Skip to main content

Cerca

Elementi taggati con: xmpp


 

Federation myths


Many of us embrace federation values and, somehow, build or mantain ideas about this model which are not always true. Here are some thoughts and information that may foster awareness about federation.

https://infosec-handbook.eu/blog/federation-myths/

\#technology #tech #federation #networks #XMPP #Mastodon #Diaspora #Hubzilla #Friendica #Matrix #Riot

 

Federation myths


Many of us embrace federation values and, somehow, build or mantain ideas about this model which are not always true. Here are some thoughts and information that may foster awareness about federation.

https://infosec-handbook.eu/blog/federation-myths/

\#technology #tech #federation #networks #XMPP #Mastodon #Diaspora #Hubzilla #Friendica #Matrix #Riot

 

XMPP Notifications for Freedombone


This is from the Freedombone blog:
Another of the features I'd wanted to add to Freedombone for a long time was server notifications via XMPP, and now that has been added. This is for things like notification that an upgrade or security test has failed or that the tripwire has been triggered. Previously those notifications were only via email, but I'm not very obsessive about email and rarely check it, whereas instant messages are much more likely to get my attention.
The security policy for XMPP chat was previously set such that end-to-end security was required, but it was difficult to automatically send out an OMEMO encrypted message from the server and so I've had to downgrade end-to-end security to being optional. This is not ideal, but the tradeoff between having to deal with folks trying to send me plaintext messages and being promptly alerted if something has failed on the server is probably worth it. Longer term I'd like to figure out if I can automatically generate OMEMO messages and then I can return to a better security policy.
The main factor which delayed the implementation of this was the question of needing to generate a separate XMPP account on the server to push out notifications. I didn't really want there to be a permanent separate account with a password lingering around somewhere which could become a possible security vulnerability. The solution to this was to generate an ephemeral account purely for the purpose of sending a single message. A new notification XMPP account gets created with a random password, sends the message and then about one second later the account is deleted. Even if the account credentials were to leak during the sending of a plaintext message they can't subsequently be useful to a potential adversary.
Another addition to the notifications system is being able to send a webcam photo if the USB canary is triggered. The purpose of that is to answer the paranoid question "Is anyone trying to mess with the server while I'm not at home?" if you're out shopping or at work. The particular threat model is known as evil maid. If you're running Freedombone on an old laptop and have a secondary webcam plugged it it will preferentially use that, so that you can set up the field of view appropriately. Not many people will need this level of physical device security, but it's nice to have the option. Also if you have the Syncthing app installed then any USB canary photo will be synced to the admin account.
#xmpp #freedombone #debian #omemo #webcam #security #syncthing

 
@unascribed Are they? in my experience¹ as long as you are on a well maintained server (and finding *that* is a disaster) #xmpp conferences / MUCs work pretty fine both on PCs and mobile.

¹ I use xmpp MUCs for something like 90% of my work meetings, and my social life is about 1/2 on xmpp and 1/4 on IRC.

 

Servicio de XMPP para gnusocial


Immagine/foto

#bot #gnusocial #jabber #redes #software #xmpp

Immagine/foto

Para configurar esto tienes que ir a configuración y en la pestaña de IM introducir tu cuenta de XMPP y pulsar el botón “ADD”. Verás un mensaje como este:
XMPP/Jabber gnusocial@xmpp.elbinario.net

Awaiting confirmation on this address. Check your XMPP/Jabber account for a message with further instructions. (Did you add gnusocial@xmpp.elbinario.net/gnusocial to your buddy list?)
Ahora viene la magia de python, un bot que simplemente accepte nuevos contactos La base del bot está aqui https://gitlab.com/barfoo/SimpleXMPPBot, simplemente he añadido una línea para que añada la función adecuada al capturar el evento de que alguien quiere suscribirse y mostrarle la presencia al mismo.
#!/usr/bin/env python



import xmpp

import ConfigParser

import sys



class XmppBot(object):



def __init__(self):

self.cfg = ConfigParser.ConfigParser()

self.cfg.read("xmppbot.cfg")

self.jid = xmpp.protocol.JID(self.cfg.get("bot", "jid"))

self.password = self.cfg.get("bot", "password")

self.room = self.cfg.get("bot", "room")

self.owner = self.cfg.get("bot", "owner")

self.client = xmpp.Client(self.jid.getDomain(), debug=[])

self.con = self.client.connect()

self.connect()

self.client.RegisterHandler('presence', self.presence)

while self.client.Process(1):

pass



def connect(self):

if not self.con:

print "Could not connect"

sys.exit()

auth = self.client.auth(self.jid.getNode(), self.password, resource=self.jid.getResource())

if not auth:

print "Authentication failed"

sys.exit()

if self.con:

self.client.sendInitPresence()



def presence(self, client, event):

if event.getType() == 'subscribe':

self.client.send(xmpp.Presence(to=event.getFrom(), typ='subscribed'))





if __name__ == "__main__":

XmppBot = XmppBot()

El bot te pasará un link de confirmación para verificar que eres tú.
User “foo” on gnusocial.net has said that your XMPP/Jabber screenname belongs to them. If that is true, you can confirm by clicking on this URL: https://gnusocial.net/main/confirmaddress?code=QWOCULTO$AD$ . (If you cannot click it, copy-and-paste it into the address bar of your browser). If that user is not you, or if you did not request this confirmation, just ignore this message.
Al abrir el enlace en el navegador veras un mensaje conforme se confirma la activación para tu cuenta: The address “foo@xmpp.elbinario.net” has been confirmed for your account.

