Skip to main content

Hubert Chathi reshared this.


We are now accepting nominations for the Governing Board! The deadline to nominate is end of day April 26th AOE time. https://matrix.org/blog/2024/04/election-announcement/
This entry was edited (11 hours ago)

reshared this


Hubert Chathi reshared this.


Welcome to the first ever Governing Board election season for the Foundation 🗳

We start with a one week nomination period that opens this Saturday. Read our blog post for a full schedule, details on who can nominate, who can vote, and how to prepare yourself: https://matrix.org/blog/2024/04/election-announcement/

reshared this


Hubert Chathi reshared this.


Ontario Nature is asking all to contact your MP to make the proposed Highway 413 undergo a federal environmental assessment to scrutinize this six-lane, 52km highway paving over 400 acres of the Greenbelt and 2,000 acres of productive farmland.

Contact your local MP through this convenient form: https://ontarionature.good.do/stopthe413/email/

reshared this



Managed to get to a place that wasn't too cloudy for today's eclipse, near the path of totality. I got a few pictures with my camera. I didn't bring any fancy equipment; I just brought my 20-year-old DSLR, with the kit lens. So the pictures are nothing spectacular, but I'm happy enough with what I got. Here are a couple that I took.
Picture of today's solar eclipse.  There is a white ring around a black circle, with a bright spot at the top-right.
The sun is high in the sky, but the sky and ground dark, as if the sun is setting.  This picture was taken shortly after the peak.

Hubert Chathi reshared this.


With the Sun on everybody's mind today, we hope you have a safe viewing of the eclipse this afternoon, with few clouds. Be sure to use official eclipse-rated glasses, and be careful when looking at the Sun. It will just be a partial eclipse here in Waterloo Region, but it still promises to be quite a show, starting at 2:05 p.m. this afternoon.

#Conservation #Eclipse

The sun rises over a foggy field at rare, with isolated trees in the distance. This photo was taken by Jeff Moser & Jeanette Dillon on November 16, 2013.

reshared this


Hubert Chathi reshared this.


I gave a talk this week and it went really well and the main thing I want to share with you from it is that I referred to an int as “just 64 booleans in a trench coat” and I’m proud of that one.
This entry was edited (2 weeks ago)

Hubert Chathi reshared this.


Hubert Chathi reshared this.


Matrix on a graphic calculator, a new synadm release, and the first certified TI-Messenger. That, and much more happened This Week in Matrix!

https://matrix.org/blog/2024/04/05/this-week-in-matrix-2024-04-05?ref=mastodon

reshared this

waiting for matrix client for Java J2ME phones
fedi really is gonna be the new bad apple, isn't it? Mastodon client for dos, old apple systems, i believe there was a ps vita and nintendo 3ds client even, now matrix on a calculator🥴

Hubert Chathi reshared this.


Question! Why should local governments use taxpayers’ money to buy proprietary, closed software from a single vendor? And what happens to citizens' data? A solution is to move to free and open source software like #Linux and #LibreOffice – which is exactly what Schleswig-Holstein is doing: https://blog.documentfoundation.org/blog/2024/04/04/german-state-moving-30000-pcs-to-libreoffice/ #foss #OpenSource #privacy
State logo
I appreciate the project and taking on MS but it does feel like stepping back in time 15 years when using Libre Office, especially with the lack of real time collaboration functions. There's a nice Arstechnica article about a demo from... 2012 that showcases this.
@heind Hi! You can already get these features in LibreOffice by sourcing it from the wider ecosystem: https://www.libreoffice.org/download/libreoffice-in-business/ – But we understand that some people want it in the app directly from The Document Foundation. We (TDF) have very limited resources and focus on the desktop app, but we have some ideas for collaborative features coming up...
@Hein

Hubert Chathi reshared this.


Open source infrastructure *must* be a publicly funded service, and funders need to support maintenance – not just new feature development 📣

This is on our minds this week in the wake of the #xz news, and as we continue to seek funding to support #Matrix.

