmpp #client #salutatoi #desktop #web #omemo #otr #packaging

 

XMPP Notifications for Freedombone


This is from the Freedombone blog:
Another of the features I'd wanted to add to Freedombone for a long time was server notifications via XMPP, and now that has been added. This is for things like notification that an upgrade or security test has failed or that the tripwire has been triggered. Previously those notifications were only via email, but I'm not very obsessive about email and rarely check it, whereas instant messages are much more likely to get my attention.
The security policy for XMPP chat was previously set such that end-to-end security was required, but it was difficult to automatically send out an OMEMO encrypted message from the server and so I've had to downgrade end-to-end security to being optional. This is not ideal, but the tradeoff between having to deal with folks trying to send me plaintext messages and being promptly alerted if something has failed on the server is probably worth it. Longer term I'd like to figure out if I can automatically generate OMEMO messages and then I can return to a better security policy.
The main factor which delayed the implementation of this was the question of needing to generate a separate XMPP account on the server to push out notifications. I didn't really want there to be a permanent separate account with a password lingering around somewhere which could become a possible security vulnerability. The solution to this was to generate an ephemeral account purely for the purpose of sending a single message. A new notification XMPP account gets created with a random password, sends the message and then about one second later the account is deleted. Even if the account credentials were to leak during the sending of a plaintext message they can't subsequently be useful to a potential adversary.
Another addition to the notifications system is being able to send a webcam photo if the USB canary is triggered. The purpose of that is to answer the paranoid question "Is anyone trying to mess with the server while I'm not at home?" if you're out shopping or at work. The particular threat model is known as evil maid. If you're running Freedombone on an old laptop and have a secondary webcam plugged it it will preferentially use that, so that you can set up the field of view appropriately. Not many people will need this level of physical device security, but it's nice to have the option. Also if you have the Syncthing app installed then any USB canary photo will be synced to the admin account.
#xmpp #freedombone #debian #omemo #webcam #security #syncthing

 

Update on OMEMO (Monal IM)


If you happen to be on the dark side (= Apple):
I have an update on the status of OMEMO in Monal. I’ve completed my spike and have a very rough implementation working. I am able to communicate with Gajim and Chatsecure. I am actually using a lot of the same OMEMO code as Chatsecure using Chris’ cocoapods. The shared code base should reduce duplicated effort and ensure compatibility on the two main Apple platform clients going forward.

The current code isn’t anywhere near production but once I clean it up more, you should start seeing it as an option to turn on in Mac betas in the next month or so. [...]
#omemo #monal #xmpp #apple #ios #macos
Update on OMEMO

 
Over the course of 2 months, and one Ubuntu and Debian upgrade, I came from not being impressed with #Gajim + #OMEMO to extremely satisfied with it, in a way that even mom and dad can talk to me through it.

Release 1.0.1, available natively in Bionic, is extremely well polished, highly usable and the OMEMO plugin works great when I have to talk to people using android. Great job to everyone who helped out in the project!
#privacy #xmpp

 
Over the course of 2 months, and one Ubuntu and Debian upgrade, I came from not being impressed with #Gajim + #OMEMO to extremely satisfied with it, in a way that even mom and dad can talk to me through it.

Release 1.0.1, available natively in Bionic, is extremely well polished, highly usable and the OMEMO plugin works great when I have to talk to people using android. Great job to everyone who helped out in the project!
#privacy #xmpp

 

Looking for a mom-and-pops-friendly IM solution


tl;dr: I'm looking for an alternative to #Whatsapp that is easy enough for my nontechie family to use. So far, #Matrix looks like the most complete solution, but seems pretty slow these days for some reason. Also, I have reasons on why I'm not 100% on choosing #XMPP this time.

What is the alternative you would recommend to mom and dad?

#CambridgeAnalytica leaks and #Facebook scandals apart, I've already been looking for an alternative to WhatsApp for many years, with the largest hurdle in this crusade definitely being the fact that my family hasn't been keen on leaving it for another app. On my side, I have the following requirements:
  • End-to-end #Encryption enabled by default, or at least built into the program (native implementation, no third party plugins)
  • Clients exist for at least GNU/Linux and Android platforms (more is better, but not needed)
  • Support for group chats with E2EE
  • Supports at least text and image transferring.
Matching all of these used to be very tough for a chat program, until about two years ago. With the tremendous progress that the XMPP movement has been doing for the past two or so years, I was hard-pressed to inevitably tell them to immediately download #Conversations for their phones and find true #privacy with #OMEMO encryption and their chats. However...

