close
  • Pl chevron_right

    Paul Schaub: A Simple OpenPGP API

    news.movim.eu / PlanetJabber · 6 days ago - 15:45 · 2 minutes

In this post I want to share how easy it is to use OpenPGP using the Stateless OpenPGP Protocol (SOP).

I talked about the SOP specification and its purpose and benefits already in past blog posts. This time I want to give some in-depth examples of how the API can be used in your application.

There are SOP API implementations available in different languages like Java and Rust . They have in common, that they are based around the Stateless OpenPGP Command Line Specification , so they are very similar in form and function.

For Java-based systems, the SOP API was defined in the sop-java library. This module merely contains interface definitions. It is up to the user to choose a library that provides an implementation for those interfaces. Currently the only known implementation is pgpainless-sop based on PGPainless.

The single entry point to the SOP API is the SOP interface (obviously). It provides methods for OpenPGP actions. All we need to get started is an instantiation of this interface:

// This is an ideal candidate for a dependency injection framework!SOP sop = new SOPImpl(); // provided by pgpainless-sop

Let’s start by generating a secret key for the user Alice:

byte[] key = sop.generateKey()        .userId("Alice <alice@example.org>")        .generate()        .getBytes();

The resulting byte array now contains our OpenPGP secret key. Next, lets extract the public key certificate, so that we can share it with out contacts.

// public keybyte[] cert = sop.extractCert()        .key(key) // secret key        .getBytes();

There we go! Both byte arrays contain the key material in ASCII armored form (which we could disable by calling .noArmor() ), so we can simply share the certificate with our contacts.

Let’s actually create an encrypted, signed message. We obviously need our secret key from above, as well as the certificate of our contact Bob.

// get bobs certificatebyte[] bobsCert = ...byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);byte[] encryptedAndSigned = sop.encrypt()        .signWith(key) // sign with our key        .withCert(cert) // encrypt for us, so that we too can decrypt        .withCert(bobsCert) // encrypt for Bob        .plaintext(message)        .getBytes();

Again, by default this message is ASCII armored, so we can simply share it as a String with Bob.

We can decrypt and verify Bobs reply like this:

// Bobs answerbyte[] bobsEncryptedSignedReply = ...ByteArrayAndResult<DecryptionResult> decrypted = sop.decrypt()        .verifyWithCert(bobsCert) // verify bobs signature        .withKey(key) // decrypt with our key        .ciphertext(bobsEncryptedSignedReply)        .toByteArrayAndResult();// Bobs plaintext replybyte[] message = decrypted.getBytes();// List of signature verificationsList<Verification> verifications = decrypted.getResult().getVerifications();

Easy! Signing messages and verifying signed-only messages basically works the same, so I’ll omit examples for it in this post.

As you can see, performing basic OpenPGP operations using the Stateless OpenPGP Protocol is as simple as it gets. And the best part is that the API is defined as an interface, so swapping the backend can simply be done by replacing the SOP object with an implementation from another library. All API usages stay the same.

I want to use this opportunity to encourage YOU the reader: If there is no SOP API available for your language of choice, consider creating one! Take a look at the specification and an API definition like sop-java or the sop Rust crate to get an idea of how to design the API. If you keep your SOP API independent from any backend library it will be easy to swap backends out for another library later in the process.

Let’s make OpenPGP great again! Happy Hacking!

  • Pl chevron_right

    Erlang Solutions: FinTech Matters newsletter | September 2021

    news.movim.eu / PlanetJabber · Friday, 17 September - 11:44 · 4 minutes

Subscribe to receive FinTech Matters and other great content, notifications of events and more to your inbox, we will only send you relevant, high-quality content and you can unsubscribe at any time.

Read on to discover what really matters for tech in financial services right now for the Erlang ecosystem and beyond.

It’s back to school season following what was a disrupted summer for most, but one where the FinTech world has continued to innovate and grow – global investment in H1 reached $98bn (£18bn in the UK) and Revolut raised a funding round of $800m at a valuation of $33bn.

Michael Jaiyeola, FinTech Marketing Lead

[Subscribe now]

The Top Stories Right Now

Study To Investigate The Impact Of Open Source Software On The EU Economy

This detailed report from the EU examines the technological independence, competitiveness and innovation around open source software. The main breakthrough of the study is described as being the ‘identification of open source as a public good’. The value of open source technologies for many modern industries is well recognised but financial services have lagged behind somewhat. It is true that in highly regulated industries the compliance requirements may require some extra work when it comes to open source, but the idea that to be successful you must build using proprietary technology is finally being dispelled. A report at the beginning of the year by ResearchAndMarkets.com forecast The Open Source Service Market to grow by 24 % by 2025.

Communities like those of Erlang and Elixir offer collaboration and information sharing to raise standards for all – it’s not about free software. Where financial services infrastructure leverages open source technology that meets shared requirements then individual companies can focus on adding differential value to their products and services. For FinTech faster innovations while driving down development costs and speed to market is the holy trinity and open source technology enables this in the right use cases where being agile, responsive and scalable will determine competitiveness and success.

Get the report

Solarisbank raises $224M at a $1.65B valuation

Solarisbank, the tech company with a banking license, (whose platform is built using Erlang and Elixir) will use the new funding to acquire Contis and expand API-based embedded banking tech in Europe. Solaris was one of the first to be a fully-fledged bank that offers Banking-as-a-Service which is one of the FinTech segments (along with embedded finance) that has thrived over the pandemic period.

