u_tamtam @ u_tamtam @programming.dev

Posts

6

Comments

454

Joined

2 yr. ago

You can have a look at the communities there: https://programming.dev/communities

Yeah, how about you read the damn article? This is mentioned:

The crew vehicle served the Soviet space program through 1991 and since then has been a mainstay for the country's large space corporation, Roscosmos. The Soyuz is a hardy, generally reliable vehicle that NASA counted on for crew transport from 2011 to 2020, after the space shuttle's retirement and before SpaceX's Crew Dragon came into service.

The Soyuz spacecraft, as well as a lot of the country's other satellites, launches into orbit on the Soyuz rocket. This vehicle dates back even a bit further, to 1966. Russian engineers have modified and modernized both the spacecraft and rocket over time, but they remain essentially the same space vehicles.

There's nothing wrong with aging technology that works. However, there have been some issues of late with leaks and other problems that have raised serious questions about quality control and the ability of the Russians to manufacture these vehicles.

IOW, Russia lost a decades-long ability under the watch of Putin/his appointed cronies

Not sure you spent as much time reading the article as you did writing your reply.
This is ArsTechnica/Eric Berger, not "RagNewsInc©": they went into quite the amount of details and facts explaining Putin's direct contribution to Russia's space program current state of affairs.
Despite the title, it didn't read (to me) as much politically motived as you make it to be.

The factor that is keeping me on Matrix is that I have all diffrent chats with people on different platforms in one client that is cross platform.

yeah, as I wrote above, that's no different in XMPP (but probably much more secure and better maintained: till recently most of the bridging in matrix-world was leveraged by libpurple, which has an horrendous security track-record).
If you are getting into bridging in XMPP, I recommend giving slidge a try: https://sr.ht/~nicoco/slidge/

that is is against ToS for most apps

https://slidge.im/core/user/low_profile.html#keeping-a-low-profile

google kinda “killed it”.

And yet it has hundred folds more users than Matrix :) XMPP is ubiquitous (it props up google cloud/nintendo switch push notifications, if your online game has a chat system with million users that's it, WhatsApp is using it, you have billions of IoT devices running it, …) so just like Linux it can't really be "killed" at this point as a critical piece of software infrastructure. On the user-facing side, things are alive and kicking with great and well-maintained clients (which is more than can be said about matrix, being a single-source implementation held together by a single company constantly fighting financing issues).

Interesting, but I got past that hurdle…

I was thinking more of the "day to day admin" side of things rather than "getting it running for the first time": ejabberd really runs like clockwork, demands no effort, no attention, packs all the features you need, and uses close to no resource.
By that time, I've been hosting services for communities for decades, and a good argument in favour of keeping XMPP, no matter how much adoption it would eventually get was that ejabberd is one of most "fire & forget" software I've ever deployed. Right now I have an instance running with 500 users and it barely ticks above 150MB RSS.

In comparison to that, synapse for a dozen users, especially in the early days, was a burning hot mess. The whole stack is rather fragile and I was always worried about something breaking up, or resources going wild. If you are solo admin with users across timezones depending on you, that might matter a lot.

Perhaps, but in an energy-scarce world, who would be able to afford living in an old, inefficient house? I obviously hope to be wrong but increasing material price and labour might alone offset whatever price decrease the extra inventory of a decreasing population might bring. I hope to be wrong, ofc.

You should definitely give XMPP a chance, but not feel bad about ending-up with whichever feels better: they are mostly fine, and largely preferable to the non-standard/non-federated alternatives.
XMPP is orders of magnitude lighter weight so that might factor in if you have associated costs to running in the cloud.
If you want to get started the easy way, go with ejabberd, it has sane defaults and lots of convenience (e.g. it embarks a stun/turn server to facilitate calling through NAT, acts as a ACME client to renew certificates automagically, …).
On Android, Cheogram is a good client to recommend for power-users, Quicksy/Conversations for those who want to use their phone number for contacts auto-discovery. Desktop has Dino/Gajim, (i)OS(X) has SiskinIM, BeagleIM.

Regarding the libera.chat drama, you can read more here: https://libera.chat/news/temporarily-disabling-the-matrix-bridge
IMO that tells a lot about the people behind Matrix and their overall attitude (I had the same "trust us", "it's gonna be soon, I swear!", "that was bad luck but it's gonna be fine!" vibes when interacting with the Matrix team members in the early days).

Yep, if you are on either, you are fighting the good fight, so keep it up :)

And if you self-host, you'll find it dramatically easier to do on XMPP (that's how I ended-up here, after giving up on Matrix's shenanigans).

Absolutely, and an argument can be made about captive ecosystems controlling both clients and servers. They also represent a single point of failure, so there's no magic bullet. In practice it's also not that different than keeping up with your browser's/OS'/phone's updates and XMPP has that for itself that it has (unlike Matrix) a vibrant community of clients and servers supported by diverse parties (commercial and not).

No privacy nightmares compared to WhatsApp

My whole point was that between Signal and WhatsApp, none is intrinsically better than the other in this regard. Both are centralized and collect the same amount of privacy-sensitive data about you (your online presence and patterns, your IP, your network graph, the routing of your messages and their nature…), because they need that to function. Whether they log it (irrespective of what they advertise) is one thing nobody but themselves can verify and where opensource plays no role.