Read the latest from project lead, @matthew: https://matrix.org/blog/2024/04/open-source-publicly-funded-service/

#OpenSource #FOSS #OpenStandards

This entry was edited (2 weeks ago)
ok, many people could *maybe* be convinced by this argument. But what is almost always lacking on this subject are the funding criteria. Most FOSS projects are just playgrounds for inexperienced developers. And even the established projects lack many of the components of a proper organizational structure, with professional UX designers, customer service, lawyers, professional managers etc. Not all FOSS projects deserve funding.
@simple honestly, the funding criteria could be simply whether the EU public sector is operationally dependent on the project or not. If the project is indeed under-resourced (no UX, CS, etc) then it's even more important to try to fix that, no? :)

Hubert Chathi reshared this.


‘Privacy. That's Apple,’ the slogan proclaims. New research from Aalto University begs to differ.

The researchers studied eight apps: Safari, Siri, Family Sharing, iMessage, FaceTime, Location Services, Find My and Touch ID

The fragility of the privacy protections surprised even the researchers.

https://www.aalto.fi/en/news/keeping-your-data-from-apple-is-harder-than-expected

Hubert Chathi reshared this.

feeling vindicated now since I've been saying this for years

Hubert Chathi reshared this.


Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code:

https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

1/

Children playing on a climber. The colors of the climber and the foliage behind them has been oversaturated and shifted, making it surreal. The kids' heads have been replaced with the red eye of HAL 9000 from Kubrick's '2001: A Space Odyssey.' Standing in the foreground at rigid attention is a man in short-sleeved military garb, wearing aviator shades.



Image:
Cryteria (modified)
https://commons.wikimedia.org/wiki/File:HAL9000.svg

CC BY 3.0
https://creativecommons.org/licenses/by/3.0/deed.en

--

Jorge Royan (modified)
https://commons.wikimedia.org/wiki/File:Munich_-_Two_boys_playing_in_a_park_-_7328.jpg

CC BY-SA 3.0
https://creativecommons.org/licenses/by-sa/3.0/deed.en

--

Noah Wulf (modified)
https://commons.m.wikimedia.org/wiki/File:Thunderbirds_at_Attention_Next_to_Thunderbird_1_-_Aviation_Nation_2019.jpg

CC BY-SA 4.0
https://creativecommons.org/licenses/by-sa/4.0/deed.en
This entry was edited (2 weeks ago)

reshared this


Hubert Chathi reshared this.


Matrix 1.10 is here! Captions for media 🖼️, VoIP improvements ☎️ (a Matrix 2.0 feature! 🔜), and plenty of quality improvements for clients and servers ✨

Read all about it and our Matrix 1.11 roadmap on the blog 🗞️ https://matrix.org/blog/2024/03/22/matrix-v1.10-release/

reshared this

when media together with text and multiple media in one messages will be supported, this makes some bridges send a few messages to send one from e.g. Discord and it might be confusing and sometimes spamming the chat

Hubert Chathi reshared this.


It’s the end of an era, Signal will now respond to subpoenas and hand over phone numbers when given usernames. I’ve seen first hand how this worked with Wire. Subpoenas come in in high numbers and you can’t fight them all.
The only advantage Signal has over Wire is that usernames are not necessarily visible to contacts. But the problem is still there.

https://theintercept.com/2024/03/04/signal-app-username-phone-number-privacy/

Hubert Chathi reshared this.

Why do you think? One usually doesn't store the username of a contact. At least your Signal client does not. Or what scenario are you taking about?
@nadim
The client doesn’t have the usernames of others, but they will still be everywhere else: business cards, twitter bios, word documents, etc. After all they need to be shared somehow. A lot of vulnerable users will not understand that they can be deanonymized that way.
did you read the entire article? Signal can only hand over phone numbers if the username is still in use by that number. They don't know how long it's been associated with that number or who else may have used that username. If this is something that's in your threat model you can just keep changing usernames periodically or only enable them when you need it.

Devs running to check their packages work on 1.0.0 (me included).
if only there were some way of doing this before it came out :blobcatangel:​

Coffee (Team CW) reshared this.


Welcome back!

Sorry to hear you had such a bad experience.


Hubert Chathi reshared this.


