Friday, 2022-04-08

poetasterattah, I've gone down the rabbit hole:
*** Mikaela is now known as Guest147713:05
attahpoetaster: wow! happy hunting!18:27
poetasterattah, ah, you know how it is. The deeper you go, the more inclined you are to start from scratch ;)18:28
attahthat is why i always start from scratch18:29 issues18:29
attahdid i tell you about when i heard CUPS had added a JSON format?18:31
poetasterno. way.18:31
poetasterwhat happend. broken glass. spilt beer.18:31
attahnot exactly how i did it...18:32
poetasteroh dear. oh dear. well, you already know what dumpster fire I'm flailing a blanket at....18:32
poetasterI'm treating it like a lesson in application profiling (cough, ouch, fire).18:33
attahtrashcan fire, max18:33
poetasterright you are. actually, considering the catastrophe that the web is, I can forget about memory leaks!18:34
poetasterdamn. you took my dumpster away.18:34
attahin sweden we don't really distinguish between container and dumpster...18:35
* attah mumbles something about cloud18:35
poetasteras vengeance, this was my lunch reading:
poetasterYou will note that the 'Nordic' NeTEx Profile is authored by .... Norwegians!!!!! (duck ... run)18:36
attahHow wide use does it have?18:38
poetasterCalifornia, London, France, coming to Germany.18:39
poetasterAnd Norway.18:39
attah ?18:40
poetasteroh shit.18:40
poetasterAs far as I can tell, there 2 competing standards and and a lot of 'stuff' 'that just works'18:41
attahSo do you think you may be able to start culling backends?18:43
poetastertoday I did the minimal fixes to get the efa backends back on-line (3 of them) and started weeding out.18:49
poetasterthe danish hafas can be modernized, but dubai, san francisco, and probably norway need to go.18:50
poetasterI'm toying with implementing but not in fahrplan18:51
poetasterOh, ireland works, too. For some  reason that made me happy.18:52
attahIreland always makes people happy18:52
attahAnd you are way too good to us18:52
poetasterWhat? I'm just sublimating my youthful urge to pick up a gun and join a revolution!18:53
attahOne of the slowest revolutions on earth probably (:18:54
attahHasn't this been going on since at least the advent of personal computers and a bit before?18:55
poetasterYou mean memory leaks in c?18:56
attahthat too18:57
poetasterAh, I don't know. I just can't look at a code base and ignore it's screams for help.18:57
poetasterAnd I need practice writing c++. I am very suck slow. Which is ok when the payload you are waiting for is an XML document.18:58
poetasterOh, finally! basil is taking donations for openrepos directly via hetzner.19:00
attahThat was one of my excuses for SeqaPrint too... recently my manager said that i could/should count some as competence development O.o19:00
poetasterAll my spare time and some spare cash.19:00
poetasterAbsolutely. Seaprint is nice work. in a domain that acutally produces physical things!19:01
attahI keep waiting for the gotcha that completely invalidates it19:02
poetasterDon't see it coming. Unless jolla is planning something and I very much doubt that!?19:04
attahBut given how relatively easy it was it should have been done before (not necessarily for Sailfish, but still)... and it wasn't19:05
Nicoattah: Did they tell you that, because they were thinking you lack practice? :D19:05
attahNico: More like lack (imagination for) things to practice on19:06
attahI somehow always have plenty of actual work xD19:06
NicoHm, I would have probably complained to my employer, that they are being rude ;p19:06
attahThe rest of the company is pretty much all about C++, so i kind of get it19:09
attahNot so sure it is the future tho19:10
* Nico looks at all his projects he tends to start in C++19:10
NicoI should learn to be comfortable in other langs :D19:10
poetasterah, the language question. dlang. erlang. scheme :)19:11
attahYou should! No need to feel compelled to switch... but it definitely helps19:11
attahWhen i "came back" to C++ i had a certain lack of respect for what was supposedly impossible19:12
attah...and some design learnings didn't hurt either19:13
poetasterThat's the key. design learning. most of the memory problems in fahrplan are an extension of poor design.19:13
NicoWell, I currently use C++20 for my toy projects, which is a lot of fun19:14
NicoI use some other langs for projects not started by me, dart, python, rust, etc. But they just don't feel right :D19:14
attahOld crusty api taking a function pointer and a null-pointer to extra data to supply to it? Pass a lambda and you don't have to faff around with structs if you need more than one thing19:14
poetasterbada bing.19:14
NicoAsynchronous request? Just await it or switch threads using co_await :D19:15
poetasterattah, yeah, nico yeah :)19:15
poetasterbut I'm having fun learning audio synthesis with SDL (really no one's idea of a good time)19:16
attahawait? nah... receive!19:16
NicoI don't know, what I would use Erlang for atm. Maybe to write a matrix server? :D19:16
attahNico: yes!19:16