Más info de este plugin en https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Xmpp

Hecho esto puedes configurar si quieres recibir notificaciones quips o replies o tu propio cambio de estado, también la pestaña IM.

¿Eres usuario de gnusocial.net y no has agregado al XMPP a gnusocial@xmpp.elbinario.net/gnusocial a tu roster? Pues ahora ya puedes quipear desde tu cuenta de XMPP sin más.

Immagine/foto

 
Immagine/fotobjoern wrote the following post Sun, 22 Jul 2018 09:44:17 +0200

I really like the IRC to \#XMPP bridge Biboumi and wonder how hard it would be to write something similar to bridge \#Nextcloud Talk to XMPP?

 
Cagou, the Salut à Toi XMPP client desktop/mobile interface, has been reported working on OS X.
Would be nice to try on any other platform (notably Windows), install instructions are there: https://wiki.goffi.org/wiki/Cagou/en
thanks !

#salutatoi #SàT #cagou #desktop #xmpp #client #mac #osX #windows

 
Cagou, the Salut à Toi XMPP client desktop/mobile interface, has been reported working on OS X.
Would be nice to try on any other platform (notably Windows), install instructions are there: https://wiki.goffi.org/wiki/Cagou/en
thanks !

#salutatoi #SàT #cagou #desktop #xmpp #client #mac #osX #windows

 
Immagine/foto
Immagine/foto
Immagine/foto
SàT 0.7.0a1 (first alpha) released.

https://www.goffi.org/b/Uj5MCqezCwQUuYvKhSFAwL/salut-alpha-contributors,-take-your-keyboards

There is a big need of contributors. If you want to participate in a project which is decentralized, ethics, and politically involved, contact me.

#XMPP #ethics #SàT #salutatoi #decentralization #release #social networks #chat #encryption #privacy #forge #blog #events #forums #file sharing

 

XMPP introduction for newcomers, perfect server setup

Wednesday, 2018-07-04, 18:00 — 21:00 CEST

Searchmetrics GmbH, Germany, Berlin, Greifswalder Straße 212

This time, we'll start with a short XMPP introduction for newcomers. Then we'll go into the details of setting up an XMPP server for use with modern chat clients. If there's time left, we'll also continue the discussion on “Yvo's project”.
Looking forward to see you on Wednesday!
#xmpp #meeting #berlin #newcomers #server #meetup

 

Awesome Selfhosted


"This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers."

https://github.com/Kickball/awesome-selfhosted

There are all kinds of categories, e.g. Search Engines:
  • Ambar - Document Search Engine (OCR, Store & Search) (Demo, Source Code) MIT Nodejs/Python
  • Gigablast - open source search engine. (Demo, Source Code) Apache-2.0 C++
  • Seeks - Web search proxy and collaborative distributed tool for websearch. (Source Code) AGPL-3.0 C++
  • Searx - Privacy-respecting, hackable metasearch engine. (Demo, Source Code) AGPL-3.0 Python
  • Yacy - Peer based, decentralized search engine server. (Demo, Source Code) GPL-2.0 Java
File transfer/synchronization:
  • Git Annex - File synchronization between computers, servers, external drives. (Source Code) GPL-3.0 Haskell
  • Kinto - Kinto is a minimalist JSON storage service with synchronisation and sharing abilities. (Source Code) Apache-2.0 Python
  • Nextcloud - Access and share your files, calendars, contacts, mail and more from any device, on your terms. (Demo, Source Code) AGPL-3.0 PHP
    OpenSSH/SFTP - Secure File Transfer Program. (Source Code) BSD C
  • ownCloud - All-in-one solution for saving, synchronizing, viewing, editing and sharing files, calendars, address books and more. (Source Code, Clients) AGPL-3.0 PHP
  • Pydio - Turn any web server into a powerful file management system and an alternative to mainstream cloud storage providers. (Source Code) AGPL-3.0 PHP
  • Samba - Samba is the standard Windows interoperability suite of programs for Linux and Unix. It provides secure, stable and fast file and print services for all clients using the SMB/CIFS protocol. GPL-3.0 C
  • Seafile - File hosting and sharing solution primary for teams and organizations. (Demo, Source Code) GPL-2.0 C
  • SparkleShare - Self hosted, instant, secure file sync. (Source Code) GPL-3.0 C#
  • Syncany - Secure file sync software for arbitrary storage backends, an open-source cloud storage and filesharing application. Securely synchronize your files to any kind of storage. GPL-3.0 Java
  • Syncthing - Syncthing is an open source peer-to-peer file synchronisation tool. (Source Code) MPL-2.0 Go
  • Unison - Unison is a file-synchronization tool for OSX, Unix, and Windows. GPL-3.0 OCaml
  • Z-Push - Implementation of Microsoft’s ActiveSync protocol. (Source Code) AGPL-3.0 PHP
XMPP Web Clients:
  • Candy - Multi user XMPP client written in Javascript. (Source Code) MIT Javascript
  • Converse.js - Free and open-source XMPP chat client in your browser. (Source Code) MPL-2.0 Javascript
  • JSXC - Real-time XMPP web chat application with video calls, file transfer and encrypted communication. There are also versions for Nextcloud/Owncloud and SOGo. (Source Code) MIT Javascript
  • Kaiwa - Web based chat client in the style of common paid alternatives. (Source Code) MIT Nodejs
  • Movim - Modern, federated social network based on XMPP, with a fully featured group-chat, subscriptions and microblogging. (Source Code) AGPL-3.0 PHP
  • Salut à Toi - Multipurpose, multi frontend, libre and decentralised communication tool. AGPL-3.0 Python
  • Libervia - Web frontend from Salut à Toi. (Source Code) AGPL-3.0 Python
#linux #gnu #gnulinux #selfhosted #services #hackernews #foss #security #privacy #searchengines #searx #yacy #seeks #gigablast #ambar #xmpp #candy #jsxc #kaiwa #movim #salutàtoi #libervia #gitannex #kinto #nextcloud #owncloud #pydio #samba #seafile #sparkleshare #syncany #syncthing #unison #zpush