OMEMO isn't exactly a silver bullet (yet).


First off, allow me to clarify one thing: I love XMPP. I think it is a very mature and very reliable protocol, has a very diverse ecosystem of servers and clients around and has worked very well for me so far. With that said, though, the entire Go OMEMO! isn't exactly the magical crypto bullet that will save every one from surveillance. Or at least not yet.

First off, adoption of OMEMO in client applications has been slow. The only one that actually gets it right in my opinion is Conversations, but that's a phone app - a privacy nightmare. On the desktop, we have few options, and, from experience, none is mature to the point of surviving heavy usage:
  • Gajim - the go-to answer everyone receives - doesn't have native support, and the OMEMO plug-in requires little-tested versions that are unstable, or link to libraries whose versions some distros like Debian and Ubuntu do not offer, even if you add the development Gajim repo.
  • Profanity has at least two plug-ins for OMEMO (python and C), but they are also in the early stages of development (when I tested the python one, it didn't allow me to send messages, just receive).
  • Pidgin seems to have released an OMEMO library, but given the time of the release, I doubt it's any more stable than the above.
  • Dino appears to offer native support, but is still in alpha stage.
I know that this site indicates many other programs having some or full support for OMEMO already, but quite frankly, in my experience it's not accurate at all from the experience of a user (see my points above).

So much for requirement #2...

Enter (or not) the Matrix


So while I was busy digging for the grail, all the cool kids seemed to have switched to something called Matrix, specifically through the Riot webapp. Citing full integration over many different communication networks, I also decided to give it a try because, well, why not?

Turns out that Riot is glossy and bloated, but yes, fairly easy to use - very much like WhatsApp itself. That could be a selling point to the non-techies! And they have E2EE that apparently has been audited already. And it does fulfill all the four requirements I have. But I still am a little unsure about a few things:
  • By using the Riot web interface, you have to use Javascript to do cryptography. I know that the implementation was audited, but the whole thing about trusting Javascript still gives me the creeps. Also: RIP my RAM.
  • Desktop clients for Matrix are, very much like XMPP, lacking. Riot-desktop seems to be just a thin wrapper around the webapp. The weechat plugin last time I checked does not support encryption, etc.
  • It is mysteriously very slow these days. It seems that this is because of people overloading a few of the already few servers around and not wishing to host more, thus resulting in a very inefficient federation and network. That wasn't the case when I first tried it two years ago. This will not help convince WhatsApp users.
But even with all the above considered, I still think that Matrix, through the Riot App and Webapp is the best way to go to convince nontechies to move away from WhatsApp. I'm not praising Matrix either, though. It always sounded to me like a project that wanted to do everything, and seeing the bloat I get for what I intend to use it for, it seems to have kept going that way.

Perhaps when one day OMEMO finds its way into native or mature implementations in XMPP clients, I will revisit this post and lean towards XMPP again. But so far, no single free software IM solution has been 100% satisfactory in my case, and I'm still looking for more alternatives.

What is the alternative you would recommend to mom and dad?

 
Ayer con f del @Partido Interdimensional Pirata de Argentina nos* juntamos a armar esto:

Prosody Moderno @ 0xacab.org GitLab


La idea del proyecto es facilitar la tarea de levantar un servicio de #chat moderno, seguro** e interoperable.

Son dos archivos de configuración y un script que crea un container.

Detalles técnicos


Los archivos de configuración son: uno para la #monitorización incluída #Monit, y otro para el servidor de chat #Prosody.

El script es un Dockerfile: un achivo con instrucciones sobre cómo fabricar una imagen de #Docker (como los archivos Makefile de make).

El container está basado en #Alpine, y usa variables de entorno y envsubst para adaptar la configuración.

Eh! Yo quiero, también!


Quienes se den maña, están invitadxs a probarla, y colaborar o hacer su propia versión en base a esta.

Para reportar problemas, documentar o bifurcar (fork) el repositorio, se tienen que registrar en 0xacab.org.

