Notices by Daniel Gultsch (daniel@gultsch.social)

For a protocol that's often accused of accumulating vast amounts of metadata, it's surprisingly difficult to determine how many people use #XMPP and which clients they prefer.

I don’t usually do this kind of evangelism, but if you’re looking for a reason to try #XMPP on #GlobalSwitchDay, now’s the perfect time: #Conversations_im is currently free on Google Play!

https://play.google.com/store/apps/details?id=eu.siacs.conversations

The Matrix.org/Element saga isn’t about sustaining Open Source development—it’s a tale of venture capital and corporate greed playing out exactly as foretold.

#Matrix

I love open source, and I want young people to know there’s a career path outside of #FAANG. Open source can be financially sustainable—it just gets super hard if one of your key goals is making your investors even richer. #Conversations_im is about the same age as #Matrix. I never took VC funding, and I’m doing fine.

#OpenSource

Gerade ein sehr angenehmes Interview von Tilo Jung mit Jan van Aken zu Ende gehört.

Bei dem, was Jan van Aken über Wirtschafts-, Sozial- und Verkehrspolitik zu sagen hat, gibt es von mir ja viel Zustimmung.

Ich würde mir wünschen, @dielinke hätte mehr Bewusstsein dafür, dass, wenn ein Autokrat in ein wehrloses Europa einfällt, wir die ganze schöne Sozialpolitik auch nicht mehr umsetzen können.

https://www.youtube.com/watch?v=ls0tBHgy_xI

#BTW25

@EmoIsDeadAndSoAmI @dielinke Stärker Sanktionen und ein wehrhaftes Europa 🇪🇺 schließen sich ja nicht aus. Ich für meinen Teil hätte mir im Februar 2022 gerne einen Pulli angezogen und den Gashahn abgedreht.

Just over three weeks remain until the 27th #XMPP Summit takes place in Brussels. If you’re planning to attend but haven’t registered yet, please make sure to add your name to the wiki by the end of this week: https://wiki.xmpp.org/web/Conferences/Summit_27

If you’re an XMPP developer or spec author and weren’t planning to attend, I’d strongly encourage you to reconsider

For those who can’t make it to Brussels but will be in Berlin on Wednesday, February 12th, we’ll be discussing the Summit at that week’s XMPP Meetup

⚠️ 🚨 It’s time to stop using Blabber.im 🚨⚠️

The abandoned fork of #Conversations_im has a critical security issue: attackers can bypass STARTTLS negotiation, resulting in an unencrypted connection to a fake server. This vulnerability is similar to the STARTLS attack discovered in various email clients¹

✅ Fixed in Conversations 2.13.1 (Feb 2024)

📢 Please migrate to Conversations immediately! It's free on Google Play until the end of the year and always free on #fdroid

¹: https://archive.fosdem.org/2024/schedule/event/fosdem-2024-2179--protocols-security-of-starttls-in-the-e-mail-context/

Continuing a decade-long tradition #Conversations_im is currently available for free on Google Play.

https://play.google.com/store/apps/details?id=eu.siacs.conversations

Merry Christmas 🎄 Happy Holidays ☃️ and have fun at #38C3

Did you know that you can configure custom notification sounds per contact or group chat in #Conversations_im?

Apparently not many people knew that so the next version will make, what essentially is a native Android feature, easier to access via the overflow menu of contact or group chat details.

https://gultsch.video/w/8wZSkoad1bv4VHmuSPZWsV

It is pretty cool that #Conversations_im sales have been paying my rent for the last 10 years.

Not everything needs to be a subscription.

#XMPP #OpenSource

In 2015 I spent a couple of weeks in Singapore and I still remember sitting at a café and implementing the feature that merges multiple messages into the same bubble.

Today this feature has been removed from #Conversations_im in favor of moving the bubbles closer together. This gives better control over per messages actions such as sharing, quoting or adding a reaction.

I never understood what "ethical pioneer" means. Apparently it means cherry-picking features from upstream without crediting the original author¹² 🤷.

¹: https://codeberg.org/monocles/monocles_chat/commit/df6552f51a1b502dc5790299b3eab3033e88184f
²: https://codeberg.org/monocles/monocles_chat/commit/aef598f83bf9e24f987817b14c532ca50097dd64

@gumnaam Note that in my testing I never actually opened or otherwise interacted with the apps. (I did make sure that messages got delivered though).

As soon as you start interacting with the apps or if/when they receive a different amount of messages your results get skewed (Screen time is obviously a big contributor to battery consumption)

@masoud Both have direct connections to their respective servers because #GrapheneOS comes without Play Services. Both apps prompted me for exemptions to "Battery optimizations" which I granted.

On the sending side I made sure (by looking at the double ticks ✅ ) that the messages were delivered instantly.

I installed #Signal and #Conversations_im on a clean install of #GrapheneOS on my Pixel 4a and measured the battery impact. The results are shocking!

Both messengers had only one contact: my regular phone.

I used my regular phone to send messages to the Pixel 4a (which was not used for anything else over the course of the experiment).

I always sent the same message via Signal and #XMPP (mixing up which app went first). In total I sent ~32 messages in intervals of 10mins to a few hours.

We tried the "The NSA kills people based on meta data" approach and it did nothing to convince people to use #XMPP.
How about changing our messaging to: "Your crippling BNPL debt is a direct consequence of Google, Meta and ByteDance knowing every fucking thing about you"

This feels weird to say because it should be obvious: Don’t download random #Conversations_im forks from the PlayStore!

I don’t know why people install apps with no website or source code. If you’re reading this, you’re likely not one of them—but server stats show they exist.

Yesterday, I warned one such fork about massive security issues and asked them to take it down. They refused.

@its_a_me @bhhaskin fwiw #Conversations_im is not a hobby project. It is very much a commercial enterprise. My hobbies don't entail sitting in front of a computer.

What is the #XMPP Summit and should you go? 🧵

The XMPP Summit is a two day event for the people who write and implement XMPP extensions (XEPs). It is not a conference. There are no presentations. It is more like a round table discussion and active participation is encouraged.
Similar to an unconference at the beginning of Day 1 participants can suggest topics and others can indicate (via a +1) whether or not they are interested in that topic. Afterwards a rough order of topics is established