 

Awesome Selfhosted


"This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers."

https://github.com/Kickball/awesome-selfhosted

There are all kinds of categories, e.g. Search Engines:
  • Ambar - Document Search Engine (OCR, Store & Search) (Demo, Source Code) MIT Nodejs/Python
  • Gigablast - open source search engine. (Demo, Source Code) Apache-2.0 C++
  • Seeks - Web search proxy and collaborative distributed tool for websearch. (Source Code) AGPL-3.0 C++
  • Searx - Privacy-respecting, hackable metasearch engine. (Demo, Source Code) AGPL-3.0 Python
  • Yacy - Peer based, decentralized search engine server. (Demo, Source Code) GPL-2.0 Java
File transfer/synchronization:
  • Git Annex - File synchronization between computers, servers, external drives. (Source Code) GPL-3.0 Haskell
  • Kinto - Kinto is a minimalist JSON storage service with synchronisation and sharing abilities. (Source Code) Apache-2.0 Python
  • Nextcloud - Access and share your files, calendars, contacts, mail and more from any device, on your terms. (Demo, Source Code) AGPL-3.0 PHP
    OpenSSH/SFTP - Secure File Transfer Program. (Source Code) BSD C
  • ownCloud - All-in-one solution for saving, synchronizing, viewing, editing and sharing files, calendars, address books and more. (Source Code, Clients) AGPL-3.0 PHP
  • Pydio - Turn any web server into a powerful file management system and an alternative to mainstream cloud storage providers. (Source Code) AGPL-3.0 PHP
  • Samba - Samba is the standard Windows interoperability suite of programs for Linux and Unix. It provides secure, stable and fast file and print services for all clients using the SMB/CIFS protocol. GPL-3.0 C
  • Seafile - File hosting and sharing solution primary for teams and organizations. (Demo, Source Code) GPL-2.0 C
  • SparkleShare - Self hosted, instant, secure file sync. (Source Code) GPL-3.0 C#
  • Syncany - Secure file sync software for arbitrary storage backends, an open-source cloud storage and filesharing application. Securely synchronize your files to any kind of storage. GPL-3.0 Java
  • Syncthing - Syncthing is an open source peer-to-peer file synchronisation tool. (Source Code) MPL-2.0 Go
  • Unison - Unison is a file-synchronization tool for OSX, Unix, and Windows. GPL-3.0 OCaml
  • Z-Push - Implementation of Microsoft’s ActiveSync protocol. (Source Code) AGPL-3.0 PHP
XMPP Web Clients:
  • Candy - Multi user XMPP client written in Javascript. (Source Code) MIT Javascript
  • Converse.js - Free and open-source XMPP chat client in your browser. (Source Code) MPL-2.0 Javascript
  • JSXC - Real-time XMPP web chat application with video calls, file transfer and encrypted communication. There are also versions for Nextcloud/Owncloud and SOGo. (Source Code) MIT Javascript
  • Kaiwa - Web based chat client in the style of common paid alternatives. (Source Code) MIT Nodejs
  • Movim - Modern, federated social network based on XMPP, with a fully featured group-chat, subscriptions and microblogging. (Source Code) AGPL-3.0 PHP
  • Salut à Toi - Multipurpose, multi frontend, libre and decentralised communication tool. AGPL-3.0 Python
  • Libervia - Web frontend from Salut à Toi. (Source Code) AGPL-3.0 Python
#linux #gnu #gnulinux #selfhosted #services #hackernews #foss #security #privacy #searchengines #searx #yacy #seeks #gigablast #ambar #xmpp #candy #jsxc #kaiwa #movim #salutàtoi #libervia #gitannex #kinto #nextcloud #owncloud #pydio #samba #seafile #sparkleshare #syncany #syncthing #unison #zpush

 

Awesome Selfhosted


"This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers."

