Posts by hubert@social.uhoreg.ca
(DIR) Post #AIr0h3caCjpGHICAFM by hubert@social.uhoreg.ca
2022-04-26T21:43:57Z
0 likes, 0 repeats
Note that even if Wire, Matrix, XMPP, etc. all use MLS, they still won't be able to communicate with each other unless the payload formats are the same.
(DIR) Post #AIsMnyueV9KvqqJVfk by hubert@social.uhoreg.ca
2022-04-27T13:26:46Z
0 likes, 0 repeats
By payload format, I mean how the messages are encoded before they're encrypted. In unencrypted chats, you can have a server-side bridge/transport that can convert messages from one format to another, so although Matrix uses JSON and XMPP use XML, I can use my Matrix account to join an XMPP chat via a bridge, and my Matrix account will see JSON, and XMPP folks will see XML. But with end-to-end encrypted messages, you can't have something server-side that transforms the encrypted data; whatever the sender sends is what the receiver will see. So if an XMPP user sends a message encrypted with MLS, my Matrix client might be able to decrypt the message, but then it will find that it contains XML, which it doesn't know what to do with.
(DIR) Post #AIxHpxiaNzDUkFav8S by hubert@social.uhoreg.ca
2022-04-29T19:42:10Z
0 likes, 2 repeats
Wow, this is amazing! GNOME patent troll stripped of patent rights
(DIR) Post #AJ5qfeFywHaF9QiCvY by hubert@social.uhoreg.ca
2022-05-04T01:28:10Z
2 likes, 0 repeats
My company is hiring: https://element.io/careers Most of the positions are listed as being in London, but I don't think that location matters much. We're very remote-friendly, and can hire people in Germany. Maybe you'll see something that interests you. We have projects in TS/Node, Python, Rust, Go. Unfortunately, not enough Elixir.
(DIR) Post #AJOI3lVTQg5FszqC4e by hubert@social.uhoreg.ca
2022-05-12T21:57:39Z
0 likes, 3 repeats
Joint statement on the dangers of the EU's proposed regulation for fighting child sexual abuse online. – Global Encryption Coalition
(DIR) Post #AJVs8IGGXxWb5UuCw4 by hubert@social.uhoreg.ca
2022-05-16T14:27:27Z
0 likes, 0 repeats
Thanks for writing that up. It's quite technical in some parts, but helps to explain several of the different reasons that you get undecryptable messages. And the "small" chart at the end is pretty helpful. (Though I think it would be nice if you made the chart into a clickable link that went to a full-size image.)
(DIR) Post #AL1PM6u3b6WejQkWKO by hubert@social.uhoreg.ca
2022-06-30T17:27:52Z
0 likes, 0 repeats
There is usually quite a bit of similarity between words in the Romance languages. However, there's one exception that I've noticed: "butterfly" is very different in at least the four most common romance languages: es: mariposa, pt: borboleta, fr: papillon, it: farfalla Linguists of ActivityPub, can anyone explain the divergence for that word?
(DIR) Post #AOas75HBL2B7kUR0EK by hubert@social.uhoreg.ca
2022-10-15T13:55:40Z
0 likes, 0 repeats
So... we should increase taxes on the rich, so that they also can be motivated by starvation and homelessness?
(DIR) Post #AOd3EzDeTomcuCVkOm by hubert@social.uhoreg.ca
2022-10-16T14:33:44Z
0 likes, 0 repeats
E2EE requires processing on the client side. Since E2EE in Matrix and XMPP aren't compatible, I'd expect that it just wouldn't work.
(DIR) Post #AOyGVZcqyfwppKyZZw by hubert@social.uhoreg.ca
2022-10-26T20:13:05Z
0 likes, 0 repeats
Your PDA diagram looks a bit fishy. And by "fishy", I mean it looks like a fish. ;)On a more serious note, a long time ago, I used to teach finite automata, so it's always fun to see people using it in real life.
(DIR) Post #AUtAXCeT41RT5NhdD6 by hubert@social.uhoreg.ca
2023-04-21T13:44:25Z
0 likes, 0 repeats
Wow, that's a terrible URL. It says "Twitter" more times than it says "Mastodon", and it includes "Elon Musk" but doesn't include "Eugen Rochko". You'd expect that a URL that includes key words in it should at least include the person that is being interviewed.