Read more

FCA loses £300k worth of electronic devices

In a do as I say not as I do comedy own goal, the FCA has misplaced a total of 323 electronic devices (estimated worth £310,600) over the past three years, according to a freedom of information request.  The devices are predominantly made up of hundreds of laptops, tablets, desktops and mobile phones reported lost or stolen by FCA employees. Unsurprisingly, this raises questions about data protection standards at the industry regulator.

Read more

Verizon and Mastercard partner to bring 5G capabilities to payments

The strategic aim is to integrate 5G into payments focusing on contactless shopping, checkout automation and Point of Sale (POS) experience solutions. It is stated that this will be achieved by harnessing the latest in IoT technology alongside real-time edge computing.

Read more

More content from us

Kivra – Nordic FinTech case study for digital document sending platform

Memo Bank’s story – How they used Elixir to build a bank from scratch

State of play in FinTech – I take a high-level look at some of the industry trends of 2021 so far

Kim Kardashian’s cryptocurrency Instagram post – the ‘financial promotion with the single biggest audience reach in history’!

When ultra influential influencers meet newly developed tokens, what could possibly go wrong? Well potentially plenty according to the head of the FCA, Charles Randell, who called Ethereum Max (nothing to do with the Ethereum platform) ‘a speculative digital token created a month before by unknown developers’. Read more

One in four UK financial services workers want to work from home full-time

A new survey from Accenture has found 24 per cent of the UK’s 1m financial services workers “would prefer to work entirely from home once a full return to office is possible”. Read more

Klarna joins leading climate change programmes

The Swedish BNPL unicorn is the first FinTech to sign up for The Climate Change Pledge and the Race to Zero campaign . Read more

Erlang Solutions byte size

Did you miss joining our livestream of “What’s Next for Blockchain in Financial Services’ during FinTech Week London? Well, don’t worry you can get exclusive early access to the full video of the panel debate here.

Code BEAM America – Created for developers, by developers, the conference is dedicated to bringing the best minds in the Erlang and Elixir communities together to SHARE. LEARN. INSPIRE. over two days November 4-5

Trifork Group (our parent company) reports revenue growth of 55% in Q2 and 46% in H1 2021. The Q2-2021 Interim Report can be downloaded here. In Q2, Trifork Labs continued its active investment strategy and increased investments in the new Fintech startups Kashet, a new mobile-first challenger bank in Switzerland, as well as in a joint-venture Fintech startup (Money), co-owned by three mid-sized banks. Trifork has entered an integration partnership with Modularbank, a cloud-native core banking as a service solution.

To make sure you don’t miss out on any of our leading FinTech content, events and news, do subscribe for regular updates. We will only send you relevant high-quality content and you can unsubscribe at any time.

Connect with me on LinkedIn

Email: michael.jaiyeola@erlang-solutions.com

The post FinTech Matters newsletter | September 2021 appeared first on Erlang Solutions .

  • Pl chevron_right

    The XMPP Standards Foundation: The XMPP Newsletter August 2021

    news.movim.eu / PlanetJabber · Saturday, 4 September - 22:00 · 8 minutes

Welcome to the XMPP Newsletter covering the month of August 2021.

Many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, especially throughout the current situation, please consider to say thanks or help these projects!

Read this Newsletter via our RSS Feed !

Interested in supporting the Newsletter team? Read more at the bottom.

Other than that - enjoy reading!

Newsletter translations

Translations of the XMPP Newsletter will be released here (with some delay):

Many thanks to the translators and their work! This is a great help to spread the news! Please join them in their work or start over with another language!

Events

XMPP Office Hours - Also, checkout our new YouTube channel !

Berlin XMPP Meetup (remote) : Monthly Meeting of XMPP Enthusiasts in Berlin - always 2nd Wednesday of the month.

Articles

What is project XPORTA? As announced in the April '21 newsletter , the Data Portability and Services Incubator at NGI is sponsoring the XMPP Account Portability project named XPORTA. This month they host an interview with Matthew Wild about how this project came into existence.

The "have your own TelCo based on XMPP" service jmp.chat has a new blog, with a twist, now based on Libervia so based on XMPP, with all the nice blog features that you want (like RSS) and even subscriptions via XMPP (with compatible clients like Movim or Libervia). The post announcing the new blog also covers the new registration flow and billing system. But the previous post is the real jewel, called Adventures in WebRTC: Making Phone Calls from XMPP . It details the journey through WebRTC debugging, multiple clients, NAT, ICE and all monitored through Wireshark. Get a hot or cold beverage to go with this about 70 minutes long read.

In the previous newsletter we mentioned that Debian Linux 11 will soon be launched with updated XMPP software, as this happened in the meantime, server admins are already updating or even setting up new deployments. Such as Nelson from Luxembourg, who published a blog post about setting up a server with ejabberd on Debian 11 Bullseye .

While the Snikket iOS client app was just released, read more below, the behind the scenes development continues. In the latest blog post, Matthew Wild announces that the expert folk at Simply Secure will be performing a usability audit of the current app , as well as conducting usability testing thanks to funding from the OTF’s Usability Lab. The analysis will help to improve the UX of the iOS app and Snikket as a whole.

Missed in last month's issue, the folks at cometchat have blogged about XMPP's history, working architecture, stanzas and features in general in Everything About XMPP - Extensible Messaging & Presence Protocol . If you want a quick technical overview (or need one to show others what XMPP is all about) this ~15 minutes read can bring one up to speed.