NicoSounds like a lot of effort19:16
poetastermatrix REALLY needs a proper reference server. synapse is a piece of shit.19:16
poetasterand erland is a good idea.19:17
NicoSynapse isn't even that bad anymore and I have a lot of patches for it :D19:17
attahHow big is this protocol anyway?19:17
NicoMost stuff is client side imo19:17
poetasternaught in comparison with xmpp.19:17
NicoBut I also wrote more client side code19:17
poetasterin what language?19:18
attahMaking *a server* is trivial... i.e. ordo-protocol-size19:18
Nicopoetaster: C++19:18
poetasterah. what's the state of libolm in c++?19:18
poetasterI would guess it's reference, but lost track.19:19
NicoI just use the C libolm with a small wrapper19:19
poetasterah. ok.19:19
NicoReimplementing libolm is annoying, because... you need bug to bug compatibility :D19:19
NicoThe server2server API is not that bad with Matrix:
NicoThe devil is in the details and the client side API :D19:20
poetasterI have to admit, I'm more inclined to: 1. build the ultimate ejabberd (erlang!) manual including stun/turn/bosh done right and19:21
poetaster2. build some modern clients.19:21
NicoI don't like XMPP... It makes too much stuff only work in some clients with some servers and I have no idea, what I should use :D19:22
poetasterwhat do you use as a matrix client (I use a hacked version of gomuks)19:22
NicoI develop Nheko19:23
NicoSo I am kinda biased19:23
poetasterah! of course! Nheko is also a lot better than most. I actually still have it installed :)19:24
poetastermirage drove me nuts. looked nice. had the same resource usage as an electron app.19:25
poetasterbut, seriously, if you have cycles for it, writing a matrix server in erlang would be cool.19:27
NicoWell, a friend is trying to talk me into writing a C++ one :D19:27
poetasterthat's going to be more code :)19:28
attahWhat http server would you take?19:29
poetasterdoesn't everyone just use socat?19:29
NicoDunno yet, Matrix has a lot of requirements with the shenanigans you need, because you need to send to different hosts than the tls connection is for, do dns requests, etc19:30
NicoAnd most http libs suck at that :D19:30
attahSounds like you need Erlang19:30
poetastergwsocket just use websockets?19:31
attahi think dns stuff is even in the standard lib... and then Cowboy as http server19:31
poetasterI don't know if a web server is, strictly speaking, required?19:33
attahREST behavior framework?19:33
poetasteryeah, it is http based.19:34
poetaster+ webrtc.19:35
NicoYeah, you just implement http endpoints19:35
NicoAnd send http requests19:35
NicoI.e. for my clients I just use libcurl wrapped in libevent wrapped in C++ :D19:36
poetasterI actually wrote my matrix admin tool with curl.19:36
attahi believe the Cowboy-related http client is called Gun19:36
NicoGood name :D19:36
attahand they depend on ranch...19:36
poetasteroh, is that evil ...19:39
poetastercurl --insecure -XDELETE -H "Authorization: Bearer $access_token" -H "Content-Type: application/json" -d '{"message":"Removed","block":true,"purge":true}' "https://hostname:8448/_synapse/admin/v1/rooms/$url_room" | jq19:39
poetasterthat was before Synapse-Admin existed.19:41
poetasternico, do you know if the media archive can be disabled and people still exchange images?19:42
NicoHow would you exchange images without the media repo?19:42
poetasterover the wire. they don't need to be stored.19:42
NicoLike it has 3 endpoints, upload, download and thumbnail :D19:42
NicoIn Matrix everything is stored19:43
NicoBut you can run a purge cron job and delte the images automtically every night19:43
poetasterthe problem is you can scrape the data. it's not 'so bad' if it's encrypted.19:43
NicoHow do you scrape random ids in your media repo?19:43
NicoLike that would take as long as cracking a 12 char password or so19:44
poetasterI have journalists that have been accused of treason as users.19:44
Nico25 actually19:44
poetasterso, state actors ina mix19:44
NicoWell, then encrypt the images and chats :319:44
poetasterOf course they are. but I've already been tasked with finding a more secure solution.19:45
NicoI still plan to require downloads to be authenticated, but that is an uphill battle...19:45
poetasteryeah, authentication would solve our problem.19:45
NicoBecause it would complicate writing webclients...19:46
NicoWhich is a stupid reason, if those clients support E2EE...19:46
poetasteran access token is not too much to ask, is it?19:47
NicoYou can't add an access token to an `<img>` tag19:47
poetasterHTTP AUTH :)19:48
poetastersure, why not. it's just header foo.19:49
poetasterjust kidding.19:49
poetasterI think it's sufficient to have an authenticated session.19:51
poetasterand that's already built in. it just isn't USED when requesting images. I consider it a bug.19:51
NicoWell, again, that doesn't work properly in simple matrix web clients19:52
poetasterthat's no excuse.19:53
NicoThat's usually why my MSCs don't get merged ;-)19:53
poetasterI mean, I literally being forced to run a bunch of alternatives because of an audit.19:54