Para clonar el repositorio, pueden tirar git clone https://0xacab.org/partido-interdimensional-pirata/prosody-moderno.git, sin necesidad de registrarse.
#XMPP #Jabber #IM
#XEPs #ComplianceTester #XEP-0387 #HTTPFileUpload #OMEMO #MAM #PushNotifications #MessageCarbons #StreamManagement
#containers #virtualización #aislamiento #automatización #orquestación
#español #ñ

*: más que nada lo armó él, en realidad :P yo fui a acompañar y a aprender (levanté un Prosody una vez, pero nunca había usado Docker)
**: a seguro se lo llevaron preso

 
Ayer con f del @Partido Interdimensional Pirata de Argentina nos* juntamos a armar esto:

Prosody Moderno @ 0xacab.org GitLab


La idea del proyecto es facilitar la tarea de levantar un servicio de #chat moderno, seguro** e interoperable.

Son dos archivos de configuración y un script que crea un container.

Detalles técnicos


Los archivos de configuración son: uno para la #monitorización incluída #Monit, y otro para el servidor de chat #Prosody.

El script es un Dockerfile: un achivo con instrucciones sobre cómo fabricar una imagen de #Docker (como los archivos Makefile de make).

El container está basado en #Alpine, y usa variables de entorno y envsubst para adaptar la configuración.

Eh! Yo quiero, también!


Quienes se den maña, están invitadxs a probarla, y colaborar o hacer su propia versión en base a esta.

Para reportar problemas, documentar o bifurcar (fork) el repositorio, se tienen que registrar en 0xacab.org.

Para clonar el repositorio, pueden tirar git clone https://0xacab.org/partido-interdimensional-pirata/prosody-moderno.git, sin necesidad de registrarse.
#XMPP #Jabber #IM
#XEPs #ComplianceTester #XEP-0387 #HTTPFileUpload #OMEMO #MAM #PushNotifications #MessageCarbons #StreamManagement
#containers #virtualización #aislamiento #automatización #orquestación
#español #ñ

*: más que nada lo armó él, en realidad :P yo fui a acompañar y a aprender (levanté un Prosody una vez, pero nunca había usado Docker)
**: a seguro se lo llevaron preso

 

Summer of Code: Command Line OX Client!


vanitasvitae writes on 2018-06-01:
As I stated earlier, I am working on a small XMPP command line test client, which is capable of sending and receiving OpenPGP encrypted messages. I just published a first version :)
Creating command line clients with Smack is super easy. You basically just create a connection, instantiate the manager classes of features you want to use and create some kind of read-execute-print-loop.
Last year I demonstrated how to create an OMEMO-capable client in 200 lines of code. The new client follows pretty much the same scheme.
The client offers some basic features like adding contacts to the roster, as well as obviously OX related features like displaying fingerprints, generation, restoration and backup of key pairs and of course encryption and decryption of messages. Note that up to this point I haven’t implemented any form of trust management. For now, my implementation considers all keys whose fingerprints are published in the metadata node as trusted.
You can find the client here. Feel free to try it out, instructions on how to build it are also found in the repository.
Happy Hacking!
#smack #ox #freesoftware #xmpp #cli #fsfe #openpgp #omemo

 

XMPP mit OMEMO mit Gajim unter Fedora


Eben stand ich wie der Ochs vorm Berg. Ich hatte auf meinem Fedora System für XMPP das Programm Gajim installiert und wollte das OMEMO-Plugin zum Laufen bekommen. Also wollte ich python-axolotl installieren, aber es gibt nichts entsprechendes. Nun nach ein wenig Suchen und hin und her fand ich dann doch noch eine Lösung wie man es hin bekommt ohne das gewünschte selbst zu kompilieren. Ich hoffe das ich mit diesem kleinen Beitrag hier jenen die auch vor dem selben Problem stehen vor dem ich stand ein wenig helfen kann.

Tags: #de #fedora #linux #gajim #xmpp #omemo #axolotl #ravenbird #2018-06-06

 

XMPP mit OMEMO mit Gajim unter Fedora


Eben stand ich wie der Ochs vorm Berg. Ich hatte auf meinem Fedora System für XMPP das Programm Gajim installiert und wollte das OMEMO-Plugin zum Laufen bekommen. Also wollte ich python-axolotl installieren, aber es gibt nichts entsprechendes. Nun nach ein wenig Suchen und hin und her fand ich dann doch noch eine Lösung wie man es hin bekommt ohne das gewünschte selbst zu kompilieren. Ich hoffe das ich mit diesem kleinen Beitrag hier jenen die auch vor dem selben Problem stehen vor dem ich stand ein wenig helfen kann.