https://github.com/Kickball/awesome-selfhosted

There are all kinds of categories, e.g. Search Engines:
  • Ambar - Document Search Engine (OCR, Store & Search) (Demo, Source Code) MIT Nodejs/Python
  • Gigablast - open source search engine. (Demo, Source Code) Apache-2.0 C++
  • Seeks - Web search proxy and collaborative distributed tool for websearch. (Source Code) AGPL-3.0 C++
  • Searx - Privacy-respecting, hackable metasearch engine. (Demo, Source Code) AGPL-3.0 Python
  • Yacy - Peer based, decentralized search engine server. (Demo, Source Code) GPL-2.0 Java
File transfer/synchronization:
  • Git Annex - File synchronization between computers, servers, external drives. (Source Code) GPL-3.0 Haskell
  • Kinto - Kinto is a minimalist JSON storage service with synchronisation and sharing abilities. (Source Code) Apache-2.0 Python
  • Nextcloud - Access and share your files, calendars, contacts, mail and more from any device, on your terms. (Demo, Source Code) AGPL-3.0 PHP
    OpenSSH/SFTP - Secure File Transfer Program. (Source Code) BSD C
  • ownCloud - All-in-one solution for saving, synchronizing, viewing, editing and sharing files, calendars, address books and more. (Source Code, Clients) AGPL-3.0 PHP
  • Pydio - Turn any web server into a powerful file management system and an alternative to mainstream cloud storage providers. (Source Code) AGPL-3.0 PHP
  • Samba - Samba is the standard Windows interoperability suite of programs for Linux and Unix. It provides secure, stable and fast file and print services for all clients using the SMB/CIFS protocol. GPL-3.0 C
  • Seafile - File hosting and sharing solution primary for teams and organizations. (Demo, Source Code) GPL-2.0 C
  • SparkleShare - Self hosted, instant, secure file sync. (Source Code) GPL-3.0 C#
  • Syncany - Secure file sync software for arbitrary storage backends, an open-source cloud storage and filesharing application. Securely synchronize your files to any kind of storage. GPL-3.0 Java
  • Syncthing - Syncthing is an open source peer-to-peer file synchronisation tool. (Source Code) MPL-2.0 Go
  • Unison - Unison is a file-synchronization tool for OSX, Unix, and Windows. GPL-3.0 OCaml
  • Z-Push - Implementation of Microsoft’s ActiveSync protocol. (Source Code) AGPL-3.0 PHP
XMPP Web Clients:
  • Candy - Multi user XMPP client written in Javascript. (Source Code) MIT Javascript
  • Converse.js - Free and open-source XMPP chat client in your browser. (Source Code) MPL-2.0 Javascript
  • JSXC - Real-time XMPP web chat application with video calls, file transfer and encrypted communication. There are also versions for Nextcloud/Owncloud and SOGo. (Source Code) MIT Javascript
  • Kaiwa - Web based chat client in the style of common paid alternatives. (Source Code) MIT Nodejs
  • Movim - Modern, federated social network based on XMPP, with a fully featured group-chat, subscriptions and microblogging. (Source Code) AGPL-3.0 PHP
  • Salut à Toi - Multipurpose, multi frontend, libre and decentralised communication tool. AGPL-3.0 Python
  • Libervia - Web frontend from Salut à Toi. (Source Code) AGPL-3.0 Python
#linux #gnu #gnulinux #selfhosted #services #hackernews #foss #security #privacy #searchengines #searx #yacy #seeks #gigablast #ambar #xmpp #candy #jsxc #kaiwa #movim #salutàtoi #libervia #gitannex #kinto #nextcloud #owncloud #pydio #samba #seafile #sparkleshare #syncany #syncthing #unison #zpush

 
Hallo zusammen,

ich bin nicht ganz #neuhier.
Ich interessiere mich für viele Dinge.
Technik:
#Android #lineageos #Linux #opensource #selbsthosting #Nextcloud #xmpp #humhub #Community #Datenschutz #Datensicherheit #lpic #ccna #ccnp
Freizeit:
#Motorrad #schwimmen #fahrrad
Persönlich:
#dieBibel #glaube #Jesus #Familie

Ich schätze mich selber als #kommunikativ und wenig #emotional ein... Bin mehr der #Denker... habe einen #dunklenHumor...

Mehr dann im Gespräch...

Bis dann und weiterhin viel Freude hier!
👋👋👋👋👋👋👋

 
Hallo zusammen,

ich bin nicht ganz #neuhier.
Ich interessiere mich für viele Dinge.
Technik:
#Android #lineageos #Linux #opensource #selbsthosting #Nextcloud #xmpp #humhub #Community #Datenschutz #Datensicherheit #lpic #ccna #ccnp
Freizeit:
#Motorrad #schwimmen #fahrrad
Persönlich:
#dieBibel #glaube #Jesus #Familie

Ich schätze mich selber als #kommunikativ und wenig #emotional ein... Bin mehr der #Denker... habe einen #dunklenHumor...

Mehr dann im Gespräch...

Bis dann und weiterhin viel Freude hier!
👋👋👋👋👋👋👋

 

Update on OMEMO (Monal IM)


If you happen to be on the dark side (= Apple):
I have an update on the status of OMEMO in Monal. I’ve completed my spike and have a very rough implementation working. I am able to communicate with Gajim and Chatsecure. I am actually using a lot of the same OMEMO code as Chatsecure using Chris’ cocoapods. The shared code base should reduce duplicated effort and ensure compatibility on the two main Apple platform clients going forward.

The current code isn’t anywhere near production but once I clean it up more, you should start seeing it as an option to turn on in Mac betas in the next month or so. [...]
#omemo #monal #xmpp #apple #ios #macos
Update on OMEMO

 

XMPP server in Go


Does not yet have all the features, one would need, e.g. no Stream Management (XEP-0198) etc. Far from production ready. But nice to see new developments!

#xmpp #go #golang #server #jackal

 

Gajim master available in Debian experimental


For users of Debian testing or unstable who like the smell of adventure and the taste of danger: Try$ sudo apt install -t experimental gajimand you will learn what fear is!

Seriously: Nothing to be afraid of, IMHO. Only a bunch of nice features, such as MUC avatar pictures! Still, it is called experimental for a reason, so expect rough edges here and there.

Official releases are still in unstable/testing/stable-backports, as always.

#gajim #debian #xmpp

 
Over the course of 2 months, and one Ubuntu and Debian upgrade, I came from not being impressed with #Gajim + #OMEMO to extremely satisfied with it, in a way that even mom and dad can talk to me through it.

Release 1.0.1, available natively in Bionic, is extremely well polished, highly usable and the OMEMO plugin works great when I have to talk to people using android. Great job to everyone who helped out in the project!
#privacy #xmpp

 
Over the course of 2 months, and one Ubuntu and Debian upgrade, I came from not being impressed with #Gajim + #OMEMO to extremely satisfied with it, in a way that even mom and dad can talk to me through it.

Release 1.0.1, available natively in Bionic, is extremely well polished, highly usable and the OMEMO plugin works great when I have to talk to people using android. Great job to everyone who helped out in the project!
#privacy #xmpp

 
Chat Now Enabled at Diaspora*LA

Diaspora*LA's configuration has been updated to enable XMPP chat integration. With this feature, diaspora*LA users can chat with friends on other pods via the diaspora* user interface. Additionally, we can use our diaspora* account with XMPP client applications to chat with other XMPP[...]

\#xmpp #chat #diaspora-la #diaspora
Originally posted at: https://blog.diaspora.la/2018/05/06/chat-now-enabled-at-diasporala/
Chat Now Enabled at Diaspora*LA

 
Chat Now Enabled at Diaspora*LA

Diaspora*LA's configuration has been updated to enable XMPP chat integration. With this feature, diaspora*LA users can chat with friends on other pods via the diaspora* user interface. Additionally, we can use our diaspora* account with XMPP client applications to chat with other XMPP[...]

\#xmpp #chat #diaspora-la #diaspora
Originally posted at: https://blog.diaspora.la/2018/05/06/chat-now-enabled-at-diasporala/
Chat Now Enabled at Diaspora*LA

 
Ayer con f del @Partido Interdimensional Pirata de Argentina nos* juntamos a armar esto:

Prosody Moderno @ 0xacab.org GitLab


La idea del proyecto es facilitar la tarea de levantar un servicio de #chat moderno, seguro** e interoperable.

Son dos archivos de configuración y un script que crea un container.

Detalles técnicos


Los archivos de configuración son: uno para la #monitorización incluída #Monit, y otro para el servidor de chat #Prosody.

El script es un Dockerfile: un achivo con instrucciones sobre cómo fabricar una imagen de #Docker (como los archivos Makefile de make).

El container está basado en #Alpine, y usa variables de entorno y envsubst para adaptar la configuración.

Eh! Yo quiero, también!


Quienes se den maña, están invitadxs a probarla, y colaborar o hacer su propia versión en base a esta.

Para reportar problemas, documentar o bifurcar (fork) el repositorio, se tienen que registrar en 0xacab.org.

Para clonar el repositorio, pueden tirar git clone https://0xacab.org/partido-interdimensional-pirata/prosody-moderno.git, sin necesidad de registrarse.
#XMPP #Jabber #IM
#XEPs #ComplianceTester #XEP-0387 #HTTPFileUpload #OMEMO #MAM #PushNotifications #MessageCarbons #StreamManagement
#containers #virtualización #aislamiento #automatización #orquestación
#español #ñ

*: más que nada lo armó él, en realidad :P yo fui a acompañar y a aprender (levanté un Prosody una vez, pero nunca había usado Docker)
**: a seguro se lo llevaron preso

 
Ayer con f del @Partido Interdimensional Pirata de Argentina nos* juntamos a armar esto:

Prosody Moderno @ 0xacab.org GitLab


La idea del proyecto es facilitar la tarea de levantar un servicio de #chat moderno, seguro** e interoperable.

Son dos archivos de configuración y un script que crea un container.

Detalles técnicos


Los archivos de configuración son: uno para la #monitorización incluída #Monit, y otro para el servidor de chat #Prosody.

El script es un Dockerfile: un achivo con instrucciones sobre cómo fabricar una imagen de #Docker (como los archivos Makefile de make).

El container está basado en #Alpine, y usa variables de entorno y envsubst para adaptar la configuración.

Eh! Yo quiero, también!


Quienes se den maña, están invitadxs a probarla, y colaborar o hacer su propia versión en base a esta.

