Modern XMPP project discussion

erebion 20:10:08
Why isn't ATM (https://github.com/olomono/atm?tab=readme-ov-file) used in a lot more clients?
👍 1
erebion 20:10:38
Pub Key verification is sooo annoying :/
erebion 20:11:56
I use four devices, my boyfriend uses three. Then he logs in to a fourth device. Suddenly start reading long hex numbers to each other for a couple minutes.
erebion 20:12:34
This is currently my biggest annoyance and the reason most people reject the idea of using XMPP: It's too annoying to verify keys.
erebion 20:12:53
So I'm really curious why this isn't in, like, every client?! :D
Link Mauve 20:32:21
erebion, no, most people don’t ever verify keys.
erebion 20:33:58
Have you considered that my "most people" does not fully overlap with your "most people"?
Link Mauve 20:36:07
I was talking about most people, not people around you that I don’t know.
Zash 20:40:47
Consider upvoting or filing feature requests in clients. Client devs may be more likely to implement it if they see that there is demand.
Kris 21:02:11
> Why isn't ATM (https://github.com/olomono/atm?tab=readme-ov-file) used in a lot more clients? because if you outsource device verification like that you might as well not do it at all. ↺
lovetox 21:12:13
yeah .. its like, if your threat model is really that you believe that somebody intercepts your communication, why would you trust some automatic key verify thingy
lovetox 21:12:38
and if thats not your threatmodel, why do you not simply use blind trust which most clients support.
mathieui 21:20:45
~~Kris, I would disagreee, cross-signing/cross-approving keys is a useful feature that can significantly the friction of using E2EE securely~~ ✎
mathieui 21:21:02
Kris, I would disagreee, cross-signing/cross-approving keys is a useful feature that can significantly reduce the friction of using E2EE securely ✏
lovetox 21:21:18
but it does only reduce the friction if someone decides for themself they want friction and disable blind trust
mathieui 21:21:58
I said securely
mathieui 21:22:16
I do agree with Link Mauve in that most users will never ever try to verify a key
mathieui 21:22:33
but that does not mean we should give up any way to make the serious route less painful
Kris 21:23:06
like in some limited ways it is more secure than trust-on-first-use, and in some other ways it is less secure. And overall it just doesn't seem worth it IMHO
lovetox 21:24:07
i think the problem is blind trust before verification
lovetox 21:24:35
some users use blind trust, then they think at a later point, lets verify some device, scan some qr codes, hey fun
lovetox 21:25:00
but now the device thinks you are serious about encryption, suddenly the next device will not be trusted blindly anymore because you verified manually before
mathieui 21:25:59
lovetox, that is a case that some (client-side) automated device management could help with
lovetox 21:26:57
yes, im not arguing its useless, it just mostly hits the nerds, and they can endure a bit of pain :D
lovetox 21:27:35
nah im half joking, but thats kind of the cost/benefit thoughts i have on this
lovetox 21:28:13
like on my list are always 10 more features that will have immense more impact
Kris 21:30:56
indeed, if someone wants to touch rather complex e2ee stuff, updating a client to support OMEMO 0.8.x would bring much more benefits than this convenience feature of dubious benefit.
Kris 21:31:35
or adding MLS for group chats
MattJ 22:57:03
erebion: out of curiosity, you say "this is the reason most people reject the idea of using XMPP" - what do those people use instead?
MattJ 22:58:32
I can only think of Signal or Matrix. Signal uses manual verification of keys (or rather, "safety numbers"), and Matrix... I'm always hearing complaints about their E2EE verification prompts and stuff (and it has introduced security issues for them)
MattJ 22:58:50
So I'd love to hear more if I'm missing something
erebion 23:02:54
Matrix and Signal, yes
erebion 23:03:11
With exactly that as their reason
erebion 23:12:14
E2EE in Matrix is buggy, but cross signing is not really painful, at least not as much as having m * n key verifications done. 1 verification can in most cases be a lot less than m * n.
erebion 23:14:17
I can talk to my boyfriend using Matrix, Signal and XMPP. We disliked the first two, for various reasons, now we settled on thr latter. We had this many verifications: 1 - Matrix 1 - Signal 12 - XMPP I use every one of those on 4 device, my boyfriend uses them on 3 devices.
erebion 23:16:30
Matrix cross-signs keys, so that after verifying once, others know what keys to trust. Signal does something similar, coupled with the process of adding another device by scanning a QR code.
erebion 23:21:19
Oh and I forgot I even have to verify my own OMEMO keys. If my tired sleepy brain did not miscalculate, that's 37 key verifications, just so that I can talk to my boyfriend.
erebion 23:21:58
He even says we should not log in on more devices as that is too annoying.
Squeaky Latex Folf 23:25:07
I just tested Dino and Gajim with the Orca screen reader and the result is that both are almost completely unusable
Squeaky Latex Folf 23:25:39
I almost just want to write my own XMPP client. QXmpp looks really neat.
Squeaky Latex Folf 23:26:10
~~But I prefer Rust over C++, but xmpp-rs seems less mature. And I love Qt.~~ ✎
Squeaky Latex Folf 23:26:29
But I prefer Rust over C++, but xmpp-rs seems less mature. And I love the way Qt looks and feels. ✏
Kris 23:38:51
does Signal even support multiple real devices?
Kris 23:39:28
afaik they only do some hack for "linked" devices for the desktop app
Kris 23:40:14
Squeaky Latex Folf, you tried Kaidan?
Squeaky Latex Folf 23:40:34
Kind of. It looks too much WhatsApp-like
Squeaky Latex Folf 23:40:47
I prefer a more QtWidgets-like look
Kris 23:40:51
but does it work with a screenreader?
Squeaky Latex Folf 23:40:57
Haven't tried yet
Kris 23:41:37
afaik the Kirigami toolkit that Kaidan uses has gotten some specific efforts for accessibility
Kris 23:41:44
but I might misremember