Tags: #de #fedora #linux #gajim #xmpp #omemo #axolotl #ravenbird #2018-06-06

 

Finally, I have deleted my #Google account today!


It was a long an challenging breakup. It started roughly 2 years ago, when I was not able to ignore anymore that Google started switching to the #darkside.

You can easily guess which social network I use instead of #googleplus. [Yes, I use and <3 #diaspora* ;-).]
Instead of #gmail, I use the email account provided by my workplace and #disroot for personal emails.
I chat by using #xmpp (via clients #conversations and #gajim using #omemo for #encryption).
I use #davdroid to synchronize my contact list, calendar and tasklist to my #moblie.
Instead of #chrome, I use #firefox, #torbrowser, #iceweasel, and #icecat.
Instead of #webmail, use #thundebird, #icedove and #k9 email clients.
I use #nextcloud and #syncthing, instead of #googledrive.
For #searching, I sue #duckduckgo and #searx.
Instead of #android, I use #replicant.

Instead of paying with my #privacy, I pay with #donation using #liberapay.


I'm also grateful to @Tiberiu C. Turbureanu (from #technoethical) for helping me fixing my broken replicant install.

 

Note to myself: How to disable OTR in ChatSecure



Some weeks ago, a colleague, who unfortunately uses an iPhone (he is not a completely bad person, though) installed ChatSecure. Immediately, I and others were annoyed by unreadable OTR garbage he sent. It took us a while, but at the end of the day (the whole day!) we found out how to disable OTR. Yesterday, a friend who unfortunately also uses an iPhone (he is not a completely bad person neither), had the same issue and it took me the help of strangers on the internet (here; the Conversations MUC), to remember what to do. For the next time and the benefit of the public:
  • One cannot disable OTR globally in ChatSecure, but only contact by contact.
  • You need to open the chat of the contact.
  • Go to the "contact details".
  • Go to "advanced encryption settings" and select "OMEMO", nothing else.
  • Close chat with the contact.
  • Repeat the last four steps for all your 511 contacts.
#xmpp #ios #iphone #otr #omemo #chatsecure #conversations

 

The rocky road to OMEMO by default



Daniel Gultsch, developer of Android XMPP client Conversations, writes,

Why it took us more than two years to enable End-to-End encryption by default: The first in a series of essays leading up to the release of Conversations 2.0



...
The other big hurdle we had to overcome was the adoption rate in clients. If you send OMEMO encrypted messages by default you should have a reasonable expectation that your contact will be able to decrypt the message. Reasonable expectation doesn’t mean that every single client out there has to support it—In an ecosystem with hundreds of small, badly maintained clients that’s just not feasible—but the major clients should at least have a plugin available.
In March 2018 we finally reached the point where every plattform has one or more clients with OMEMO support. Conversations and Zom on Android, ChatSecure on iOS, Psi and Gajim on the desktop. The up and coming desktop client Dino—despite not having had an initial release—already has support for OMEMO as well. And even the webclient JSXC has a plugin available.
Considering the complexity of OMEMO and the fact that most of these clients are developed by people in their spare time, this is actually quite an impressive adoption rate.
...
Moxie Marlinspike, in his 2016 propaganda piece ignorantly bashing XMPP, had one valid point: Enabling end-to-end encryption in a homogenous environment is easier than introducing it in a heterogenous one like Jabber. Nobody is denying that. However, if something is hard to achieve there are two possible approaches: Either try your best and don’t give up, or put your head in the sand and create yet another walled garden that is no different from other proprietary solutions.
Admittedly it has taken us a while to get to a point where we can enable end-to-end encryption by default, but it was worth the effort in that we ended up with something that is different from WhatsApp in more than just marketing.
#xmpp #omemo #conversations #psi #gajim #zom #chatsecure #dino #jsxc #federation #encryption

 

Gajim 1.0.0-alpha2 (= 0.98.2) now in Debian 9 stable (stretch-backports)



Just sudo apt install -t stretch-backports gajim gajim-pgp gajim-omemo gajim-httpupload gajim-urlimagepreview and start chatting.

#gajim #xmpp #jabber #freesoftware #release #omemo #pgp #chat #im #federation #debian #ubuntu

 

Gajim 1.0.0-alpha2 (= 0.98.2) now in Debian testing and Ubuntu bionic



Just sudo apt install gajim gajim-pgp gajim-omemo gajim-httpupload gajim-urlimagepreview and start chatting.

