RT @mtoecker@twitter.com

Infosec-Professionals: "Don't download and run random shit from the internet"

Also-Infosec-Professionals: "git clone $hackingtools && python ./hackingtools/random_shit.py"

🐦🔗: twitter.com/mtoecker/status/11

@JoergSorge

OMEMO messages can only be decrypted once by the particular device they were encrypted for.

So either you need to keep those decrypted messages stored in the browser's localStorage cache, or you lose them when your session ends.

You also have a secret key which needs to be kept around, otherwise other devices can't encrypt messages for that particular browser.

So yes, if you want to clear all browser data when you end your session, OMEMO won't work well for you.

@JoergSorge

Converse 5.0.0 was recently released and fixes some OMEMO bugs. Perhaps you want to give it another try.

There's still an OMEMO MUC bug, but someone is working on that.

github.com/conversejs/converse

RT @iNPUTmice@twitter.com

There is one slide in my presentation on the State of the XMPP community that you should not miss out on: Conversations is getting support for Jingle audio/video calls. (Probably in early 2020)

🐦🔗: twitter.com/iNPUTmice/status/1

JC Brand boosted

Recording of Conversations developer Daniel Gultsch on the state of the #xmpp community in 2019 at #froscon

media.ccc.de/v/froscon2019-244

Some takeaways:

1) there is a growing network of people working on a #public federated chat network based on XMPP. There has been a lot of activity in the space in recent years. This activity is partly due to the development sprints, many of which last year have been organized by @pep

2) a bunch of new (and existing) clients continue working on usability (cross platform, consistent UIs, support for mobile, end-to-end encryption). Particularly web clients such as ConverseJS by @jcbrand are promising.

3) A directory to search public discussion channels exists: search.jabbercat.org/rooms/1

4) Ongoing experimentation with what can be built on top of XMPP as a federated protocol by for example @Goffi

5) Conversations for Android has secured funding to implement a Voice / Video calls!

RT @Kpaxs@twitter.com

"Data isn’t the new oil, it’s the new CO2."

🐦🔗: twitter.com/Kpaxs/status/11602

RT @tracyalloway@twitter.com

The absence of true price discovery in an increasingly financialized economy and the subsequent failure of the private sector to allocate capital in a manner that is productive and useful for societies. twitter.com/katieeeeebell/stat

🐦🔗: twitter.com/tracyalloway/statu

"An artist never really finishes his work, he merely abandons it." - Paul Valery

I was reminded of this quote as I cut the 5.0.0 release of Converse.js client last night.

This is a huge (yuuuge) release, but there is still much more that could be done and bugs that aren't yet fixed. Alas, I ran out of time.

A big new feature is support for XEP-0198 stream management with websocket. I'm now only using BOSH as a fallback, otherwise it's not really necessary.

github.com/conversejs/converse

JC Brand boosted

I discovered my first hidden camera at an AirBnB last week in Yerevan, Armenia. Always scan the wifi when you get to a new place!! #surveillance #nmap #privacy #dystopia #security #badposture

JC Brand boosted

We got a tiny step closer to fully end-to-end encrypted message content in #XMPP.
Version 0.0.1 of XEP-420: Stanza Content Encryption (#SCE) just got published.
Still it is a long way till we're there.

xmpp.org/extensions/xep-0420.h

#sce #xmpp #jabber #xsf #encryption #e2ee #420

RT @mccrory@twitter.com

So WhatsApp scans your content as you create it, if it find anything of interest it will silently send it to FB servers for analysis (all pre-encryption on the device side). Basically wiretapping on device. Pretty horrible stuff! twitter.com/paul_shetler/statu

🐦🔗: twitter.com/mccrory/status/115

JC Brand boosted
JC Brand boosted

@61

"Russian poet Joseph Brodsky (1940–1996) was sentenced in 1964 to five years of banishment from Leningrad to Arkhangelsk Oblast for "social parasitism". In 1987 he won the Nobel Prize in Literature"

en.wikipedia.org/wiki/Parasiti

RT @deadprogrammer@twitter.com

In the USSR two things could land you in prison: not having a job (known as social parasitism or idling) or entrepreneurship. There's a significant overlap between these two groups of people, and that's where most of the economic output of capitalism comes from.

🐦🔗: twitter.com/deadprogrammer/sta

@strypey @stevenroose @Muto @debacle

I've noticed something similar with open source code in general.

When writing FOSS, you often have to write more generic code and take more edge-cases into consideration than when writing closed-source code where you can make all kinds of time-saving assumptions on how the code will be used or executed.

Writing more abstract or generic code is often harder, but if done well it results in much better code quality IMO.

@strypey @stevenroose @Muto @debacle

> why would implementing an make a developer's that harder?

In some ways it's easier, in others harder. It's easier because difficult problems (like federation) have been solved.

It's harder because you can make fewer time- and complexity-saving assumptions.

For example, if your eco-system supports only one chat client or one server, then you don't have to deal with feature discovery at all. That's a lot of complexity avoided.

RT @guusdk@twitter.com

After a short but uneventful beta period, we've released Openfire 4.4.0! Get it while it's hot! More details at discourse.igniterealtime.org/t

🐦🔗: twitter.com/guusdk/status/1144

Show more
Mastodon

Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.