"Spaces" are the new XMPP frontier to be explored, and you'd get a glimpse of them in Gajim client news below, but the work is pretty elaborate and ongoing with many people involved. Renga 's (an XMPP client for Haiku) developer pulkomandy has blogged Some random thoughts about XMPP spaces thinking about use cases (family, business, communities) and user interfaces.

Any Turkish speakers reading the newsletter? We don't have a translation yet, but Ged has just published an in-depth blog post about XMPP titled Hangi "Chat" Programı? . In about 40 minutes it takes the reader through the story of the protocol, tells about apps, servers, comparisons with popular apps and privacy.

The March `21 newsletter brought the news that JSXC (the Javascript XMPP Client) got funding to work on group chat calls. This month they report on the work done and explain the current progress that can even be tested.

Finally, how does FaceTime work? They interestingly use the same port (5223) as XMPP does...

Software news

Clients and applications

Gajim 1.4 Preview: Workspaces . The Gajim team has been hard at work in the past months to prepare the next v1.4 release. The upcoming version brings a major interface redesign. In this post, they explain how the new interface works and what remains to be decided or implemented before the release.

Gajim Workspaces (preview)

Libervia progress note 2021-W31 is out with information about Docker integration, the translation portal and the first 0.8.0 beta. It also has plenty of details about the work done on the ActivityPub Gateway project (grant announced in the April '21 newsletter ) with SQL, DBus, PubSub and with new and updated XEPs.

Communiqué is a new XMPP client from the Mellium Co-op team. It was announced this month and presented at the XMPP Office Hours (unfortunately recording did not work out). The source code can be found in the repository .

Communiqué

Monal 5.0.1 is now available for both iOS and macOS bringing mostly corrections and more polish over the previously major release.

JSXC Openfire plugin gets a 4.3.1-1 release , with mostly bug fixes and improvements from the JSXC project.

After so many months of waiting the Snikket iOS app is now publicly released . Snikket server admins can add the app to the invitations pages to have Apple users easily find it. If you are not running Snikket you can still use the app (you can use credentials directly) but do read the blog post to know what you need to add to your Prosody instance (invitations modules) or what limitations you might experience using any other server software.

Snikket on iOS

Servers

Prosody 0.11.10 has been released with a fix for CVE-2021-37601 and some minor changes. Prosody developers recommend server admins to upgrade in order to fix the remote information disclosure issue.

Libraries

The Mellium Dev Communiqué for August includes updates to the Mellium XMPP library as well as the new Communiqué instant messaging client. The biggest updates this month are MAM and ad-hoc commands support! You can read more here.

Extensions and specifications

Developers and other standards experts from around the world collaborate on these extensions, developing new specifications for emerging practices, and refining existing ways of doing things. Proposed by anybody, the particularly successful ones end up as Final or Active - depending on their type - while others are carefully archived as Deferred. This life cycle is described in XEP-0001 , which contains the formal and canonical definitions for the types, states, and processes. Read more about the standards process . Communication around Standards and Extensions happens in the Standards Mailing List ( online archive ).

Proposed

The XEP development process starts by writing up an idea and submitting it to the XMPP Editor. Within two weeks, the Council decides whether to accept this proposal as an Experimental XEP.

  • No XEPs proposed this month.

New

  • Version 0.1.0 of XEP-0460 (Pubsub Caching Hints)
    • Accepted by vote of Council on 2021-07-21. (XEP Editor (jsc))

Deferred

If an experimental XEP is not updated for more than twelve months, it will be moved off Experimental to Deferred. If there is another update, it will put the XEP back onto Experimental.

  • No XEPs deferred this month.

Updated

  • Version 1.21.0 of XEP-0060 (Publish-Subscribe)

    • Revert change from version 1.15.5 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (pep)
  • Version 0.3.0 of XEP-0214 (File Repository and Sharing)

    • Revert change from version 0.2.1 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (rm)
  • Version 0.3.0 of XEP-0248 (PubSub Collection Nodes)

    • Revert change from version 0.2.1 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (rm)
  • Version 0.2.0 of XEP-0283 (Moved)

    • Re-write the flow with a more focused approach. (mw)
  • Version 1.1.0 of XEP-0429 (Special Interests Group End to End Encryption)

    • Add discussion venue after creation by the Infrastructure Team. (mw)
  • Version 1.24.0 of XEP-0001 (XMPP Extension Protocols)

    • Change "Draft" to "Stable". (ssw)

Last Call

Last calls are issued once everyone seems satisfied with the current XEP status. After the Council decides whether the XEP seems ready, the XMPP Editor issues a Last Call for comments. The feedback gathered during the Last Call help improving the XEP before returning it to the Council for advancement to Draft.

  • No Last Call this month.

Stable (formely known as Draft)

Info: The XSF has decided to rename 'Draft' to 'Stable'. Read more about it here.

  • No Stable this month.

Call for Experience

A Call For Experience - like a Last Call, is an explicit call for comments, but in this case it's mostly directed at people who've implemented, and ideally deployed, the specification. The Council then votes to move it to Final.

  • No Call for Experience this month.

Thanks all!

This XMPP Newsletter is produced collaboratively by the XMPP community.