#gajim #xmpp #jabber #freesoftware #release #omemo #pgp #chat #im #federation #debian #ubuntu

 

Gajim 1.0.0-alpha1 (a.k.a 0.98.1) released



The developers have put a huge amount of work into this release:
* Ported to GTK3 / Python3
* Flatpak support
* Lots of refactoring
* New Emoji support
* New Chat Window design
* New StartChat Window (Ctrl+N)
* New ServerInfo Window
* AccountWindow Redesign
* Moved some encryption code out into Plugins (see PGP Plugin, Esessions Plugin)
* OTR Plugin was not ported, use OMEMO
* Added mam:1 and mam:2 support (mam:0 was removed)
* Added MAM for MUCs support
* Added support for showing XEP-0084 Avatars
* Added xmpp URI handling directly in Gajim
* Removed Gajim-Remote
* Removed XEP-0012 (Last Activity)
* Removed XEP-0136 (Message Archiving)
* Added XEP-0156 (Discovering Alternative XMPP Connection Methods)
* Added XEP-0319 (Last User Interaction in Presence)
* Added XEP-0380 (Explicit Message Encryption)
* Added Jingle FT:5 support
Congratulations!

Users of Debian unstable can already install the new version, as well as the plugins gajim-antispam, gajim-httpupload, gajim-omemo, gajim-pgp, gajim-rostertweaks, gajim-triggers, and gajim-urlimagepreview. Have fun!

#gajim #xmpp #jabber #freesoftware #release #omemo #pgp #otr #chat #im #federation #debian

https://dev.gajim.org/gajim/gajim/raw/gajim-1.0.0-alpha1/ChangeLog

 

Conversations Open Source Secure XMPP Client for Android



This article on XDA-Developers focusses on encryption features of Conversations and an interview with developer Daniel Gultsch. Nice read!
Q: What motivated you to develop Conversations?
A: I am using Jabber/XMPP for many many years. Even back in 2009 I was able to use Jabber on my Nokia e71. Sometime around the year 2012 I switched to an Android phone, so I suddenly was unable to use Jabber. [...]
Q: Can you give three reasons why Conversations protects your privacy better than Whatsapp or Threema?
A: I don’t have to give my private phone number to strangers if I want to chat with them. I could have a private and a business account. I can disable the business account after my shift, to prevent my boss from annoying me during my free time. WhatsApp allows everybody to analyze my app usage patterns any time. (My boss could stalk me to investigate if I am using WhatsApp during my working hours or if I am using WhatsApp at night instead of sleeping and coming well rested to the office.) This is different with Conversations; Conversations also doesn’t upload my entire address book to Facebook.
Q: Is it allowed to compile Conversations on your own from your Github and use it for private use?
A: Of course. Not only private, also for business and everything else you want. It is also allowed to modify the code to meet individual requirements.
#conversations #freesoftware #xmpp #android #interview #pgp #otr #omemo #forwardsecrecy #xda
Conversations is an Open Source & Secure Jabber/XMPP Client for Android

 

Dino in Debian experimental



What is Dino?



Dino is a modern IM client using XMPP (Jabber) with support for both OpenPGP and OMEMO. It looks very nice and can already be used for chatting and group conversations. It is, however, not yet stable nor feature-complete. If you are looking for something like Conversations (Android XMPP client), but for the desktop, Dino is for you. If you like to have something more stable and feature-complete, try Gajim instead. I use both! :~)





Dino is written in C and Vala, uses the GTK+ UI toolkit and looks best in Gnome, XFCE, or other GTK+ based desktops. I heard about planned versions for Windows and MacOS, too, but don't hold your breath.

How to install Dino on Debian?



Since yesterday, the Dino IM client is available in the official Debian repositories, but so far only in the "experimental" distribution. To install it, Debian users have to:
$ echo deb [url=https://deb.debian.org/debian/]https://deb.debian.org/debian/[/url] experimental main | sudo tee /etc/apt/sources.list.d/experimental.list 
$ sudo apt update 
$ sudo apt -t experimental install dino-im 

This should work on nine official and five unofficial architectures for at least unstable and testing. Not sure about stable. I'm pretty sure, that oldstable will not work.

Why the "-im" suffix for Dino in Debian?



There used to be another program, an "integrated MIDI piano roll editor and sequencer engine", by the same name in Debian. Many references to the old program still exist, so it would be problematic to recycle the name for a different purpose.

Happy chatting!



