close
  • Be chevron_right

    Year of the OX: OpenPGP for XMPP

    debacle · pubsub.movim.eu / berlin-xmpp-meetup · Monday, 1 February - 02:02 edit

In February 2021, this month, starts the year of the ox. At Berlin XMPP meetup, we will celebrate the new year with an introductionary talk about "XEP-0373: OpenPGP for XMPP" and "XEP-0374: OpenPGP for XMPP Instant Messaging" and the panel of experts:

  • DebXWoody (implementor of OX in Profanity)
  • defanor (implementor of OX in rexmpp)
  • Florian (co-author of the OX standards)
  • lovetox (implementor of OX for Gajim)
  • Paul (implementor of OX in Smack)

When? Wednesday, 2021-02-10 18:00 CET (always 2ⁿᵈ Wednesday of every month)

Where? Online, via our MUC (xmpp:berlin-meetup@conference.conversations.im?join). A Jitsi video conference will be announced there.

See you then!

#yearoftheox #openpgp #xmpp #ox #jabber #encryption #e2ee #privacy #omemo #🐂️ #berlin #meetup #community #profanity #rexmpp #gajim #smack

  • favorite

    3 Like

    DebXWoody , ed00 , Holger Weiß

  • Hi chevron_right

    Movim: alternativa a Facebook

    adb · pubsub.movim.eu / hispanos · Sunday, 31 January - 07:12 edit

Movim es una red social y chat parecida a #Facebook pero #libre, descentralizada, con soporte para comunidades, foros, blogs/páginas, grupos de chats integrados con las salas de #XMPP / #Jabber, stickers, gif animados, bolita verde para saber quien está online, saber quien está escribiendo, reaccionar a los mensajes con cualquier emoji, también puedes encontrar contenido adulto, memes, puedes usar apps como blabber.im para chatear, puente entre tu cuenta de #Movim y #Telegram, #Discord, #Slack, #RocketChat, etc.

Lee el artículo completo aquí: https://writefreely.public.cat//adbenitez/movim-alternativa-a-facebook

  • favorite

    5 Like

    Echedey López Romero , kike63 , Juan Roberto , Omar , Ivan Agosto

  • chevron_right

    How to choose you Jabber service?

    debacle · Sunday, 24 January - 01:38 edit · 1 minute

Aren't we all envious of users of #Whatsapp, #Signal, #Telegram or #Threema? The choice of service is easy for them. There is none! Happy users!

Instead we use #Jabber or #XMPP, because we love self-hosting, don't we? Well, it is important to have the option to self-host, but in most cases it is not the best option to actually do it. So we need to select a server, based on our priorities.

I suggest to look out for:

  1. More than one admin? A single admin might be in holidays, when you need them most. Or they outburns and closes the service on short notice. Beware of the lorry factor.
  2. Sound financial base? If you pay for the service, you have a higher chance, that the service is here to stay. A service based on donations might work as good as a commercial one.
  3. Good uptime history?Here is some limited informtion about it. Also, the longer a service exists, the longer it will survive, because of the Lindy effect.
  4. Good #LTS grade? Use only A grade servers from the IM Observatory.
  5. Acceptable data privacy statement? IANAL, but you know, #GDPR and so on...
  6. High XMPP compliance? This XMPP Compliance Tester lists many servers.
  7. Cool domain name? and other details like how much server space you have for sharing cat content, how long messages are archived, whether an .onion domain is available, or transports (gateways) to #IRC or other networks are provided.

Useful lists of servers can also be found on Freie Messenger and JabberEs.

  • favorite

    10 Like

    ericbuijs , Timothée Jaussoin , DebXWoody , Yannv , Xabi , Minh Le , Holger Weiß , melmc , melmc , purplesun

  • Ar chevron_right

    Wormable code-execution flaw in Cisco Jabber has a severity rating of 9.9 out of 10

    news.movim.eu / ArsTechnica · Friday, 11 December - 12:43

Wormable code-execution flaw in Cisco Jabber has a severity rating of 9.9 out of 10

Enlarge (credit: Getty Images)

Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for attackers to execute malicious code that would spread from computer to computer with no user interaction required. Again.

The vulnerability, which was first disclosed in September , was the result of several flaws discovered by researchers at security firm Watchcom Security. First, the app failed to properly filter potentially malicious elements contained in user-sent messages. The filter was based on an incomplete blocklist that could be bypassed using a programming attribute known as onanimationstart.

Messages that contained the attribute passed directly to DOM of an embedded browser. Because the browser was based on the Chromium Embedded Framework, it would execute any scripts that made it through the filter.

Read 5 remaining paragraphs | Comments

index?i=y71rUZYs6Uk:pzpc1Qm4qVA:V_sGLiPBpWUindex?i=y71rUZYs6Uk:pzpc1Qm4qVA:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA