-
thrivi
Any word if gajim will replace pidgin in tails os?
-
umu
its replaceing soon
-
Lightning Bjornsson (they, he, xe/hir)
cite?
-
umu
wym
-
umu
https://walla.rneetup.com:5281/file_share/e8d41157-1712-4f88-92b1-6445e5f33d0b/saa.mp4
-
Lightning Bjornsson (they, he, xe/hir)
This file is not responsive to my question.
-
umu
he's literally me rn
-
Lightning Bjornsson (they, he, xe/hir)
I'm asking whither you found word of Gajim superseding Pidgin in TAILS.
-
umu
ooooooooooooo
-
umu
https://gajim-devel.gajim.narkive.com/rjDdaxtH/gajim-with-tails
-
umu
https://tails.net/doc/persistent_storage/configure/index.en.html#dotfiles
-
thrivi
from 6 years ago lol bruh i know how to install and use it just wondering if it was
-
umu
i feel u bro
-
Lightning Bjornsson (they, he, xe/hir)
literally just link the fucking article
-
umu
its right here wymmm
-
thrivi
gonna replace pidgin as i don't even think pidgin is updated much
-
thrivi
with all these new cves everywhere it looks like they should switch
-
umu
oh
-
umu
pidgin is good
-
umu
afaik
-
thrivi
not even
-
thrivi
no omemo
-
umu
ohhhhhhhhhhh
-
umu
so you want to enable omemo on pidgin?
-
thrivi
plus gajim is da best
-
umu
i mean
-
umu
thats true
-
umu
ye
-
umu
tbh
-
umu
i'd do flatpak install --user on tails
-
umu
that way everything goes 2 ur .dotfiles
-
umu
and use persistent storage inside of tails if ur using it
-
thrivi
maybe profanity more but most people are gonna adapt to cli
-
umu
flatpak stores everyhting in .dotfolders
-
umu
usually
-
umu
69.99% of the time
-
umu
profanity is okayyyy
-
umu
tbh pidgin is better
-
umu
pidgin 3 soon
-
umu
its gonna be awesome
-
thrivi
> umu: i'd do flatpak install --user on tails why flatpack when you can just create an persistence.conf entry or copy over the files to dotfile already
-
umu
https://developer.pidgin.im/wiki/Roadmap3.0.0
-
umu
hell ye
-
umu
that could work
-
thrivi
could it does
-
umu
not 100%
-
thrivi
and install from bookworm branch
-
umu
https://developer.pidgin.im/wiki/GSoC2009/PrivacyRewrite/protocol_specific
-
umu
look @ this
-
umu
pidgin has some privacy enhancing features
-
umu
Privacy features are handled by XMPP extension XEP-0016, but it has been deemed too complex for implementation. Other extensions like Simple Communications Blocking, XEP-0191 has at least partially been implemented recently in Pidgin. For invisibility XEP-0186 has come to be the most favoured extension that doesn’t break the core XMPP rules, but I am not sure if Pidgin developers want to implement it just yet.
-
umu
idk
-
umu
why use tails at all
-
umu
if ur gonna use gajim
-
thrivi
u trolling mate
-
umu
how ru connecting to xmpp servers?
-
thrivi
again trolling or what
-
umu
im just askinggg
-
umu
im not trying to troll u
-
thrivi
what u mean how to connect
-
umu
like
-
thrivi
torsocks
-
umu
when ur on tails
-
umu
o
-
umu
so tails like
-
thrivi
unlike lots of irc rooms xmpp doesn't seem to block tor
-
umu
only allows apps thru loopback?
-
umu
oooooooooooooo
-
umu
what xmpp server do you use?
-
thrivi
and supports onions
-
thrivi
> umu: what xmpp server do you use? i'm not liberty to say unless with a lawyer present
-
thrivi
https://www.youtube.com/watch?v=nFZm4sVsPXk
-
thrivi
do you have a oneplus by any chance
-
umu
yeah i got one
-
umu
how did you know?
-
umu
loll
-
umu
its crazy how poplar my phone is
-
umu
can u run gajim on it?
-
thrivi
lol you should go over to digdeeper chat and give them a warm welcome as some schizo troll was trying to destroy any kind of discussion by accusing every person that entered the room to be "oneplus person"
-
thrivi
a few hours ago
-
thrivi
> umu: can u run gajim on it? idk but you should look up what the best vpn is to use with it is haha
-
umu
wow
-
umu
oh yeah can you tell them to unban me from the digdeeper muc
-
umu
i cant join right now for some reason
-
thrivi
lol
-
thrivi
only you know what to do
-
umu
no i dont lol
-
umu
did u tell them to use gajim
-
thrivi
no, i just watched the mentaloutlaw video it sucked he never mentioned using a oneplus wit gajim
-
umu
did he tell ppl to use gajim?