#xmpp #debian #dino #jabber #openpgp #omemo #im #federation #chat

 

Dino in Debian experimental



What is Dino?



Dino is a modern IM client using XMPP (Jabber) with support for both OpenPGP and OMEMO. It looks very nice and can already be used for chatting and group conversations. It is, however, not yet stable nor feature-complete. If you are looking for something like Conversations (Android XMPP client), but for the desktop, Dino is for you. If you like to have something more stable and feature-complete, try Gajim instead. I use both! :~)




Dino is written in C and Vala, uses the GTK+ UI toolkit and looks best in Gnome, XFCE, or other GTK+ based desktops. I heard about planned versions for Windows and MacOS, too, but don't hold your breath.

How to install Dino on Debian?



Since yesterday, the Dino IM client is available in the official Debian repositories, but so far only in the "experimental" distribution. To install it, Debian users have to:
$ echo deb https://deb.debian.org/debian/ experimental main | sudo tee /etc/apt/sources.list.d/experimental.list
$ sudo apt update
$ sudo apt -t experimental install dino-im


This should work on nine official and five unofficial architectures for at least unstable and testing. Not sure about stable. I'm pretty sure, that oldstable will not work.

Why the "-im" suffix for Dino in Debian?



There used to be another program, an "integrated MIDI piano roll editor and sequencer engine", by the same name in Debian. Many references to the old program still exist, so it would be problematic to recycle the name for a different purpose.

Happy chatting!



#xmpp #debian #dino #jabber #openpgp #omemo #im #federation #chat

Debian Package Tracker - dino-im

Debian Package Tracker - dino-im

 
| Translate | Gitter

Why we don't publish at the Play Store



We got some requests recently, asking, why we do not publish #dandelion at the #GooglePlay.So here are our main reasons, why we don't plan to uploadthe app there currently.

First of all, we do not comply with Googles terms of service. Having to pay ~25€ to Google who did not write the app and does not respect your freedom nor your privacy on its platforms (Youtube, GMail...) just doesn't feel right. We believe, that our userbase is well aware of the privacy concerns that come with using Google's Services, so many diaspora* users actually get their apps through F-Droid (which is great). Second, if a user that does not know about F-Droid yet wants to use dandelion* and searches for it, they'll hopefully find out about the F-Droid project and may get in touch with free software that way. So by not publishing to Google Play, we hope to get more people to understand, use and appreciate free and open source software.

If you find dandelion* on the Play Store, please be aware, that you likely just found a version built by someone else. We can not guarantee that such a version has not been tampered with in terms of #malware, so we highly discourage you to use it. It should be clear, that we'll never charge you any money for using, downloading, sharing or modifying the app. Note also, that we won't support those versions.

If you want to dontate to the project to support the developers, and keep them motivated, please feel free to contact us :D As always, you can help us by submitting bug reports, code and/or translations on github and crowdin.
PS: We maintainers (@gsantner and @vanitasvitae) will soon have more time again to actively work on the app. The last weeks we were distracted with educational work, so here is some background information:

@gsantner was working on another FLOSS app called Froody, which lets you share (naturally growing) food and other things with others. He hopes to enable people to live a more sustainable life. The main idea is to share to and help other people by e.g. sharing pears, which would rot anyway if unused.Everything is built with international use in mind. The app is available at https://github.com/froodyapp/froody-android, and is currently available in #English, #German and #Japanese. Also translatable on Crowdin. He also writes his bachlor thesis about Open Source and Android, which will be completed in summer and likely to be released in an appropiate free license.

@vanitasvitae is writing his bachelor thesis about an #OMEMO module for #Smack, a #XMPP library used by many free messengers like #Jitsi or #Kontalk.
He hopes to enable those messengers to #encrypt your communication end-to-end using the OMEMO protocol introduced by #conversations.
He'll also attend #FOSDEM in #brussels by the way, so if you are there you might meet him and chat a little ;)

Sharing welcome!



Immagine/foto

Tags: #dandelion #dandeliondev #diaspora #diasporaforandroid #diasporaandroid #diasporaapp #app #fdroid #freesoftware #opensource #google #play #store #app #android-dev #foss #freie-software #freesoftware #opensource #translation #translator #release #mobile #froody #froodyapp #omemo #security #sustainability #sustainable #thesis

 
OMEMO for libpurple - interoperable with other #OMEMO clients. https://github.com/gkdr/lurch

 
Immagine/foto

mancho / libpurple-omemo-plugin · GitLab



This is a prototype plug-in for Jabber/XMPP accounts to support 1:1 end-to-end encryption with OMEMO (XEP-0384) in Pidgin and other compatible clients using libpurple. It doesn't have graphical trust management yet. See Usage on how to activate and configure it "by hand".