NicoBecause a random string as a password for each media file is not enough?19:54
poetastercurrent contenders are rocketchat (puke), libervia (aka salut-a-tois) and next cloud talk (puke).19:54
NicoOkay, can you tell me why a random string as the password for each media file is not enough?19:55
poetasterAlthough I'm a fan of security through obscurity (guess my favourite epic greek poems !) that is what you are suggesting.19:58
NicoNo, I mean, what is the difference between an access_token and a random string required to view the image?19:59
poetasterand although I believe those with the compute power to do so would just 'seize the machines', the audit is not mine contradict19:59
NicoYeah, but I need to write some proper arguments into the MSC :D20:00
poetasterI had already gone beyond access_token to session. The client MUST maintain a token to resume the session, no?20:00
poetasterIf I don't log out of gomuks, I can move from country to country without signing in.20:02
poetasterBut I've probably got something poorly configured :)20:02
poetastersoooo, why doesn't synapse check to see if it currently has a session with the requesting client?20:03
NicoSynapse can't really know it, unless it cross-correlates the connections/IPs20:04
NicoBecause you can't add a header to an img tag in html20:04
poetasterhttp request. not tag.20:08
NicoWell, the problem is that the protocol stewards want to support simple html clients, that directly use image urls in img tags instead of setting up a service worker or abusing data urls20:09
NicoI disagree with that, but they say authentication is not needed, since none guesses a 25char random id20:09
poetasterok. I can post to the github repos directly and not bother you. it's on my to-do list anyway.20:09
NicoThere should be an open issue for it already :320:10
poetasterOh, there was. But it's deep sixed.20:10
poetasterThat is what accelerated the audit to push me to erect 4 different tests systems.20:11
NicoAnd the test systems have end to end encryption?20:12
poetasterOf course.20:12
NicoDidn't know nextcloud talk had that, neat20:13
poetasterlibervia uses OMEMO, I'm not sure what rocketchat's crypto is, nor have I finished digging through nc talk have e220:14
poetasterthe criteria for solutions was e2e++ someone wanted support for yubikey 2fa. I talked them down from that.20:15
NicoLooks like rocktchat doesn't even use a ratchet? o.o20:16
poetasterrocketchat, I believe, is doing public key exchange20:18
NicoSo does https20:19
NicoProblem is how you build the session keys with that, how they are rotated, what backward and forward secrecies you want to provide, etc20:19
Nico> When starting a new E2EE session, first, if an existing session key exists in the room subscription of the current user, it is downloaded and decrypted using the user’s private key and then used to encrypt future messages. In case an existing session key is not found in the database, a new session key is generated by the current user and then stored in the database encrypted for every user in the room.20:20
Nico> Once a session key has been obtained in the above manner, we enter E2EE mode, and all messages sent henceforth are encrypted using this session key.20:20
NicoThis sounds like it always just uses one key for a chat20:21
NicoI.e. multiple messages share the same key20:21
NicoWhich is usually a big no no20:21
poetasterthat depends.20:21
poetasterIt's been a while since I looked at double ratchet, so I can't judge.20:22
NicoUsually you want at least some mechanism to rotate keys when a room member leaves, a way to verify, who should receive the e2ee keys, etc20:23
NicoAnd I don't see that mentioned anywhere20:23
NicoBut maybe that is in some advanced section20:23
poetasterthe have encrypted session keys, client keys and masters20:24
NicoYes, but the session keys are usually not rotated and sent to every client without much verification?20:25
poetasterum, the matrix session keys are long lived. I've travelled out of country without my session key expiring.20:26
poetasterthough, that may be a poor configuration of synapse?20:26
NicoNo, they are not really20:26
poetasterSeveral days on the road, check into a hotel and fire up a client directly to chat? That's 'long lived'.20:27
NicoYou have a master key, a self signing key, a user signing key, keys for each device, one time keys, olm sessions for to_device messaging and megolm keys to encrypt individual messages20:27
Nicomegolm keys and olm keys ratchet forward, megolm keys are rotated after 7 days or 100 messages20:27
NicoSo while some parts are long lived, they don't allow you to read the messages20:28
NicoAnd the keys to the messages are only shared with you via to_device messaging and you can choose, if you want to share only with users you verified or not20:28
NicoIf you share your keys with arbitrary users, the End in End to End Encryption is not verified, so you can throw it all in the bin. Because you could just be talking to a MITM.20:29