Therefore many thanks to Adrien Bourmault (neox), Anoxinon e.V. community, anubis, Benoît Sibaud, emus, Sam, Licaon_Kter, nicola, seveso, SouL, wurstsalat3000, Ysabeau for their support and help in creation, review and translation!

Spread the news!

Please share the news via other networks:

Find and place job offers in the XMPP job board .

Subscribe to receive the next edition in your inbox

Also check out our RSS Feed !

Help us to build the newsletter

We started drafting in this simple pad in parallel to our efforts in the XSF Github repository . We are always happy to welcome contributors. Do not hesitate to join the discussion in our Comm-Team group chat (MUC) and thereby help us sustain this as a community effort. We really need more support!

You have a project and write about it? Please consider sharing your news or events here, and promote it to a large audience! And even if you can only spend a few minutes of support, these would already be helpful!

Tasks which need to be done on a regular basis are for example:

  • Aggregation of news in the XMPP universe
  • Short formulation of news and events
  • Summary of the monthly communication on extensions (XEP)
  • Review of the newsletter draft
  • Preparation for media images
  • Translations: especially German and Spanish

License

This newsletter is published under CC BY-SA license .

  • Pl chevron_right

    Snikket: Snikket iOS app now publicly released

    news.movim.eu / PlanetJabber · Tuesday, 31 August - 14:00 · 4 minutes

This is the announcement many people have been waiting for since the projectbegan!

Opinions are often strong about which is the best mobile operating system.However, while it varies by region and demographic, wherever you are it’s verylikely that you have Apple users in your life, even if you don’t use oneyourself. We want to ensure that the platform you use (by choice or otherwise)is not a barrier to secure and decentralized communication with the importantpeople in your life.

The lack of a suitable client for iOS was an obstacle to many groups adoptingSnikket and XMPP. For this reason, today’s release of a Snikket app for Apple’siPhone and iPad devices is a significant milestone for the project.

A community effort

It’s a journey that began late last year with the announcement that we wouldbe sponsoring support for group chat encryption in Siskin IM, the open-source iOS XMPP client developed by Tigase .

The Tigase folk have been very supportive of our project, and I’d like toespecially thank Andrzej for his assistance and patience with all my newbieiOS development questions!

There are many other folk who have also helped unlock this achievement. Thisincludes everyone who helped to fund the development work - especially WaqasHussain, the kind folk at jmp.chat and of course absolutelyeveryone who has donated to the project. The majority of donations areanonymous so it’s impossible to thank everyone individually, but the amount ofsupport we’ve received as a project is amazing, and really gives us confidencein achieving even more ambitious milestones in the future.

Funding aside, we couldn’t have refined the app without help from our diligentbeta testers - with particular thanks to Michael DiStefano, Martin Dosch, mimi8999and Nils Thiele for their bug-catching and comprehensive feedback. Everyoneparticipating in the beta programme has helped shape the app we’re releasingtoday.

What happens now?

We’ll be rolling out a Snikket server update shortly that will add a link tothe iOS app from Snikket invitation pages. If you’re eager to make the appavailable to your users before then, you can add the following line to yoursnikket.conf:

SNIKKET_WEB_APPLE_STORE_URL=https://apps.apple.com/us/app/snikket/id1545164189

After saving the file, apply the change with the command docker-compose up -d .

If you are using the Snikket hosting service, you will get anemail soon that explains how to enable the app store link for your instances.

We’re not done yet

This is a big milestone, without a doubt. But we’re not completely done. Theapp is not perfect (yet!) and we’re still working on many things. But webelieve this is no reason not to share it with the world as early as we can.

Push notification compatibility

The first thing to note (especially as many non-Snikket users will also beexcited about a new iOS XMPP client on the scene) is that our primary focushas been on the app working seamlessly with Snikket servers. We’re committedto XMPP interoperability, but time and resources mean we can’t develop andtest every change in pace with every XMPP server.

Although we expect it to generally work, there are some known compatibilityissues currently. Specifically, due to the strict “no background networkconnections” policy for iOS apps, we have needed to adapt push notificationhandling slightly differently to what is supported on most XMPP servers today.The extensions we use are openly published by Tigase ,and we have made available community modules for Prosody ( mod_cloud_notify_encrypted , mod_cloud_notify_priority_tag and mod_cloud_notify_filters ),and discussion has begun onmoving these extensions over to the XMPP Standards Foundation standardsprocess. We welcome help and contributions towards evolving XMPP’s currentpush notification support. If you’re interested, reach out!

Until then, although some backwards-compatibility considerationsare in the app, this means it’s very possible you may experience issues withnotifications on some non-Snikket servers when the app is closed (thoughTigase servers and Prosody servers with the community modules enabled shouldbe fine).

Language support

The app is currently only available in English, which is an unfortunatecontrast from all other Snikket projects which are available in many languagesalready.

Updating the app to support translation of the interface is high on our prioritylist. After this is implemented, we will also be looking for help from translators,so stay tuned for further announcements.

Other work in progress

Other known issues that we are working on:

  • Notifications for OMEMO-encrypted messages show a potentially-confusingmessage about the app lacking OMEMO support. This will be fixed by the sameserver update that adds the app to the Snikket invitation page.
  • Group chat notifications are not yet working. This will also be rolledout as a future server update.

Of course, we will also soon be incorporating feedback from the usabilityaudit and testing sessions when that work iscompleted.


I want to say a final thanks to our entire community for supporting theproject. Snikket has ambitious goals , and the progress we’remaking couldn’t be achieved without all the help and support we’ve received.