It allows Pidgin to be OMEMO-compatible with Conversations (Android), Gajim (desktop - with OMEMO plug-in) and riba's Pidgin OMEMO plug-in (aka Lurch)1.

DISCLAIMER: This plug-in is a prototype with academic purposes only. It is in experimental state and in constant development. It is not intended to be used on production environments. Do not rely on this plug-in to protect sensitive information. If you use it you are on your own and I take no resposibility for any damage, harm or loss you, your system, your data or your cat might suffer.

https://git.imp.fu-berlin.de/mancho/libpurple-omemo-plugin

via: https://quitter.se/notice/9543063

#omemo #xmpp #pidgin #jabber

 

Welche Messenger unterstützen schon OMEMO?



#messenger #it-sicherheit #xmpp #omemo #olm #xep0384

OMEMO ist seit Dezember 2016 offiziell XEP-0384 und seit Kurzem für ChatSecure verfügbar.

Wer wissen will, wie es mit anderen Messengern aussieht, kann einen Blick auf die Übersicht „Are we OMEMO yet?“ werfen.

 

Welche Messenger unterstützen schon OMEMO?



#messenger #it-sicherheit #xmpp #omemo #olm #xep0384

OMEMO ist seit Dezember 2016 offiziell XEP-0384 und seit Kurzem für ChatSecure verfügbar.

Wer wissen will, wie es mit anderen Messengern aussieht, kann einen Blick auf die Übersicht „Are we OMEMO yet?“ werfen.

 
git diff --stat master[...]36 files changed, 3591 insertions(+)Making #progress :)

#omemo #smack #module #encryption #bachelor #thesis

 
| Translate | Gitter

Why we don't publish at the Play Store



We got some requests recently, asking, why we do not publish #dandelion at the #GooglePlay.So here are our main reasons, why we don't plan to uploadthe app there currently.

First of all, we do not comply with Googles terms of service. Having to pay ~25€ to Google who did not write the app and does not respect your freedom nor your privacy on its platforms (Youtube, GMail...) just doesn't feel right. We believe, that our userbase is well aware of the privacy concerns that come with using Google's Services, so many diaspora* users actually get their apps through F-Droid (which is great). Second, if a user that does not know about F-Droid yet wants to use dandelion* and searches for it, they'll hopefully find out about the F-Droid project and may get in touch with free software that way. So by not publishing to Google Play, we hope to get more people to understand, use and appreciate free and open source software.

If you find dandelion* on the Play Store, please be aware, that you likely just found a version built by someone else. We can not guarantee that such a version has not been tampered with in terms of #malware, so we highly discourage you to use it. It should be clear, that we'll never charge you any money for using, downloading, sharing or modifying the app. Note also, that we won't support those versions.

If you want to dontate to the project to support the developers, and keep them motivated, please feel free to contact us :D As always, you can help us by submitting bug reports, code and/or translations on github and crowdin.
PS: We maintainers (@gsantner and @vanitasvitae) will soon have more time again to actively work on the app. The last weeks we were distracted with educational work, so here is some background information:

@gsantner was working on another FLOSS app called Froody, which lets you share (naturally growing) food and other things with others. He hopes to enable people to live a more sustainable life. The main idea is to share to and help other people by e.g. sharing pears, which would rot anyway if unused.Everything is built with international use in mind. The app is available at https://github.com/froodyapp/froody-android, and is currently available in #English, #German and #Japanese. Also translatable on Crowdin. He also writes his bachlor thesis about Open Source and Android, which will be completed in summer and likely to be released in an appropiate free license.

@vanitasvitae is writing his bachelor thesis about an #OMEMO module for #Smack, a #XMPP library used by many free messengers like #Jitsi or #Kontalk.
He hopes to enable those messengers to #encrypt your communication end-to-end using the OMEMO protocol introduced by #conversations.
He'll also attend #FOSDEM in #brussels by the way, so if you are there you might meet him and chat a little ;)

Sharing welcome!