Para reportar problemas, documentar o bifurcar (fork) el repositorio, se tienen que registrar en 0xacab.org.

Para clonar el repositorio, pueden tirar git clone https://0xacab.org/partido-interdimensional-pirata/prosody-moderno.git, sin necesidad de registrarse.
#XMPP #Jabber #IM
#XEPs #ComplianceTester #XEP-0387 #HTTPFileUpload #OMEMO #MAM #PushNotifications #MessageCarbons #StreamManagement
#containers #virtualización #aislamiento #automatización #orquestación
#español #ñ

*: más que nada lo armó él, en realidad :P yo fui a acompañar y a aprender (levanté un Prosody una vez, pero nunca había usado Docker)
**: a seguro se lo llevaron preso

 

Xabber for iOS alpha testing


When I still had a smartphones, long time ago, I liked Xabber more than Conversations, both installable from F-Droid.org. The Xabber UI was easier for me to understand than Conversations, esp. how to work with multiple acconts and roster groups. Nice, that they are creating an iOS client, too! (Not so nice, that people use iOS in the first place, but that's another problem.) Those who like to use OMEMO encryption on iOS, need to stay with ChatSecure, however.

#xmpp #xabber #ios #freesoftware #chatsecure

 

Summer of Code: Command Line OX Client!


vanitasvitae writes on 2018-06-01:
As I stated earlier, I am working on a small XMPP command line test client, which is capable of sending and receiving OpenPGP encrypted messages. I just published a first version :)
Creating command line clients with Smack is super easy. You basically just create a connection, instantiate the manager classes of features you want to use and create some kind of read-execute-print-loop.
Last year I demonstrated how to create an OMEMO-capable client in 200 lines of code. The new client follows pretty much the same scheme.
The client offers some basic features like adding contacts to the roster, as well as obviously OX related features like displaying fingerprints, generation, restoration and backup of key pairs and of course encryption and decryption of messages. Note that up to this point I haven’t implemented any form of trust management. For now, my implementation considers all keys whose fingerprints are published in the metadata node as trusted.
You can find the client here. Feel free to try it out, instructions on how to build it are also found in the repository.
Happy Hacking!
#smack #ox #freesoftware #xmpp #cli #fsfe #openpgp #omemo

 

XMPP mit OMEMO mit Gajim unter Fedora


Eben stand ich wie der Ochs vorm Berg. Ich hatte auf meinem Fedora System für XMPP das Programm Gajim installiert und wollte das OMEMO-Plugin zum Laufen bekommen. Also wollte ich python-axolotl installieren, aber es gibt nichts entsprechendes. Nun nach ein wenig Suchen und hin und her fand ich dann doch noch eine Lösung wie man es hin bekommt ohne das gewünschte selbst zu kompilieren. Ich hoffe das ich mit diesem kleinen Beitrag hier jenen die auch vor dem selben Problem stehen vor dem ich stand ein wenig helfen kann.

Tags: #de #fedora #linux #gajim #xmpp #omemo #axolotl #ravenbird #2018-06-06

 

XMPP mit OMEMO mit Gajim unter Fedora


Eben stand ich wie der Ochs vorm Berg. Ich hatte auf meinem Fedora System für XMPP das Programm Gajim installiert und wollte das OMEMO-Plugin zum Laufen bekommen. Also wollte ich python-axolotl installieren, aber es gibt nichts entsprechendes. Nun nach ein wenig Suchen und hin und her fand ich dann doch noch eine Lösung wie man es hin bekommt ohne das gewünschte selbst zu kompilieren. Ich hoffe das ich mit diesem kleinen Beitrag hier jenen die auch vor dem selben Problem stehen vor dem ich stand ein wenig helfen kann.

Tags: #de #fedora #linux #gajim #xmpp #omemo #axolotl #ravenbird #2018-06-06

 
Decentralized code forge, based on XMPP

If you want to see an alternative to #github which is decentralized and ethics, it's at your fingertips, you can make it real!

https://www.goffi.org/b/F4xScokjZejCYAB4NamBbc/decentralized-code-forge,-based-xmpp

#xmpp #salutatoi #SàT #code #forge #decentralization #contribution #cooperation

 
Decentralized code forge, based on XMPP

If you want to see an alternative to #github which is decentralized and ethics, it's at your fingertips, you can make it real!

https://www.goffi.org/b/F4xScokjZejCYAB4NamBbc/decentralized-code-forge,-based-xmpp

#xmpp #salutatoi #SàT #code #forge #decentralization #contribution #cooperation

 
With the announce of #microsoft buying #github, it's a good time to recall that I've started to write tools for a decentralized forge in Salut à Toi (based on #XMPP), with tickets and merge requests implemented.

It's already working, it's written in a popular language (#python) and help would be more than welcome (check our XMPP MUC room at sat@chat.jabberfr.org).

Blog post and demo at https://www.goffi.org/b/9555cc02-6a87-4b6b-af85-20f1c0736722/xmpp-based-tickets-merge-requests-with .

#salutatoi #SàT #XMPP #decentralization #forge #code

 
With the announce of #microsoft buying #github, it's a good time to recall that I've started to write tools for a decentralized forge in Salut à Toi (based on #XMPP), with tickets and merge requests implemented.