Drop us feedback about the app if you try it out, file bug reports and featurerequests to help us withplanning and, if you can, donate to help sustain the developmentof the entire project.

We look forward to welcoming more users to the XMPP network than ever before!

  • Pl chevron_right

    Gajim: Gajim 1.4 Preview: Workspaces

    news.movim.eu / PlanetJabber · Friday, 27 August - 00:00 · 8 minutes

The Gajim team has been hard at work in the past months to prepare the next v1.4 release. The upcoming version brings a major interface redesign. In this post, we explain how the new interface works and what remains to be decided or implemented before the release.

Of course, your feedback is important ! No interface can please everyone, so please react to this post with how this change would impact you positively and negatively, and ideas you have to make it even better before the release.

This blog post is in part based on the Gajim 1.4 UI/UX Preview given by lovetox, a current maintainer of Gajim. So if you prefer the video format, click on that Youtube link or use your favorite Invidious instance to view it with a lightweight, privacy-friendly client. That presentation was given as part of the XMPP Office Hours programme, where you can find other interesting presentations about the Jabber/XMPP ecosystem, or propose your own!

Single-window application

The main change in Gajim’s new release is that, in the current implementation, it becomes a single-window application. We’ve been used for over a decade to have separate windows for the contact list ( roster ) and for chats. This user interface pattern was common with early 2000’s messengers such as MSN and ICQ .

In the upcoming release, we make Gajim a single-window application, where all features are always within your reach. This change is inspired by more recent messengers such as Element , Discord or Mattermost (among others). This is what it looks like so far:

Gajim’s new main window

Gajim’s new main window

Some people feel left out by this new feature and the removal of the multi-window mode, however we hope to reconcile our users’ needs as part of the Gajim project, as explained in the Areas for improvement section of this blog post.

Workspaces

Gajim v1.4 will introduce a new concept: workspaces . Previously, all tabs were considered equal as a flat list within a window. We understand the need to organize some activities into a specific context, but without multiple windows, we organize these activities by workspace.

A workspace is a collection of group chats and private chats, organized client-side. For the moment, this is a non-standard, Gajim-specific feature, but standardization efforts are explained in the Areas for improvement section.

We introduced a new sidebar on the left of the window which allows to navigate your workspaces and accounts. After clicking any workspace, the chat list will be displayed in the sidebar. This chat list, to the right of the workspace list , provides navigation for chats (both group chats and private chats) within the current workspace. The currently focused workspace has a colored bar indicating it’s the current context.

Below the workspace list, the sidebar lists your accounts. Clicking an account will display a page containing the contact list , your avatar, a status selector, and a list of pending notifications. Contacts in the contact list are organized by roster groups, as was already the case in previous versions.

Account context

Each account is attributed a specific color, in addition to its avatar. This color is reused in the chat list , alongside the tab’s avatar so you can see instantly which account of yours is used in a specific chat. When a given chat/account doesn’t have an avatar defined, one is generated from the first character of its displayed name.

Gajim with multiple accounts

Gajim with multiple accounts

When a notification is received within a certain workspace, an indicator with the number of unread messages will be shown on the workspace icon and on the chat.

Organizing your interface

Workspaces can be reordered manually within the sidebar by drag-and-drop. However, these two different types of context are kept separate: the workspaces appear on top of the list, while accounts are listed on the bottom. When there’s too many entries to display, the workspace/chat list becomes scrollable.

Chats can also be moved from one workspace to another, though not via drag and drop: simply right-click a chat and from there the “Move to” menu will move the selected chat to the requested workspace. However, it isn’t possible currently to copy a chat to another workspace; moving an entry to a new workspace will remove it from its previous workspace.

Within a given workspace, chats can be pinned . These stay in place at the top of the workspace’s chat list . Chats which are not pinned are ordered by latest activity. This way you never have to scroll endlessly to find the chat that matters to you. For the moment, pinned tabs cannot be reordered like workspaces, but we plan to implement it.

Try it out and let us know

There’s a lot of upcoming major changes in the next Gajim v1.4 release, so stay tuned to the blog for further information. In the meantime, you can test the new interface by running Gajim from sources using just a few commands. This feature is not published in nightly releases yet because it’s still unstable, so do not use it as a daily-driver yet.

Important: Note that you have to start Gajim with a test profile using gajim -s -p testprofile or launch.py -s -p testprofile in order to preserve your current profile. Migrating back is not possible.

  • git clone https://dev.gajim.org/gajim/gajim && cd gajim to download Gajim’s source into a gajim folder and moving there
  • git checkout mainwindow to browse the development branch with the new UI
  • pip install . to install Gajim’s development version and all dependencies to your python environment, then gajim -s -p testprofile to start
  • alternatively, ./launch.py -s -p testprofile to start Gajim without installing it, in which case dependencies should be manually setup first (for example On Ubuntu )

Feedback is welcome in any form, whether on our issue tracker , in our community chat gajim@conference.gajim.org , or as a blog post on your own website. The main tracking issue for this new user interface is #10628 .

Areas for improvement

In this section, we explain the shortcomings of the current implementation of the workspaces feature, and what could be done to improve it. We are actively looking for ideas on these areas, so if you can afford it, please spend some time to gather your thoughts and help us improve Gajim.

