@hackernews is there a way to block or catch, trackers so that this problem doesn’t happen?

@hackernews @fabyk @chbmeyer @dsfgs @olamundo

Isn’t it just a matter of checking if there request IP originates from a bot?

If so do nothing and return an empty 200 response, else handle auth token and either return 200 or 401

Bot list: looklinux.com/robots-crawlers-

@lil5 @hackernews @fabyk @dsfgs @olamundo

No, it's not an individual choice of how to protect myself on my server.

It's a political thing. It's about Microsoft abusing customers trust and spying around.

I even don't want them to read my mails, to sell such links, give them to NSA or call them by hand.

Microsoft (and other big tech) has no moral border or limits.

Noone can feel safe that MS reads and abuses their mails.

Email is a dead zone. The protocols are coopted, commodified, captured, in many ways.

People are better off moving away from #email.

@lil5 @hackernews @fabyk @olamundo


Give me a good alternative, that is #selfhost able, stable, requires minimal network and processor usable, encrypted by default and includes a #ui joe can use.

#matrix _is getting there_ but still uses a #ui for devs-only, and federated hosting is difficult due to network and processor usage.
#xmpp is unencrypted by default, bad clients.

@chbmeyer @hackernews @fabyk @olamundo


XMPP is as encrypted-by-default as Matrix. Specifically, encrypted-by-default is a property of the app rather than the protocol.

It's fine to not use/recommend apps that don't encrypt by default, but not using XMPP because they exist is like not using the modern web because some legacy browsers still use HTTP.

FWIW, easy-to-use + encrypted-by-default apps + lightweight self-hostable server describes well what we're building at @snikket_im

@dsfgs @chbmeyer @hackernews @fabyk @olamundo

@mattj @lil5 @snikket_im @dsfgs @chbmeyer @hackernews @fabyk @olamundo

Can I share a #private #encrypted #xmpp room with a share link to post on website or via email like how matrix can do?  If it's possible, how can I do it? thx.

You can kinda use the Snikket "circles" feature to achieve this: snikket.org/service/help/featu

However, I don't believe a group you can join just with a link, especially published on a website, meets the definition of "private". Private groups generally require you to explicitly grant access to people you want to participate - that's the behaviour most people expect. Some analysis of group types is available here: docs.modernxmpp.org/rationale/
@lil5 @dsfgs @chbmeyer @hackernews @fabyk @olamundo

@mattj @lil5 @dsfgs @chbmeyer @hackernews @fabyk @olamundo

I don't have snikket invite.
its a private meetup group so only the meetup group membership will see the chat group link. how about good effort in pushing adoption of xmpp usage. I mean its easy to post encrypted private matrix group link, so how can I do the same an encrypted xmpp group link. these are barriers of entry/usage. in matrix, a private group is not listed in the group directory. it can be encrypted or not.

@mattj @lil5 @dsfgs @chbmeyer @hackernews @fabyk @olamundo

Basically, what I am looking for is creating an encrypted group not listed in the xmpp server directory (private) and then share that private group link in a private members only site. I would not have these new users in my contacts list to invite them individually.

#xmpp :
If you control the server, you don't really need e2ee encryption. Especially forward secret encrypted rooms are a hassle, since someone that joins can't read anything that was said before.
If you share a link anyways, and therefore don't really 100% control who joins, encryption is a bit of security theater. (Of course everything will be transport encrypted anyway) its *so* much more likely someone if the group will just record everything thats posted - 1/2

@Menel @mattj @lil5 @dsfgs @chbmeyer @hackernews @fabyk @olamundo There's no need for server compromise, if you can just join the group using the public link ...

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!