It's already working, it's written in a popular language (#python) and help would be more than welcome (check our XMPP MUC room at sat@chat.jabberfr.org).

Blog post and demo at https://www.goffi.org/b/9555cc02-6a87-4b6b-af85-20f1c0736722/xmpp-based-tickets-merge-requests-with .

#salutatoi #SàT #XMPP #decentralization #forge #code

 

Katarina Barley fordert Öffnung von WhatsApp für andere Dienste


Huch, eine Ministerin mit einer richtig guten Idee? Was ist denn da passiert?

Chat-Dienste sollten genauso wenig monopolisiert sein wie Email oder Telefonie. Menschen, die bei verschiedenen Email-Providern oder Telefonie-Anbietern sind, können trotzdem miteinander kommunizieren. Nur bei IM ist das anders: Bei Whatsapp sitzt man im rostigen Käfig. Die Politik sollte in der Tat durchsetzten, daß IM-Dienste ab einer bestimmten Größe geöffnet werden müssen. Dafür gibt es seit knapp zwanzig Jahren sogar einen offiziellen Internet-Standard. Whatsapp, Google, Facebook haben genau diesen Standard sogar jahrelang genutzt, sich von diesem aber verabschiedet um sich abzuschotten.

Auch sympathisch: Frau Barley ist weder bei Whatsapp noch bei Facebook.

#barley #katarinabarley #im #whatsapp #spd #xmpp #chat #federation

 

Public Jabber Chat rooms



Christopher Muclumbus: A listing of public XMPP/Jabber chat rooms/groups.



If you are in a public MUC, that is not yet listed, you can add it by inviting xmpp:christopher.muclumbus@dreckshal.de to the room. In Gajim, you have to type in the message field when you are in the specific chatroom: /invite christopher.muclumbus@dreckshal.de.

#xmpp #jabber #muc #federation #chatroom #freesoftware #agpl

 

XMPP-Meetup Berlin: Daniel Gultsch about good and bad client UX



Next Meeting:

Thursday, 2018-06-07, 19:00

co-up, Adalbertstr. 8, 10999 Berlin

Daniel Gultsch:
I’m going to talk about how to deal with baggage and how legacy UX (something that long time users are used to from other clients) makes it difficult to create good clients. (Which for example lead to the creation of the infamous »Expert Settings«.)
#xmpp #berlin #meeting #ux #android #conversations #federation

 

Have you considered the alternative?



Good read. The authors make clear, that end-to-end encryption, as important as it is, is not the most important tool to protect privacy. Federation or decentralization is much more important. They also see clearly, that centralized messengers have much better funding opportunities than federated ones.
While OWS provides thorough expertise in the field of cryptography, Marlinspike is currently advocating centralisation as the only answer towards user-friendly, fast and secure messaging apps. Decentralisation, according to him, has no place in the modern world and apparently hampers innovation. However, some of his arguments have not remained unchallenged. In particular, where Marlinspike accuses federation of stalling evolution, Daniel Gultsch provides a counter argument by using the Web as an example of successfully federated system. Furthermore, Gultsch states that the problem is not that federation doesn't adapt, but rather that there are problems with its implementation for a very significant reason: software developers working on federated systems mostly work for free in their spare time or with little means, given the difficulty to monetise a system which design can only succeed if it is open and can be appropriated easily beyond its original scope, and thus making its capitalisation particularly challenging. In that sense, the most interesting aspect of this debate is that while Marlinspike seems to defend his product from a technological perspective, Gultsch's counter argument moves back the discussion to the context of political economy.

Hosting your own infrastructure allows you to scale your communication in a way that is the most meaningful for the group or community you belong to. It is also a way to make sure your system matches your own threat model?, while simultaneously allowing you to deal with trust that is not mediated by an app. It also allows you to experiment with economic models other than those linked to large-scale infrastructure involving surveillance and capturing of your social graph for financial gain. Maybe you want to share the cost of the server or the responsibilities of administrating it, maybe you want to collectively learn how to run all this stuff, or maybe you want to start meetings to exchange tips, etc. However, this does not mean that you need to cut yourself off from the rest of the world and this form of localism should not be misunderstood for a hipsterist and reactionary form of escapism. Instead, such an approach is quite the opposite as it provides a possibility to actively engage with societal issues. It allows groups to collectively think, in the sense of defining questions and hypotheses themselves, acquire skills and knowledge and respond to issues that are both relevant to their own situation but that can also resonate globally, enabling others to start a similar process.
#whatsapp #facebook #signal #xmpp #conversations #gajim #chatsecure #selfhosting #federation #politics #freesoftware

 