Matrix/XMPP are only better because you can self-host if you trust no one, or choose whom to trust, or change whom to trust along the way without incurring a total loss of your contacts, histories, assets, …

IMO, the sales pitch for XMPP/Matrix shouldn't be "we are better/more secure/more privacy focused by design" (and it's pretty clear that the tech-illiterate majority doesn't care anyway), it should be "with us, you will no longer have to jump ship every 5 years in avg. because facebook/google/amazon/some oligarch/… broke their promise/used their absolute power over your account to their discretion".

I’m selfhosting a Matrix server and have all my Chats from other apps also bridged to there.

Same here, but with XMPP in place of Matrix. For historical context, XMPP was invented about 25 years ago on the premise that people were already tired of having their instant messaging scattered over multiple protocols (rather than Signal, Telegram, WhatsApp, Discord, iMessage now, it was Yahoo, MSN, AIM, ICQ, … then), so bridging is very much front and center in the XMPP world. Over time, people also realized that bridging sucks in general (you either dumb down your client to the lowest common denominator which sucks for yourself, or your client isolates itself from the source protocol enough that it sucks for everyone else).
To add insult to injury, most modern protocols also forbid, by their ToS, the use of alternative clients (which very much includes bridges), and to the best of my knowledge WhatsApp, Signal and Discord will eventually suspend your account on this basis.
Matrix is still trying to carve a niche for itself in this space, and is failing IMO (judging by the quality/security of the bridges they have come-up with, and the recent libera.chat fiasco). I'd say that the situation in this regard in XMPP is only marginally better due to the fact that XMPP had a decade headstart to fail and try over, and I would not recommend using bridges on either of them if that can be avoided.

It XMPP better for group VC?

I'd say "it depends". Fun fact, Matrix uses jitsi-meet under the hood (which is XMPP + a media transcoding/multicasting component that doubles as a relay), and jitsi-meet is my recommendation for this use-case: as long as the central server has good bandwidth, you can really scale up your VC to many attendees. On top of that, XMPP has support for peer-to-peer group VC, with the benefit that hosting is simpler, it doesn't require any central component/relay (but the bandwidth cost is incurred on all participants and you won't go beyond a handful of attendees that way).

that's not even true, if you search "matrix", element is your first result, if you type XMPP, you get "Conversations", exactly as you would expect.

I'd rather push for XMPP personally, the matrix protocol has been a dumpster fire in an "almost ready, trust me bro" state for as long as it has existed, and failed to justify its own weight and complexity. But that's mostly irrelevant since they are open protocols and can somewhat bridge with one another.

Matrix and XMPP have plenty of apps installable from those stores as well, not sure what your argument is about?

I think you got lost because self-hosting is very much the point of this community :)

The Keep features you enumerated are pretty rudimentary, and none of that requires the sheer engineering power of a Google to be delivered securely and effectively. Take something like quillpad for instance, it shares a lot of UI paradigms with Keep, but expands in every direction to make the note taking experience and keeping them organized better. So indeed, Google Apps as a captive ecosystem is hard to beat, but resisting the urge to put all your eggs in their basket has some enormous perks which people with experience value a lot.

What Matrix metadata leakage are you talking about? Regarding XMPP, I am not aware of anything like it, and I suspect that this leakage you are talking about is just standard client-server signaling, where in federated protocols like Matrix and XMPP you can chose whom to trust (or self-host) whereas in all other cases your metadata isn't just centralized and consolidated, you have no recourse and knowledge about what's being done with it.

On the side of XMPP, OMEMO (which is XMPP's take on double ratchet encryption à la Signal) is standard across the board of all maintained clients, so you wouldn't be less secure there than on e.g. Signal or Telegram, so your take on XMPP's security isn't factual.

Why use Signal over XMPP and Matrix? Signal is centralized and wants you to stay in check, using their crappy client, giving away your phone number, and all your presence, social graph and other privacy sensitive information to a single actor (which can't be yourself, because you can't self host signal) and that has nothing to back it up other than "trust me bro, I'm gonna do no harm, but also I control all your communications under my own terms and conditions and there's nothing you can do about it".

People don't choose, people use whatever most people around them use. Whatsapp and telegram are both centralized, and shouldn't be trusted because, by the nature of it, they can (and eventually will) turn user-hostile.

Messengers come and go, if we really want to make some progress in this area, we should embrace federated and p2p protocols as the logical evolution. Anything else is just wasting time and user privacy.

IIRC, Nintendo switches use xmpp extensively as well. Whatsapp is a modified version of xmpp. Many apps in the wild use xmpp for notifications, signaling and pubsub.

I admire how Microsoft keeps repeating the same mistakes over and over again. At some point a decade and a half ago everyone was laughing at them for having IE, then already understood as a buggy and insecure piece of crap, running in the windows kernel space, with them explaining (in some lengthy Ars Technica piece) that it was depended upon from everywhere, and that the windows kernel internals were practically a tangled hell.

I suppose they finally got out of their way to remove IE, just in time to establish blink in its place. The king is dead, long live the king, I guess.