Accessibility

Account context relies on user-supplied colors. However, for accessibility concerns (color-blindness), we would be interested to support other graphical patterns instead of colors. For example, dots and dashes and other visual patterns that are common in graphs and tables. However, unless we get more contributions, it’s unlikely this feature will be released in v1.4.

Internationalization

The main window redesign does not support right-to-left (RTL) languages in a special way yet. The navigation sidebar will be displayed on the left-side of the screen in all cases.

UI customization

Some users have already expressed their anxiousness at the idea of dropping support for multiple windows in Gajim. However, there is technically no barrier preventing us from reimplementing is with our new User Interface. It’s “just” a lot of hard work.

For example, maybe we could have a mode where each account gets its own window that could move around separately? Or focus a space from the main window into its own window? That would be useful when using virtual desktops (sometimes called workspaces, what a coincidence) in your favorite desktop environment.

In addition, we could explore to support multiple sidebars on multiple axis, so that you could decide where to place your accounts list , and divide your workspace list into a top and bottom sidebar.

Only your imagination and contributions to the Gajim project are the limit for the kind of experience we can provide, but it’s very unlikely deeper UI customization will be implemented in time for the v1.4 release. We are a volunteer-run project and cannot afford to spend time to accommodate every single need there is, although contributions are always welcome.

More workspace organization

Currently, pinned tabs in the chat list cannot be reordered in the way that workspaces can be in the workspace list . Would this be useful for you?

Moreover, Gajim’s new workspaces UI currently features a 2-level representation like Mattermost, where any chat only has a single ancestor workspace. The account roster is an exception, because it features a 3rd-level nesting in order to fit roster groups, where each entry is part of a group, which is part of the account workspace context. Maybe workspaces could benefit from this approach in order to represent 3-level hierarchies akin Discord/Element interface.

Also, a chat can currently only be featured in a single workspace, for the sake of simplicity. That’s a fine assumption as long as workspaces are managed by a single user for their needs, but would not play well with sharing workspaces with other users, in which case a chat may appear more than once in the workspace tree.

Standardization and interoperability

As mentioned briefly, we’re considering how our new workspaces feature can be represented server side, so that it can be used by other clients, and maybe even shared across users.

Sharing a workspace with several users, similar to Matrix “spaces” or Discord “servers” could prove very useful for online communities administering a bunch of channels, for example to set space-wide permissions. It could also enable to subscribe to a public workspace maintained by a contact of yours, featuring a bunch of 3rd party group chats on a specific topic.

While there is not yet a specification for such hierarchical organization of chats in the XMPP ecosystem, there was an XMPP Online Sprint last winter studying Discord’s user experience in order to benefit the Jabber/XMPP ecosystem.

More recently, some people have started to gather thoughts that should lead to a specification. There is a work-in-progress document (a pad ) which anyone can edit with feedback, and a spaces@joinjabber.org group chat has been setup to discuss this issue in a cross-project manner. Your ideas and contributions are more than welcome, even if you’re not familiar with the Jabber/XMPP ecosystem. Feedback on how a new specification could be made interoperable with other decentralized networks is very welcome.

Gajim

  • Pl chevron_right

    Snikket: Improving Snikket's usability in collaboration with Simply Secure

    news.movim.eu / PlanetJabber · Monday, 23 August - 10:00 · 4 minutes

One of the primary goals of the Snikket project is improving the usability ofopen communication software. We see usability as one of the major barriers tobroader adoption of modern communication systems based on open standards andfree, libre, open-source software. By removing this barrier, we open the doorof secure and decentralized communication freedom to many vulnerable groupsfor which it was previously inaccessible or impractical.

Simply Secure is a non-profit organization working in user interface (UI)and user experience (UX) design. They specialize in combining human-centereddesign with the complex technical requirements of privacy-first securesystems. Our first introduction to Simply Secure was while contributing to Decentralization Off The Shelf (DOTS) , a unique and valuable projectto document and share successful design patterns across the decentralizedsoftware ecosystem.

Now, thanks to funding from the OTF’s Usability Lab , we’repleased to announce that Simply Secure will be working with us over the comingmonths to identify issues and refine the UX across the project, with a specialfocus on our iOS app.

We’ve made a lot of progress on the Snikket iOS app recently,largely based on valuable feedback from our beta testers, and we are gettingexcitingly close to a general release. However there is still some work to bedone.

The expert folk at Simply Secure will be performing a usability audit of thecurrent app, as well as conducting usability testing , which is the study ofhow people use the app, and what struggles they face while completing specifictasks.

Using information from these analyses the Simply Secure team will assist withproducing wireframes (sketches of what the app’s interface should look like)and actionable advice to improve the UX of the iOS app and Snikket as a whole.You will find information on how to participate later in this post.

What is UX anyway?

The modern UX design movement is a recognition that technology should beaccessible and easy to use for everyone. Good design can assist and empowerpeople, poor design can hinder and even harm people. The need for design goesfar beyond making a user interface look beautiful. Software that is notvisually appealing may affect someone’s enjoyment of an application, but anaesthetically-pleasing interface is not magically user-friendly.

Therefore designing for a good user experience is about more than just makingthe interface look good, it’s about considering how the software fits into aperson’s life, what they need from the software (and what they don’t need) andhow they expect it to behave.

These are tricky things to get right. Every user is different, and a broadrange of input must be taken into consideration as part of a good designprocess.