Immagine/foto

Tags: #dandelion #dandeliondev #diaspora #diasporaforandroid #diasporaandroid #diasporaapp #app #fdroid #freesoftware #opensource #google #play #store #app #android-dev #foss #freie-software #freesoftware #opensource #translation #translator #release #mobile #froody #froodyapp #omemo #security #sustainability #sustainable #thesis

 
| Translate | Gitter

Why we don't publish at the Play Store



We got some requests recently, asking, why we do not publish #dandelion at the #GooglePlay.So here are our main reasons, why we don't plan to uploadthe app there currently.

First of all, we do not comply with Googles terms of service. Having to pay ~25€ to Google who did not write the app and does not respect your freedom nor your privacy on its platforms (Youtube, GMail...) just doesn't feel right. We believe, that our userbase is well aware of the privacy concerns that come with using Google's Services, so many diaspora* users actually get their apps through F-Droid (which is great). Second, if a user that does not know about F-Droid yet wants to use dandelion* and searches for it, they'll hopefully find out about the F-Droid project and may get in touch with free software that way. So by not publishing to Google Play, we hope to get more people to understand, use and appreciate free and open source software.

If you find dandelion* on the Play Store, please be aware, that you likely just found a version built by someone else. We can not guarantee that such a version has not been tampered with in terms of #malware, so we highly discourage you to use it. It should be clear, that we'll never charge you any money for using, downloading, sharing or modifying the app. Note also, that we won't support those versions.

If you want to dontate to the project to support the developers, and keep them motivated, please feel free to contact us :D As always, you can help us by submitting bug reports, code and/or translations on github and crowdin.
PS: We maintainers (@gsantner and @vanitasvitae) will soon have more time again to actively work on the app. The last weeks we were distracted with educational work, so here is some background information:

@gsantner was working on another FLOSS app called Froody, which lets you share (naturally growing) food and other things with others. He hopes to enable people to live a more sustainable life. The main idea is to share to and help other people by e.g. sharing pears, which would rot anyway if unused.Everything is built with international use in mind. The app is available at https://github.com/froodyapp/froody-android, and is currently available in #English, #German and #Japanese. Also translatable on Crowdin. He also writes his bachlor thesis about Open Source and Android, which will be completed in summer and likely to be released in an appropiate free license.

@vanitasvitae is writing his bachelor thesis about an #OMEMO module for #Smack, a #XMPP library used by many free messengers like #Jitsi or #Kontalk.
He hopes to enable those messengers to #encrypt your communication end-to-end using the OMEMO protocol introduced by #conversations.
He'll also attend #FOSDEM in #brussels by the way, so if you are there you might meet him and chat a little ;)

Sharing welcome!



Immagine/foto

Tags: #dandelion #dandeliondev #diaspora #diasporaforandroid #diasporaandroid #diasporaapp #app #fdroid #freesoftware #opensource #google #play #store #app #android-dev #foss #freie-software #freesoftware #opensource #translation #translator #release #mobile #froody #froodyapp #omemo #security #sustainability #sustainable #thesis

 

Blind Trust Before Verification



Very interesting article on how hard it is to get encryption and trust right. There is no silver bullet it seems, we can only strive hard.
WhatsApp - and pretty soon Signal as well - are the prime example of an industry turning End-to-End Encryption into a hollow marketing phrase that doesn’t mean anything.

#xmpp #omemo #conversations #signal #whatsapp

 

End-to-End Encrypted group chats via XMPP



Jamie McClelland writes, that it is still difficult to have a secure group chat. But it's possible.
Use either Conversations for Android (f-droid or Play) or Gajim for Windows or Linux [...]

Ensure that everyone in your group has added everyone else in the group to their roster [...]

Create the group in the android Conversations app, not in Gajim [...]

#xmpp #muc #conversations #gajim #omemo #encryption

End-to-End Encrypted group chats via XMPP


 

Señal errónea



(Título original del artículo "Wrong Signal" que creemos interesante para activistas y por lo que traducimos completo a continuación.)

The IT group of the CGT translated this into Spanish.

Die Informatikgruppe der CGT hat eine spanische Übersetzung des Signal-Artikels angefertigt.

#signal #xmpp #Español #omemo #activismo

 

Señal errónea



(Título original del artículo "Wrong Signal" que creemos interesante para activistas y por lo que traducimos completo a continuación.)

The IT group of the CGT translated this into Spanish.

Die Informatikgruppe der CGT hat eine spanische Übersetzung des Signal-Artikels angefertigt.

#signal #xmpp #Español #omemo #activismo