-
thrivi
yeah and pointed to some shite guide telling to use synaptic
-
umu
yeee should've told them to use flatpak imo
-
umu
(shameless flatpak shilling)
-
umu
the only problem with flatpak is it doesnt work well for proprietary meta installers
-
thrivi
well anyway i guess thanks not really helping with if there was any news about gajim being officially added
-
umu
wym officially added
-
umu
isnt tails debian?
-
thrivi
gonne go try to tinker with my oneplus hopefully get gajim working (fingers crossed)
-
thrivi
> umu: wym officially added they want to replace pidgin with dino or gajim look it up
-
thrivi
cya hopefully this vpn works on the oneplus rob braxman said it should
-
umu
idgi
-
umu
who are all these people
-
nicoco
> nicoco: there is a gtk3 icons browser. We use symbolic versions of those. If this set is not satisfactory, we search within the "feather" iconset, and add the ones we like. Note that thise need to be special-treated if added as png (to support light/dark mode), there is a gtk tool to convert those icons. Thanks for the tip. I have used gtk-icon-browser but I guess it's poorly configured on my machine because I have a very limited set of icons in there, eg, definitely no "phone-symbolic" icon. (I have "phone-symbolic", but provided by the breeze icon set, and not visible in gtk3-icon-browser)
-
kurion
is it possible to set a hardcoded proxy in `gajim.common.config.py`?
-
kurion
or should I do it in `gajim.common.setting_values.py` ?
-
nicoco
cal0pteryx, there seems to be no "robot" or "computer chip" icons in the feather… I found this: https://lucide.dev/icons/bot and I think the license is acceptable too? How does it work to have the stroke color change depending on dark/light theme? What attributes, style, whatever do I have to add to the code?✎ -
nicoco
cal0pteryx, there seems to be no "robot" or "computer chip" icons in the feather… I found this: https://lucide.dev/icons/bot and I think the license is acceptable too? How does it work to have the stroke color change depending on dark/light theme? What attributes, style, whatever do I have to add to the svg code? ✏
-
cal0pteryx
nicoco: there is a wiki page about icon sets, I think this one is mentioned there as well. I think I just converted it to "paths"
-
nicoco
Oh OK thanks. Found out that appending `-symbolic` to the name does things… but not exactly what I wanted
-
nicoco
https://upload.slidge.im:5281/file_share/ENg-AsODanW_VU2DnXfFMJH2/Screenshot_20231005_111032.png
-
nicoco
filled the rect with white instead of changing the stroke color, but I'll find out how this works.
-
cal0pteryx
Sorry I can't give you better directions atm :)
-
cal0pteryx
nicoco: https://dev.gajim.org/gajim/gajim/-/wikis/Icon-Resources
-
nicoco
Thanks! I had found it, but I'm still trying to understand what needs to be changed in the svg for the stroke to be white when theme is dark.
-
cal0pteryx
Inkscape select all > convert to path (or something like that)
-
cal0pteryx
nicoco: I found the PNG instructions and added them here https://dev.gajim.org/gajim/gajim/-/wikis/Icon-Resources
-
cal0pteryx
Not sure if we really need pngs though
-
nicoco
I think we do, since for instance if I try with feather-server-symbolic the theme is respected, but that's because there are PNGs. It does not feel right to have both SVG and PNG versions of icons in the repo though, looks like something that should be autogenerated on releases, doesn't it?
-
nicoco
hummm, apparently there are specs for what a svg needs to be considered "symbolic", so that's probably what we need. Maybe generating all the PNGs would be good for gajim's snappiness too. Displaying a PNG is theoretically faster than rendering a SVG. I wonder if it's noticeable
-
nicoco
oh well, the GTK3 docs https://docs.gtk.org/gtk3/method.IconInfo.load_symbolic.html points to a 404 https://www.freedesktop.org/wiki/SymbolicIcons
-
agh
> I think we do, since for instance if I try with feather-server-symbolic the theme is respected, but that's because there are PNGs. It does not feel right to have both SVG and PNG versions of icons in the repo though, looks like something that should be autogenerated on releases, doesn't it? Makes sense. ↺
-
kurion
Hello. What happens If I don't use the system keyring to store passwords?✎ -
kurion
Hello. What happens if I don't use the system keyring to store passwords? ✏
-
lovetox
then its saved on your harddrive
-
lovetox
not encrypted
-
umu
😵
-
fjklp
hashed?
-
hannibal
No, as password is needed in plaintext when connecting to server
-
fjklp
oh yeah, how did I forget that
-
Link Mauve
Actually no, if the server supports SCRAM (most do) you can pre-hash it.
-
Link Mauve
It only helps against knowing the original password, because said pre-hash works just as well as the password itself to connect.
-
Link Mauve
But almost no client stores it that way, perhaps because it’s only a small attack surface it’s covering.
