Gajim - 2024-11-12

Hi everyone, it is possible to whisper in a XMPP channel with Gajim ?

Djan: double click any participant?

In the participants list on the right

thanks it was just too simple for me :)

Well, I would expect avatar right click > Send PM would be available, maybe we have to add that

“22:21:04 meson> Or maybe not, there also ones with 40 ms. We should find a way to get the duration in order not to play too fast or slow”, no, all three of GIF, WebP and APNG specify the duration of each frame separately, you must respect that field instead of guessing.

Ah sorry, you found out right afterwards.

I have "Preview all Image URLs" enabled, but that does not happen with JMP SMS pictures I get. I just see the URL and have to open it in the browser. Is there anything I can do about that?

They all end in .jpg to be clear.

hmm you would need to catch that in the View -> Debug -> Console

and show us the stanza

> and show us the stanza Forgive me I'm unfamiliar with this, what should I be looking for in the console? ↺

There's nothing in the log view that corresponds to the time I got the image. The protocol view doesn't go back far enough

Hmm a re-test and it worked correctly. Odd

Hello. Does anyone know a fix to Inactive OMEMO key? I dual boot so they never see each other online, and gajim decided to just deactivate the key. I manually trusted the keys on both sides, and it worked for sometime, then stopped after period of inactivity on one of the OSes.

they dont need to be online at the same time

but you need to write a message from time to time from every device

on what Gajim version are you?

1.9.5

I am online from time to time and it didn't help, do I need to send myself a message?

because I usually am in a MUC

(also I have no problem with Conversations on phone seeing both) ✏

no just a message to anyone

i think the limit is 2000 messages

limit to what? like if it didn't see a message for 2000 messages? ✏

yes

that can't be it, because I definitely talked in the same MUC on both clients

it would be great if it never deactivated keys, Conversations never had this issue with my other clients/resources suddenly stopping encrypting

especially manually trusted keys

hm maybe describe exactly what issue you see

Okay, sorry if I am not specific enough. The issue is the following: I dual boot Linux and Windows. I don't use Windows much (just gaming), and at some point my Linux Gajim stopped encrypting for my Windows Gajim. All I see is the "This message wasn't encrypted for OMEMO..." or whatever. Funnily the Linux Gajim _can_ see Windows messages I wrote. I also use Conversations on Android phone, and that sees both and is seen, so both Gajims encrypt for it, and vice versa.

The problem with this is obviously that I lose context when booting to Windows. I can see everyone's messages in the MUC except my own (written on Linux). ✏

but that very much sounds like the 2000 message limit

I checked the Accounts -> OMEMO and the shield gray, "Inactive".

this counts for all messages to all contacts you write

not just in one muc

Can you explain to me why this limit is necessary and is it possible to disable it? ✏

complicated, short story is that that OMEMO has a feature that prevents people from decrypting your old messages even if they steal your private key

but this is circumvented, when there is a device only listening and never sending a message, if you still the private key of that device, it can decrypt everything since its last message

thats why we deactivate the devices after a certain limit

anyway 2000 might be to low, its probably better to use a time instead, like 3 months or something like that

there is no way to deactivate it except for in the code

but this would be possible on your linux device

it would be nice for users to able to alter this. I manually trusted the key, if I stop using a device I manually revoke it. So it'd be cool if I could either on manual trust, or as separate thing disable this.

> anyway 2000 might be to low, its probably better to use a time instead, like 3 months or something like that I think Conversations uses 42 days, but a longer time should be better

is this `unacknowledged_count` in session_manager of OMEMO plugin?

there is no plugin anymore, but path is common/modules/omemo.py

and yes thats the var

I see thanks, I was looking at a omemo-dr library, not plugin. My bad.

no the var is set in the gajim code

not in the library

in the lib there might be some default value, but it gets overwritten in Gajim

so you need to modify gajim/common/modules/omemo.py

Does the omemo key change every time you send a message?

no, I don't think so. There are no other keys in my list.

and I remember checking if they are still the same, since I wrote them down

I was asking in general

oh sorry

> and I remember checking if they are still the same, since I wrote them down Those should be the fingerprints

yea, my bad. mixing terminology

It's possible that the key changes and the fingerprint doesn't

idk how to check keys, I guess I'd have to look at the XML stanzas?

there is only one private key and it never changes, but the mechanism is something like a session key is generated from the private key

and this session key is then iterated and changed with every message

right, something ratchet encryption?

yes they call this double ratchet

Thanks for explaining

And that's why a stale device breaks forward secrecy. Because the session key would stay the same for a prolonged period of time

if the scenario is that an attacker recorded your messages, its trivial for him when he gets a old key, to iterate it himself, and decrypt everything

thats why clients delete the old key when they iterate it

so if a attacker gets a current key, he cannot decrypt old stuff, and we assume if a device was stolen from you then you will distrust the fingerprint, and then cannot decrypt anything in the future also

of course this is all very theoretical crypto stuff

in reality they install a hack on your phone and simply read everything from your harddrive as it comes in and goes out :d

or in my case more likely they pwn my windoze and just read from its HDD and keylog. Oh and mine crypto ;)

> Well, I would expect avatar right click > Send PM would be available, maybe we have to add that 👍 ↺

I noticed in the omemo-dr code some log statements, and checked logs, and sure enough: > Ignore device because of 2018 unacknowledged messages Sorry, I forgot to check logs... And wow that's a nice Debug Console.

Thank you for the explanations and help!