poetasterI only use ONE server and I'm root on that. I only use ONE client. On one machine. No federation. All clients verified by hand (ie. visual inspection).20:30
poetasterI don't think you appreciate our threat model.20:30
NicoWell, if you rely on a trusted server, it is not E2EE, it is Encryption20:31
poetasterSorry, I don't understand?20:31
NicoBecause (at least the modern definition of) E2EE requires, that you only need to trust the ends, which usually is the clients, but not the server20:32
NicoIf someone can capture the server and make it lie about membership to exfiltrate messages, that is not E2EE, that is just encrypted communication, without proper end to end security20:33
poetasterHow are the images in matrix encrypted :-)20:33
NicoIt might be fine for your threat model, just the naming is wrong in the rocket chat docs imo20:33
Nicoimages are encrypted using a random, per image AES key, that is then shared using a megolm encrypted message, of which the key is shared using olm encryted to device channels20:34
poetasterI was fine with OMEMO, but I'm not the judge in the end. I've just been tasked to set up some alternatives for evaluation.20:34
NicoIf in the end you use Rocketchat or so, you have a very different threat model than I do :D20:35
NicoOMEMO is better than what I read about rocketchat right now, afaik20:35
Nicoit is similar to the olm and signal protocols20:35
poetasterI'm not the person who is going to evaluate the crypto, or the threat model, for that matter.20:36
NicoWell, yeah, it doesn't matter in the end who evaluates it, I just think it is interesting :320:37
poetasterI'm just the person that builds the machines, in this case. I made it clear that I am not qualified to make a recommendation.20:37
poetasterIt could be that your description of the image encryption in the media repo if detailed in the ticket/note on github migh make a difference.20:37
NicoWell, that only applies to encrypted images of course20:38
poetasteryeah, that's another issue.
NicoHere is the spec for it:
poetasterI think that's the one that got our paranoids going.20:39
NicoTo be fair, that was fixed and had a pretty limited impact20:39
NicoYou basically had to be able to hit a file with a 25 char random string, which is very unlikely to ever download an actual file20:40
poetasterAh, one of the paranoids just started testing if you could download images (with know values, of course) from 'the web'20:40
NicoI.e. you could never download /etc/passwd, because the file path needs to be 25 chars long20:41
poetasterAnd that's not going to convince the person who uses his own services over tor.20:41
NicoWell, yes, you can download known images from the web, but if they are encrypted, you can't view them20:41
poetasterunti you decrypt them :)20:41
NicoSure, but if you hand people the decryption keys, them being able to download the image was your smallest problem20:42
poetasterI'm not sure what they were thinking. Like I said, I'm not the measure. I don't trust my users to use gpg either.20:44
poetasterThey used to SHARE a private key for a NUMBER of email adresses. I refused to look at any mail having anything to do with it.20:44
NicoOh well20:45
poetasterI explained, slowly and calmly, that what they were doing was a betrayal of the trust of the people they communicated with ...20:45
NicoWell, to be fair, I also share my GPG key between emails, but that's because one of them is just my old mail and I want to appear as the same person :D20:45
poetasterso, in a sense, I'm relieved they go all bat-shit paranoid after that disaster.20:45
NicoWell, if they then switch to worse encryption, because they think authentication is more important than encryption, I am not soooo sure ;p20:46
poetasterI'll mention it. But they just freaked out that you could anonymously download binaries from matrix.20:47
poetasterI did sort of roll my eyes.20:48
NicoWell, a lot of people freak out about that without understanding the impact20:48
NicoWhich is one reason why I want to fix it20:48
NicoBut I don't think it is an actual security issue20:48
NicoThere is an issue with it, but I am not going to disclose that here and it is not about leaking data :D20:48
poetasterI don't think so either, but I think there must be a relatively painless way to mitigate.20:49
NicoI'm just going the push the one, that is painless for 90% of clients and use cases :320:50
poetasterI mean, for instance, a config for 'session' only access to binaries.20:50
NicoWell, http doesn't have sessions usually20:51
poetasterI hope you can get some mind share behind your client. I hate all the clients (except irc clients :)20:51
poetasterthe persistance of a session can be propagated by many means :)20:52
poetasteror, maybe you don't want mind share for the client. that would means users and responding to tickets!20:53
poetasterdamn it. didn't get any work done. off to bed! I have to get up at 6:15.20:54
NicoGood night :D20:54

Generated by 2.17.1 by Marius Gedminas - find it at!