-
kurion
> then its saved on your harddrive oh no!
-
kurion
the passwords being saved on the hardrive, does it imply that simply copying the data, cache and config folders of Gajim to a different OS will not work ?✎ -
kurion
the passwords being saved with the system keyring, does it imply that simply copying the data, cache and config folders of Gajim to a different OS will not work ? ✏
-
kurion
since the keyring is dependent on current system
-
Link Mauve
Yes, you also have to copy over whichever keyring you picked.
-
fjklp
are we assuming that the user login password is known to the data copier? I believe that is how keyrings are unlocked✎ -
fjklp
are we assuming that the user login password is known to the data copier? I believe that is how keyrings are unlocked. Actually I don't know exactly how it works. ✏
-
kurion
I'm on Gnome.✎ -
kurion
I'm on Gnome. and wanted to see what data is stored in my system keyring.✎ ✏ -
kurion
I'm on Gnome. and wanted to see what data is stored on my system keyring. ✏
-
Link Mauve
kurion, you can use Seahorse for that.
-
kurion
yup , just opened it
-
kurion
and seemingly without any authentication I can see the passwords for my gajim account.
-
kurion
well, any non-root user should be able to see his keyring any way
-
Link Mauve
You(r distribution) probably configured the store to be unlocked with your session.
-
kurion
I'm wondering what is a more _portable_ way of storing a password (preferably hashed) for an application
-
lovetox
dont overthink this
-
Link Mauve
kurion, the one I mentioned before, storing the SCRAM pre-hash anywhere you want.
-
lovetox
if you need portable simply dont use a keyring
-
lovetox
hashing the password brings you nothing
-
kurion
> You(r distribution) probably configured the store to be unlocked with your session. in that case, not the best thing, I guess.✎ -
lovetox
if someone gets the hash he can log into your account
-
Link Mauve
It gives the same access to your account as your password, but isn’t directly readable by someone with access to your home directory.
-
kurion
> You(r distribution) probably configured the store to be unlocked with your session. in that case, not the best thing, I guess. btw, liked how you formatted the msg ✏
-
Link Mauve
kurion, that already protects it against an attacker when you aren’t logged in.
-
kurion
Link Mauve: hm. I get it.
-
kurion
Link Mauve: The SCRAM hash idea looks better than storing the plain text.✎ -
kurion
Link Mauve: The SCRAM hash idea looks better than storing a password in plain text. ✏
-
Link Mauve
There is no perfect solution, your client needs to have access to either the plaintext password or the SCRAM pre-hash whenever it needs to connect.
-
Link Mauve
And most people would get annoyed very quickly if Gajim would start asking them their password again every time they suspend or lose connection for any reason.
-
Link Mauve
(But you can configure it that way.)
-
kurion
hmm, it is what it is and it isn't what it isn't. -_-
-
kurion
a somewhat off-topic question: suppose one stores his passwords, accounts and contacts etc in a sqlite3 db. And deletes some of them using buttons in the UI, essentially running simple `DELETE` queries. How recoverable are these _deleted_ data using forensic methods compared to recovering deleted files from file systems?
-
kurion
just playing with the idea,✎ - kurion
-
kurion
just playing with the idea ✏
-
Link Mauve
kurion, pretty easy I think, you can play with that and the strings command for instance.
-
kurion
Link Mauve: Oh, totally forgot about this gem of a command due to no usage for a long time. Thanks a lot
-
Link Mauve
Also remember that due to how SSD work, the previous data is usually still available even if no trace is left on the filesystem.
-
kurion
Link Mauve: o_O , how's that? could you please give some pointers or good search terms to dig deeper?
-
Link Mauve
I don’t have anything readily available, but basically when writing to a SSD in order to avoid wearing out specific cells by overwriting them all the time, there are more cells than advertised and the firmware will decide where a write will happen, but that leaves the previous version available in some unused cell.
-
lissine
What does Gajim exactly do when I leave a channel?
-
lissine
I noticed that when I do that, all my other clients also leave the channel. But I just found out that the bookmark isn't removed from Conversations client.
-
Link Mauve
lissine, it sends a presence unavailable, and removes the autojoin flag in the bookmark.
-
lissine
So the bookmark isn't deleted
-
Link Mauve
You might want to join the room again, in which case the bookmark will be helpful.
-
fjklp
> and seemingly without any authentication I can see the passwords for my gajim account. it's unlocked when you login to your user session
-
fjklp
the options I can think of for being portable and secure are to either change the password for the keyring that stores the passwords or to enable keepassxc integration (I haven't done this)
-
fjklp
https://dev.gajim.org/gajim/gajim/-/wikis/KeepassXC✎ -
fjklp
kurion: https://dev.gajim.org/gajim/gajim/-/wikis/KeepassXC ✏