(DIR) Post #AV3oqhcU5ZzgNfE8uG by hubert@social.uhoreg.ca
2023-04-26T23:52:47Z
0 likes, 0 repeats
I don't know much about how Direct Posts work in the Fediverse, but I do know about MLS. It should work, but I'm not sure that it would give much benefit over just using a double-ratchet, which is much simpler. The main advantage of MLS is in groups. If you're just exchanging messages with one other person, then I'd probably just go with a double-ratchet. Unless you have a need for MLS for something else, in which case it might be better to use one system for everything.
(DIR) Post #AVI5aSyBCzDtkEeq4O by hubert@social.uhoreg.ca
2023-04-27T01:25:34Z
0 likes, 0 repeats
> Since more than one account can be @mentioned in a Direct Post, they can involve a group (sender and 2 or more recipients). So it sounds like MLS may well be useful here.Yeah, that makes sense.Another issue with using MLS is whether something in ActivityPub can be used to enforce an ordering to the MLS commit messages (and reject messages that go outside that order), or if something can be built to easily do that. Again, I don't know much about ActivityPub, but I suspect that it isn't possible. If it isn't possible, then it would have do use something like my decentralized variant of MLS, rather than the current version of MLS. Hopefully the next version of MLS will be able to work in that situation.
(DIR) Post #AVI5aTufhW0kfe1YEy by hubert@social.uhoreg.ca
2023-05-03T17:04:28Z
0 likes, 0 repeats
Another potential issue I thought of with using MLS is that MLS requires conversations to be identified by a unique ID (a "group ID"). I don't know if such a thing exists in ActivityPub Direct Posts.
(DIR) Post #AYgEEgOTklvw6WSM1A by hubert@social.uhoreg.ca
2023-08-12T13:55:48Z
0 likes, 1 repeats
@strypey There's also my own polyjuice project: a set of libraries and tools for Matrix in Elixir: https://gitlab.com/polyjuice/
(DIR) Post #AYm7ujlam7658YFWIy by hubert@social.uhoreg.ca
2023-08-15T13:46:01Z
0 likes, 0 repeats
@strypey Any "address" (called a room alias) that has been created for the room can be used. However, only moderators can change the room so that it knows about the alias. So if you create #rubberchicken:myserver.nz, anyone can use that alias to join the room. But the room itself won't be aware of the alias unless a moderator adds it.
(DIR) Post #AbOJFqpMC1iWy39Ksq by hubert@social.uhoreg.ca
2023-11-02T02:34:48Z
0 likes, 0 repeats
@strypey FWIW, spectral is abandoned. NeoChat is its successor. It recently added encryption support, so it may be a while before that makes it to the various distros.I'm surprised that Nheko crashed when you entered the full Matrix ID. What version of Nheko were you trying?
(DIR) Post #AcEcnDlpAbAifJUhwe by hubert@social.uhoreg.ca
2023-11-27T14:38:08Z
1 likes, 0 repeats
Thanks to Ada Lovelace's example, writing a program and never testing it is a time-honoured tradition among computer programmers.♲ https://mastodon.social/@gutenberg_org/111482120004043293
(DIR) Post #AnATgK7QWi8lLiJhfU by hubert@social.uhoreg.ca
2024-10-18T13:58:28Z
0 likes, 0 repeats
@strypey @praveen I'm one of the Matrix developers that participated in the IETF MLS group, and FWIW, while we do work for Element, we participated in the IETF group with our Matrix.org Foundation hats on, rather than with our Element hats. And it's a bit hard to predict when Matrix will have MLS support, as work on it is a bit sporadic because it depend on getting funding to work on it. Also, Matrix's architecture doesn't quite agree with MLS's architecture, so it's non-trivial to add MLS to Matrix.XMPP's architecture agrees more with MLS's architecture, since each MUC room is hosted by a single server. So it would be easier to use MLS in XMPP, though I don't know if there's anyone working on it. (I *think* that I heard of someone working on it, but I don't remember who, and I don't know the status of it.)
(DIR) Post #AzPG9Rty4HGTAGVZxY by hubert@social.uhoreg.ca
2025-10-20T15:45:31Z
0 likes, 0 repeats
@lyyn @andybalaam We've considered that, and there were some proposals put forward. But it has some issues, such as not being compatible with single-sign-on, or the new OAuth-based authentication system that was being developed. Also, it would mean that if you logged into something like Cactus Comments, which has no reason to do encryption, you would be giving it full access to your encrypted data. In the end, it was decided that we'd get better mileage out of moving forward with the new authentication system and simplifying the sign-in process (with things such as QR-code-based logins, which logs you in, verifies the new device, and provides it with all the necessary secrets in one go), rather than trying to combine the login and secret storage passwords.