Gajim - 2014-05-27


  1. pvtlth I have a security issue with Gajim! How do I tell Gajim to use the gnome keyring instead of storing passwords in plantext? I just found my passwords in /home/user/.config/gajim/config and I am not amused about this fact
  2. pvtlth I have the gnome-keyring package installed. Am I missing a python thingie?
  3. Link Mauve In Help > Features, look at the packages it suggests.
  4. pvtlth Thanks
  5. pvtlth And now how does Gajim deal with that? Do I have to tell it to secure my login data or does it do this by itself?
  6. pvtlth Restarting Gajim helped. It asked for a password and now all I can find in the config file is this: "accounts.jappix.com.password = <kwallet>" Thanks a lot, Link Mauve
  7. Link Mauve :)
  8. pvtlth See you
  9. Link Mauve By default it will select the best keyring possible.
  10. Link Mauve Plain text storage is the lowest one, once everything else has been tried.
  11. Link Mauve Hmm, Jingle audio/video is totally broken here, the description sent is empty: <description xmlns="urn:xmpp:jingle:apps:rtp:1" media="video" />
  12. Link Mauve It’s like it doesn’t support any codec.
  13. Link Mauve Any way I could debug that?
  14. Link Mauve In the console, I get jack errors (since I don’t use jack) and at launch, “** Message: pygobject_register_sinkfunc is deprecated (GstObject)”.
  15. Link Mauve But being deprecated means it’s still here.
  16. Link Mauve xmt, you had a Gstreamer 1.0 branch, right? Did it work better than the 0.10 one?
  17. Link Mauve Last time with you it worked fine. :/
  18. Link Mauve Even though I was in 0.16 too.
  19. xmt I never got around to making gajim and gstreamer 1.0 work.
  20. Link Mauve Ok.
  21. Link Mauve Maybe it was Asterix then, but he disappeared. :(
  22. Link Mauve Last time I saw him was 22 days ago. :(
  23. Link Mauve How can I disable 198 in the preferences?
  24. Link Mauve It doesn’t seem to be in the ACE.
  25. pvtlth Has Darlan been seen here lately?
  26. Link Mauve Last time I saw him was five days ago.
  27. pvtlth You keep track of everyone, don't you?
  28. pvtlth I was just wondering if he was still alive. Haven't seen him for quite a while
  29. Link Mauve I just grep the logs for requests. ^^
  30. pvtlth Would be a nice job for a bot, too :D By the way, there used to be a bot in this room...
  31. Link Mauve He left with Asterix, I guess.
  32. Link Mauve It was an iSida.
  33. Link Mauve I have bot ancestors, it’s not the first time I get called bot. :D
  34. pvtlth I have no clue about bot related stuff.
  35. Link Mauve Me neither, I just know its name.
  36. pvtlth ok well
  37. pvtlth I have read something technical about OTR encryption. It said it is possible to encrypt file transfer in some way. Does Gajim's OTR plugin support that?
  38. pvtlth That's a clear "dunno"
  39. Link Mauve I doubt it.
  40. Link Mauve Gajim already encrypts file transfers using Jingle XTLS.
  41. Link Mauve Of course, the other clients needs to support that too.
  42. pvtlth Well, that's sad
  43. pvtlth I'm safe when I manually encrypt files and send them after that, I guess
  44. pvtlth Manually encryption is the way to go for paranoid people like me
  45. Link Mauve Yup, OpenPGP ftw!
  46. Link Mauve Although that way you won’t get forward secrecy or plausible denial.
  47. pvtlth I do prefer GPG, but yeah
  48. Link Mauve I said OpenPGP, but what I meant was the protocol, I too use GPG.
  49. pvtlth But if I use symmetric encryption...
  50. pvtlth gpg -c --cipher-algo=twofish -a <filename>
  51. pvtlth Is there something like TLS which doesn't use AES?
  52. Link Mauve XTLS is quite nice btw, it’s implemented in Gajim 0.16.
  53. pvtlth I am on 0.15.4 still
  54. Link Mauve TLS isn’t restricted to AES, you can choose your ciphers.
  55. Link Mauve The new hotness is ECDHE I think.
  56. pvtlth I didn't know that, how do I force twofish or serpent?
  57. pvtlth ecdhe is great btw
  58. Link Mauve I have no idea how to set that in Gajim, I doubt it is exposed to the user.
  59. pvtlth Let's ask the search engine of choice
  60. Link Mauve grep? ^^
  61. pvtlth internet | grep TLS in a linux console or what do u mean ^^
  62. Link Mauve I thought you would search in Gajim’s source code. ^^
  63. pvtlth My question is about TLS in general. And I found this: openssl ciphers -V
  64. pvtlth And there is nothing about an algo that I consider trustworthy enough
  65. pvtlth Let me ask the other way round. Is there a trustworthy twofish library for python?
  66. Link Mauve pvtlth, pure python?
  67. Link Mauve If not, you can take any C implementation and wrap it.
  68. pvtlth maybe?
  69. Link Mauve I would use cython for that task, it makes it dead simple.
  70. pvtlth I don't know how to deal with c in py
  71. Link Mauve Cython is a great way, you give the header to xdress, it will generate you a pxd, and then you can write python code using the C functions.
  72. pvtlth I have no clue what you are trying to tell me
  73. Link Mauve The easiest way to wrap a C library to use it in Python.
  74. pvtlth I don't know c, so... I would be happy with a gpg for python which supports symmetric ciphers and which might be overkill
  75. Link Mauve What I was trying to tell you is that you don’t need to know C, only how to use the C library’s API (which is called the header).
  76. pvtlth So I can use c functions in python if I know how they work
  77. Link Mauve Yes.
  78. pvtlth Here https://www.schneier.com/twofish-products.html I found this http://sourceforge.net/projects/twofish-py/ which might do the job
  79. pvtlth which wasn't maintained for ages
  80. pvtlth which might not be the way to go
  81. pvtlth Anyway, on this side of the planet it is late. See you!
  82. Link Mauve It seems quite fine actually.