Movim at Debian Mini DebConf in Hamburg



Movim developer Timothée “edhelas” Jaussoin writes:
Hey everyone :) I'm currently in #Hamburg for the MiniDebConf.
The goal is to work on #Movim and prepare it to be packaged for #Debian!
Lots of work has already been done as you can see on the CHANGELOG of the project.
We first worked on cleaning up and stabilizing the #dependencies of Movim. The outdated heyupdate/emoji was replaced by a wonderful pull request by mirabilos that add support of emojis directly inside Movim.
On my side I replaced ramsey/uuid with a simple internal function and worked on upgrating reactphp/http to their latest release with the help of WyrilHaximus, which also helped to release the v0.4.0 of reactphp/zmq that contains some important fixes for Movim.
The template engine of Movim, RainTpl was also stabilized to the latest release.
Natureshadow also made a really nice pull request to prepare the Debian package and fixe a couple of small bugs regarding URL handling inside the project.
All those dependencies will soon be packaged and integrated in Debian.
On top of that I worked a few hours yesterday on the optimisation of the #database requests by using some memory caching and Eloquent eager loading to prefetch some extra information when querying resources in the DB. This reduces the time spent to generate the pages and contents by more than 50 to 75% in some cases! It can especially be noticed on the Chat page and Contacts page.
The main pods were also updated with all those changes, so you can try them on nl.movim.eu, fr.movim.eu or de.movim.eu.
That's all folks!
#movim #debian #socialnetwork #minidebconf #hamburg #xmpp #php #eloquent

 

Progress report from the Movim packaging sprint at MiniDebconf



Debian developer Thorsten “mirabilos” Glaser writes:
The upstream Movim developer arrived as well — we have quite an amount of upstream developers of various projects attending MiniDebConf, to the joy of the attendees actually directly involved in Debian, and this makes things much easier, as he immediately started removing dependencies (to make our job easier) and fixing bugs and helping us understand how some of those dependencies work. (I also contributed code upstream that replaces some Unicode codepoints or sequences thereof, such as 3⃣ or ‼ or 👱🏻‍♀️, with <img…/> tags pointing to the SVG images shipped with Movim, with a description (generated from their Unicode names) in the alt attribute.)
Now, Saturday, all dependencies are packaged so far, although we’re still waiting for maintainer feedback for those two we’d need to NMU (or have them upload or us take the packages over); most are in NEW of course, but that’s no problem. Now we can tackle packaging Movim itself — I guess we’ll see whether those other packages actually work then ☺
In the meantime we’ve also had the chance to socialise, discuss, meet, etc. other Debian Developers and associates and enjoy the wonderful food and superb coffee of the “Cantina” at the venue; let me hereby express heartfelt thanks to the MiniDebConf organisation for this good location pick!
#movim #debian #socialnetwork #minidebconf #hamburg #xmpp

 

Prosody 0.10.1 released



Congratulations to the developers!



As always, the release features many improvements and bug fixes.

The package is already in Debian unstable, and will be in testing and stable backports soon.

#prosody #xmpp #debian

 

New German language XMPP developers community



Für alle, die an der Entwicklung von XMPP interessiert sind (also eher nichts für reine End-Users), gibt es eine neue Deutschsprachige XMPP-Community. Einfach mal reinschauen!
#xmpp #german #deutsch #entwicklung #developer #community

 

XMPP-Meetup in Berlin



XMPP Council member Daniel Gultsch, also known for his Android application Conversations, will explain how the XMPP Standards Foundation (XSF) works and how an XMPP Extension Protocol (XEP) emerge.

Monday, 2018-05-14 19:00 CEST, location see link

#berlin #xmpp #conversations #xsf #xep

 

XMPP with anonymous network I2P



Interesting article with configuration hints for prosody, which I should try at some point:
The idea of building decentralized messenger run by users, not corporations, is not new. But the process of building it costs a lot of money and takes a lot of time. But what if we take the old good XMPP protocol, which has everything already implemented for us?
That's not "real P2P", you may argue, for using XMPP one needs to have a server running with a registered domain name. Yes, but we can run our server software on a local host and use virtual I2P network for connecting with other servers. I2P (Invisible Internet Protocol) allows us to use virtual .i2p address instead of a real domain name, plus it gives us advanced protection against illegal dragnet surveillance.
That way we have:
* Hybrid P2P messenger, which can be run both on end-user devices and on high-performance server infrastructure.
* Features which many of "real P2P" messengers miss: offline message delivery, "cloud storage" for history and contacts, using one account on multiple devices.
* All kinds of end-user applications are available (desktop, mobile, web).
* Censorship resistance and advanced privacy protection as a bonus from using I2P.

Let's get it!
#xmpp #i2p #i2pd #decentralization #p2p #privacy #prosody

 

XMPP and GDPR



The XMPP Standards Foundation (XSF) is discussing the implications of the EU General Data Protection Regulation (GDPR). Interesting!

#xmpp #gdpr #privacy

 

Gajim 1.0.2 released



This is a bug fix release, i.e. around 20 issues have been solved.
It is already in Debian unstable ("sid").

On a side note: A colleague switched from Psi 1.3 to Gajim 1.0.1 on Windows 10 and so far, they is happy. Psi wasn’t bad, but on their machine it was not possible to restart Psi after quitting it. Only after reboot :~(

#gajim #xmpp #debian

 
Should someone of you use #Conversations 2.0+, you might want to update

Daniel Gultsch ha scritto:

“Please update to Con­ver­sa­tions 2.1.4 ASAP. Avail­able on both Google Play and F-​Droid. This fixes our first crit­ical secur­ity issue. More details will fol­low after the major­ity of people have upgraded. Con­ver­sa­tions Leg­acy and Con­ver­sa­tions prior to 2.0 are not affected.”


source (twitter)

#xmpp #jabber