Pillaged from BlueSky:
"20 years ago we were suing teenagers for millions of dollars because they were torrenting a single Metallica album and now billionaires are demanding the free right to every work in history, so that they can re-sell it.
The law only ever serves capital."
From:
Komm, süsser Tod Howard @lonestartallboi.bsky.social
·
"20 years ago we were suing teenagers for millions of dollars because they were torrenting a single Metallica album and now billionaires are demanding the free right to every work in history, so that they can re-sell it.

The law only ever serves capital."

in response to article in The Guardian: 
" ‘Impossible’ to create AI tools like ChatGPT without copyrighted material, OpenAI says"
This entry was edited (3 months ago)

reshared this


Hubert Chathi reshared this.


25 years ago Jeremie Miller made an announcement of what would become the initiation, development and propagation of the #XMPP protocol until today!

Join the journey!

https://slashdot.org/story/99/01/04/1621211/open-real-time-messaging-system

Happy birthday,
XMPP!

:xmpp: :xmpp: :xmpp: :xmpp: :xmpp:

#chat #jabber #opensource

The XMPP Logo
This entry was edited (3 months ago)

reshared this

I wish we could get Jeremie over here on the social Web instead of Bluesky. Super cool and smart guy.
ah good ol days when instant messengers were trying to become interoperable... i had odigo on my computer and google talk just started based on xmpp

Hubert Chathi reshared this.


We ended 2023 with a talk at #37C3. @raphaelrobert and Konrad presented the new standard for end-to-end encryption, Messaging Layer Security (MLS). The room was packed and some people couldn't attend in person – luckily the talk is now online and can be watched again.
🍿 https://media.ccc.de/v/37c3-12064-rfc_9420_or_how_to_scale_end-to-end_encryption_with_messaging_layer_security

Thank you @ccc and all helping hands for the great event!

#securemessaging #encryption #e2ee #messaginglayersecurity

Raphael presenting MLS at 37C3

reshared this


Hubert Chathi reshared this.


"Has your washing machine broken down, or is your electric kettle, laptop or mobile phone refusing to work?

Well if you live in Austria, the government will pay up to €200 ($219; £173) towards getting it repaired.

The Repair Bonus voucher scheme is aimed at trying to get people to move away from throwing away old electrical appliances - and focusing on getting things mended."

https://www.bbc.co.uk/news/world-europe-67777814

#environment #climate #electronics #repair #mend #reuse #austria

reshared this


Hubert Chathi reshared this.


My job is to work toward bringing secure, decentralized, open source licensed communication tools with open governance to the masses with Matrix.

But if folks prefer XMPP or IRC, that's still a win in my book. I think Signal is a step in the right direction, too!

It's open vs. the world, and I'm looking forward to working together to challenge the status quo of surveillance capitalism and proprietary, centralized walled gardens.

#OpenSource #Matrix #ProtocolsNotPlatforms #FOSS

This entry was edited (3 months ago)

reshared this

Matrix protocol has a bunch of flaws, but it's the best we have :)

Still my favorite chat protocol.

This entry was edited (3 months ago)

I see an interesting similarly with my work on Samba. As Microsoft pushes everyone to the cloud and hybrid deployment of Active Directory with Azure AD, Samba remains on-premises and Free.

I don't really expect we are the great hope on the horizon, but I think we fit in there somewhere.


Hubert Chathi reshared this.


I was laid-off a few weeks ago and am looking for a new role. If anyone is looking for an experienced backend engineer who loves to build products & teams then please reach out or connect!

I have experience with #Python, Rust, lots of networking background, and more. Open to remote or hybrid roles in near Boston.

https://www.linkedin.com/in/patrickcloke/

#fedihire

This entry was edited (3 months ago)

reshared this


Hubert Chathi reshared this.


The #SMTPSmuggling attack is being mitigated and tracked in the following CVEs:

- CVE-2023-51764 postfix
- CVE-2023-51765 sendmail
- CVE-2023-51766 exim

All three CVEs have been filed *today* by the community and NOT by SEC consult who discovered the flaw in June 2023 but decided to not share their findings with postfix, sendmail or exim. Only after they published their post on 2023-12-18, the communities have become aware and are now working hard to fix what is now more a 0day :(

This entry was edited (3 months ago)

Hubert Chathi reshared this.