UX methodologies

There are various ways to gather information useful for making informeddecisions about UX improvements. A common easy and cheap approach is to addmetrics and analytics to an app. This can tell you things like how oftenpeople tap a particular button, or view a particular screen. Developers anddesigners can use this information to learn which features are popular, whichshould be removed, or made more visible.

This approach has drawbacks. Firstly it only tells you what users are doing,it doesn’t tell you why they are doing it, or what they are thinking andfeeling - for example if they are frustrated while looking for a particularfeature or setting. Metrics can tell you that making a button more prominentincreased the click rate, but it won’t tell you if half the users who clickedon the button were expecting it to do something else! This isn’t really goingto give you enough information to improve usability.

Another significant drawback with a focus on metrics is the amount of data theapp must share with the developers. People generally don’t expect apps ontheir device to be quietly informing developers about the time they spend inthe app, what they look at and what buttons they press. Such data collectionmay be made “opt-in”, and there are modern projects such as Prio , workingto bring privacy and anonymity to such data collection through cryptographictechniques.

A wildly different but much more valuable approach is to directly study peoplewhile they use the app - a technique known as “usability testing”. Unlikesilent data collection, usability testing directly pairs individual users orgroups with an expert while they are asked to perform specific tasks withinthe app. Although this requires significantly more time and effort it producesmore detailed and specific insights into the usability of an interface.

Advantages of this kind of study include the ability to listen and learn moredeeply the needs of specific types of users, particularly minorities whoseproblems could easily be drowned out by larger groups of users in a simplestatistics-driven data collection approach. It also allows you to capturepeoples' thought processes, by asking them to explain each step as theycomplete tasks within the app.

Participation and looking forward

We can’t wait to begin our first usability testing facilitated by theexperienced team at Simply Secure, and incorporate their findings intoSnikket’s development.

If you’re interested in taking part, or know someone who would be a good fitfor this project, we’d love to talk to you for 30 minutes to better understandhow to improve Snikket. There will be no invasions of privacy as a result ofthis research. All identifying information will be removed. We will take allnecessary and appropriate precautions to limit any risk of your participation.Anything that we make public about our research will not include anyinformation that will make it possible to identify you. Research records willbe kept in a secure location, and only Simply Secure and Snikket personnelwill have access to them.

Appointment slots are available from 24th August to 3rd September. Toparticipate, registeryour preferred time and date on the calendar here 1 .

Further reading


  1. Google Calendar currently, sorry 😕 ↩︎

  • Pl chevron_right

    JMP: Newsletter: Blog, New Registration, New Billing, New App!

    news.movim.eu / PlanetJabber · Thursday, 19 August - 00:30 · 2 minutes

Hi everyone!

Welcome to the latest edition of your pseudo-monthly JMP update!

In case it's been a while since you checked out JMP, here's a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as in Freedom; Share one number with multiple people.

In case you haven't seen it yet, we now have an XMPP-powered blog! All newsletter updates, as well as other content like technical deep-dives will be published there. If you just want these updates, don't worry, the mailing list isn't going away. You can check out the blog at https://blog.jmp.chat and follow in your RSS reader or compatible Jabber client such as Movim or Libervia.

JMP also has a new registration flow. This flow properly integrates with our new billing system and represents a lot of behind-the-scenes work to our architecture. The most important part of the new billing system is the referral system . That's right, JMP users can now get single-use invite codes to refer users. The new user gets one free month, and if they decide to upgrade to a paid account the original user will get a free month of credit too! XMPP server operators for closed or vetted groups can also contact support to ask that their server be added to an approved list where all Jabber IDs coming from that server will be given a free month, with the resulting credit if they upgrade going to the server operator.

Speaking of our new billing system, many users have been fully migrated to the new architecture which says goodbye to PayPal and hello to automated credit card and Bitcoin deposits, as well as official support for payment by mail or (in Canada) Interac e-Transfer. Payments can also be made in Bitcoin Cash by contacting support. Users on the new system now have a prepaid balance they can top up any time they like, with the option to automatically top-up a low balance with any amount $15 or more from credit card. Deposits over $30 get a 3% bonus added, and deposits over $140 get a 5% bonus. This paves the way for calling minutes over 120 / month (which will soon be available at the rate of $0.0087 / minute) and also international calling at per-minute rates to be announced later this year. Those who prefer to pay the same amount every month or year, as is done with our legacy PayPal system, will need to wait a bit until we integrate that option into the new system.

We've also had a volunteer working with us to prepare some new features for Android users, most notably DTMF (punching in numbers during a call) so that all phone calls can be done from inside Conversations. The code isn't quite ready for upstream yet, but drop by the chatroom if you want to try out a prototype.

As always, if you have any questions, feel free to reply to this email or find us in the group chat per below. We're happy to chat whenever we're available!

To learn what's happening with JMP between emails like this, here are some ways you can find out:

Thanks for reading and have a wonderful rest of your week!

  • Pl chevron_right

    Erlang Solutions: FinTech 2021 State of Play

    news.movim.eu / PlanetJabber · Wednesday, 18 August - 12:00 · 5 minutes

While things have undoubtedly changed considerably for the financial services industry over the past 18 months, the ascendency of FinTech remains quite unabated, with global fintech investment reaching $98bn . In the UK, FinTech investment hit a new record of £18bn in the first half of 2021, placing it second only to the United States, impressive during a time of considerable uncertainty brought on by the pandemic and short term Brexit fallout.

The FS industry has proved extraordinarily resilient and indeed many segments have even thrived during this period, such as FinTechs operating around digital payments and processes.

The overarching trends for the industry are the accelerated digitalisation of banking, adoption of embedded finance (including buy now, pay later) and decentralised finance to further democratise access and opportunity to financial services. In this post, we take a look at these along with some general high-level trends in software engineering in the sector.

Digital payments and eCommerce growth

Disruption and innovation in payments technology is constant; we have been at the cutting edge of real-time payments through our work with Vocalink (a Mastercard company) to build their Immediate Payment System used globally by the likes of The Clearing House in the US and the P27 group in Scandinavia.  A recent Mastercard report found the first quarter of 2020 had a larger shift towards digital payments in 10 weeks than in the preceding five years and that consumers spent nearly $900bn worldwide with online retailers in 2020. Less than a year since contactless limits increased across Europe, Visa has hit one billion additional touch-free transactions, 400 million of which took place in the UK.

In light of this surge in digital payments volume and to better align with customer preferences and capitalise on advances in payments technology, stakeholders such as issuers, networks, payments processors, and merchant acquirers are investing heavily to retool their payments systems. Meanwhile, embedded finance, point-of-sale lending and buy-now-pay-later financing products are reshaping the lending and payments experience to create faster digital options with less friction.

Millennials and Generation Z were already used to managing their financial affairs through digital channels, and they are now joined by many other demographics and late adopters. This means there will not be a significant rollback to the old ways of interacting with financial products, presenting a clear opportunity for innovators within B2C FinTech.

FinTech Software Engineering Trends

Over recent times, leading banks were already modernising as part of a strategy to exit or manage legacy core systems that inhibit faster and more transformative technological innovation; more resources will now be diverted to the strategy. Those slower to embrace genuine digital transformation have been pushed towards modernising with short term fixes that will require permanent solutions.

From our position as specialists in soft real-time distributed backend systems, what has become abundantly clear is that resilience and scalability are not a given for all FinTechs, neither is it good enough as an afterthought. The risk to reputation and trust when problems occur due to system stress can inflict damage that is hard to recover from. Using technologies that have scalability baked in and are highly reliable such as Erlang and those that run on its BEAM virtual machine, may not only help avoid technical debt for startups but may actually save your entire business during unexpected challenges like those of the current moment. Interestingly, a lot can be taken from Erlang’s success in the telecoms industry (having originally been developed at Ericsson) which can be applied to many FinTech use cases – check out this post by our Nordics MD, Erik Schon: How Telcos can help FinTechs succeed.

In successful FinTech stacks, services that are loosely coupled and readily upgradeable are the norm. It’s advisable to not rely on just one software vendor to avoid damaging lock-in. Instead, FinTechs build their own ecosystem of high-performance technology providers that can be added to, upgraded and replaced as required.

On the product side, constant iterations are necessary to stay ahead of the competition. The providers that meet or surpass customer expectations by offering value-added services designed for specific segments are building loyalty and taking market share. Although the clients facing frontend must deliver from a CX and UX perspective, this has to be backed with reliable infrastructure with minimal downtime and other disruptions. Read our summary of Memo Bank’s adoption of Elixir for full-stack development; they have just successfully secured a new funding round of €13 million.

As I previously stated, these trends are not new, they are in fact much followed principles in the software engineering world and in FinTech, but they are proving even more important as guiding principles in the new environment we are working in.

DLT / Blockchain

In terms of media spotlight, cryptocurrency has been the most talked-about part of how monetary models are changing. We have worked with Distributed Ledger Technology (blockchain), the underlying technology of crypto, for quite some time and recognise the potential to offer exciting enterprise solutions in FS. Blockchain network and protocol layers are now widely accepted as robust and stable, ready for innovation to move to the application layer where the real opportunity for differentiation lies. We recently co-hosted this interesting panel debate on blockchain use cases in FS as part of Fintech Week London – Get the recording here.

As the higher stack application layer is more nascent, this is where using developers who are experienced becomes especially valuable to avoid wasting time and resources. The Erlang Solutions team consists of domain experts who have been involved in a wide variety of innovative blockchain projects. We have observed PoCs are increasingly being replaced with deployments to real production systems in FinTech and beyond. While most use cases remain private and permissioned, this is still an encouraging indicator for anyone interested in leveraging the technology.

What’s Next For FinTech

Many of the trends of the last year will remain in the new way in which the financial services industry operates. Digital payments, improved data security and system resilience, and innovation in the use of blockchain and digital assets are not new to FinTech, but now they offer up genuine avenues for solving the real-world problems of today.

The FS industry will need to make permanent some of the learnings of the lockdown periods to create more agile workforces which boost productivity, creativity, and collaboration. FIs will look to increase investment in FinTech to stay competitive, not only in customer facing digital tools but also in the back office space as a means to improve processes and reduce costs. Software engineering has become the core of value creation, and the methods used can significantly influence business results, especially in fast-moving sectors such as FinTech.

Erlang Solutions have over 20 years of experience building critical digital infrastructure that scales to billions of users without downtime. Talk to us about how we can help you develop a future proof system that is faster, easier to maintain, more reliable, and cheaper to run.

To receive our whitepaper report on the Trends In FinTech 2021 please, sign up for our FinTech Matters newsletter here (you can unsubscribe at any time).

The post FinTech 2021 State of Play appeared first on Erlang Solutions .