Hubert Chathi reshared this.


It's that time of year again: welcome to the 2023 Matrix Holiday Update!!🎄🛷🌲☃️ Come hear all the highs and lows of the last year, and tantalising hints of what 2024 may bring... https://www2.matrix.org/blog/2023/12/25/the-matrix-holiday-update-2023/ Thanks for flying Matrix, and happy holidays!!
This entry was edited (3 months ago)

Hubert Chathi reshared this.


Passenger rail is ridiculously unreliable in Canada. 50% of trains are delayed. And every small delay leads to a big one because freight trains get priority on the railway lines.

Glad to see the NDP's Rail Passenger Priority Act getting attention.

Having a predictable and reliable timetable is the first step to making this a viable form of transportation in Canada.

#viaRail #cdnpoli #transportation #Rail #NDP

https://www.cbc.ca/news/canada/london/via-rail-bill-people-over-freight-1.7066700

reshared this


Hubert Chathi reshared this.


Hello Fediversians, today I come to with some important information:

The Matrix to iMessage Bridge Beeper has been made Open Source:

:github:​ https://github.com/beeper/imessage

These people have legally reverse engineered Apple's proprietary iMessage Protocol, it's really awesome!

Just a few days ago the app was still a paid service, then they made it free of charge on December 14th, but now Apple :apple_inc:​ has deliberately changed their protocol in order to prevent any peasant non-Apple users like us to be able to use iMessage and interact with their precious walled-in users.

Naturally, Beeper now made all of their work and progress open source to continue the fight for a free and open interoperable network. Will you join them?

#iMessage #Beeper

This entry was edited (4 months ago)

what lol? There is nothing to lol about.

Selling fake credentials is nothing legitimate about it. Beeper is not a feature, it's a bug. There are multiple cross platform messaging apps. I as a iPhone user have no problems whatsoever to have encrypted chats with high resolution videos and photo's and all the mumbo jumbo iMessage has with every Android user.

Clearly the problem is not on Apple’s side but the lack of good messaging apps on Android if Android users prefer to use iMessage 🙄


Hubert Chathi reshared this.


Fractal has been completely rewritten with a GTK4/libadwaita makeover.

https://news.itsfoss.com/fractal-5/

Hubert Chathi reshared this.

The notes clearly state that italics (which turned into bold in your article) is new. Your article says

> Viewing images and playing audio or video is now more intuitive, you can directly view/play those from the chat window itself.

It is not “now more intuitive”. This feature was there before.

Thank you for the heads-up, will fix it. Apologies for any inconvenience caused.

— Sourav

This entry was edited (3 months ago)


Hubert Chathi reshared this.


https://www.postfix.org/smtp-smuggling.html

"SMTP Smuggling" vulnerability in Postfix allows to spoof senders even in the presence of some DMARC checks. Configuration workarounds exist.

Also, a wholehearted f* you to SEC Consult, who sat on this since June and disclosed it to some closed-source vendors and MSPs, but could apparently not be bothered to give e.g. Postfix a heads-up, publishing this close to the holidays.

Boosts for awareness welcome.

Edit: So this has kinda blown up. and especially because the author of the SEC advisory is going to have a slot at 37C3, I would like to add something important: I intentionally wrote "SEC Consult" above, not "$individual". Do not start harassing that person. For all we know, this is a corporate failure and the individual would actually appreciate guidance and tips. That does not mean to not ask the hard questions, but keep the framing in mind. They might genuinely have been told by their managers that that is how responsible disclosure works.

This entry was edited (3 months ago)

reshared this



Hubert Chathi reshared this.


Let's get prepared to elect our first Governing Board and take the next big step in open governance for Matrix 🚀

Also: we're pleased to introduce a couple new tiers of membership, for open source projects and foundations, who will be represented on the Governing Board.

Learn more in our latest blog post: https://matrix.org/blog/2023/12/electing-our-first-governing-board/

#Matrix #OpenSource #OpenStandards #OpenGovernance #FOSS

reshared this


Hubert Chathi reshared this.


It's the time of the year where Home Alone is on TV or on people's streaming lists as the holidays classic it is.

That means it's also the time of the year where I dust off this incident review of it, before we all blame the movie's parents for being irresponsible: https://ferd.ca/home-alone-a-post-incident-review.html

Hubert Chathi reshared this.

they missed the same kid 2 years later, I don’t think they learned from the first incident.
@matt_g they made most fixes for home and then lost him at the airport. I sort of address that in the post as well!
@Matt

Hubert Chathi reshared this.


I'm very excited to be presenting at FOSDEM in February! I've been working on messaging interoperability for about 2 years now with much of that focus being on developing an open standard for that exact purpose. We'll be exploring how #Matrix works as an existing decentralized open standard for *interoperable* communications, and how other protocol development work interacts with Matrix.

Join me for a technical look at #MIMI, #DMA, and the Matrix protocol: https://fosdem.org/2024/schedule/event/fosdem-2024-3157-interoperability-matrix/

@TravisR Cool! I only heard of MIMI for the first time this week. Looking forward to your talk, it sounds interesting!

I bet some of the first questions that pop into people's minds are:
1) How is MIMI not yet another XMPP
2) How is MIMI not yet another Matrix
3) In general, how does this not suffer from #xkcd927

Have you or someone else already given a talk or written a blogpost that addresses those concerns? I'd like to get a head start until February. =)

@clacke thanks! I'm not sure there's written material on it, but the intention of MIMI is to learn from prior attempts at an interoperable protocol to build something which actually works. XMPP has largely not been adopted in this sphere, though is popular in its own right. Matrix has additional features that don't translate well to other providers as well (we'll talk about this in the talk).

It definitely feels a bit like XKCD 927, but this time we're going to interoperate with all of them :)

@clacke
MIMI is not a protocol, but rather something like a working group to discuss what protocol to focus on :).

"More Internet Messaging Interoperability" it stands for

@didek @clacke https://datatracker.ietf.org/doc/draft-ralston-mimi-protocol/ describes the protocol nature of MIMI.

Bridging exists. Matrix had a nice seamless interaction with IRC for example (now matrix.org do not host it, but can still be selfhosted).

Especially when both XMPP and Matrix are on the way to implement MLS encryption in the future.

@Nagito 💣 @TravisR That's fair! But that's just the initial phase. If everyone wants to interoperate, that means m×n bridges.

Then someone tries to systematically enable interoperability and writes a shared vocabulary for the bridges, and then someone else will go "screw it, I'll just implement the shared vocabulary directly" and that's how a protocol pidgin turns into a protocol creole. Arguably that's what happened with e.g. TCP/IP.

In the case of Matrix they tried to leapfrog this whole process and make themselves the bridge protocol.

@didek @clacke

I'm no expert on IM at all, but when looking at IM protocol specs and seeing a key role for a Room at protocol level, I always wonder whether that isn't overly limiting the versatility of the protocol. In Matrix you see apps where richer social networking use cases are being modeled, but deep down everything should be rooms. But idk enough, maybe that's no issue at all.

@smallcircles @clacke

Room is not only a chat room, it's just a name for a "container" of some data, I think.
In Matrix rooms have chronological events, non-chronological states and members with permissions. This can also be group for posting, game lobby or user profile with interactions, basically anything.

@didek @smallcircles @clacke this^. MIMI is highly focused on messaging, so it picks a term like "room" to best describe the container. It may in theory be able to transmit more than messages, but it's not the purpose.

Matrix is very much meant to be a generic communications layer. It happens to be that messaging works really well here, but it's not the only focus. We use "room" mostly because no one has decided to rename it following the early proof of concept demos :p

@didek @clacke

Yes, thank you. I should have a closer look at specific msg formats on how that's expressed. I was more of a mindset of "call a duck a duck", not a "room, type=duck" but it may boil down to not matter much, idk :)

@smallcircles @didek @clacke MIMI's content format is still very much a WIP, and is fully intended to be focused on messaging.

Matrix however just calls everything an "event". Even within a messaging-focused room there are events that users don't see, like the events to set up VoIP calls or ensure threads work.

Critically, Matrix lets you define your own event types and use them - nothing will break from doing that. Matrix is essentially a distributed JSON database in this respect.