Whether you’re really passionate about RPC, MQTT, Matrix or Nostr, tell us more about the protocols or open standards you have strong opinions on!
I used to have an open public SIP address that would ring a home phone, complete with a retro answering machine, but nobody uses SIP…
[…] nobody uses SIP…
Say what?
In my part of the world signaling for literally every phone call, be it mobile or fixed, traverses networks and operators using SIP.
XMPP
Why is that preferable over Matrix?
Matrix came 15 years after XMPP, so the question should be: why is Matrix preferable? Does it bring anything to the table, other than fragmentation?
I don’t believe that its existence causes more fragmentation than it remediates. https://news.ycombinator.com/item?id=36939482 explains why I consider Matrix fundamentally superior most (if not all) uses, although in practice it’s because the clients (Element and FluffyChat primarily) are cross-platform and support a generally uniform set of features, in comparison to the aged (but glorious) Pidgin, and its counterparts.
Your hackernews post and the fact you mention Pidgin shows that you haven’t used xmpp in the last 10 years. By the time Matrix was first released, xmpp had history sync.
Which is why I can’t wrap my head around why a second protocol with no features that didn’t already exist in XMPP took over.
I used it yesterday, via Pidgin. I’m
rokejulianlockhart@xmpp.jp. Why else would I have referenced it? Don’t tell me what I’ve done. That’s not a way to have productive conversations.Regardless, I can’t provide any more technical insight than that - I know solely that the clients provide so much more functionality that irrespective of the protocol, it’s better in practice. Fedora, openSUSE, the Bundeswehr, NATO, and Beeper - all chose Matrix over XMPP, not least partially because of Element (which they also all chose).
It’s kinda more resposive than Matrix for me.
Yeah, my experience with Element and a Matrix.org account is that it’s sluggish. However, it’s been better at Beeper, so I’m uncertain whether it’s intrinsic to Matrix or merely Matrix.org and/or Element’s servers.
I’d love to see more adoption of… I2C!
Bazillions of motherboards and SBCs support I2C and many have the ability to use it via GPIO pins or even have connectors just for I2C devices (e.g. QWIIC). Yet there’s very little in the way of things you can buy and plug in. It feels like such a waste!
There’s all sorts of neat and useful things we could plug in and make use of if only there were software to use it. For example, cheap color sensors, nifty gesture sensors, time-of-flight sensors, light sensors, and more.
There’s
lmsensorswhich knows I2C and can magically understand zillions of temperature sensors and PWM things (e.g. fan control). We need something like that for all those cool devices and chips that speak I2C.I2C is a bit goofy though. As a byproduct of being an undiscoverable bus you basically just have to poke random addresses and guess what you’re talking to. The fact lmsensors i2c detection works as well as it does is a miracle. (Plus you get the neat issue where even the act of scanning the bus can accidentally reconfigure endpoints)
Yeah, the lack of proper discoverability on i2c truly sucks. You have to just poke random addresses and hope for the best to see if an i2c device exists on the bus. It’s a great standard but I wish it would get updated with some sort of plug and play autodetection feature. Standardized device PID/VID system like USB and PCI would be acceptable or a standardized register that returns a part string. Anything other than blindly poking registers and hoping you’re not accidentally overvolting the CPU or whatever because the register on your expected device overlaps with the overvolt the CPU register on the same address of a different device.
If you have an unused VGA port, you can use the DDC pins for I2C. Be sure to add ESD protection if you do this. An I2C isolator would be even better.
I2C is really not meant to be used over cables. It has a very limited common mode input voltage range and it can’t handle much capacitance on the bus.
Except that in the case of VGA (and DVI, HDMI, and DisplayPort) the i2c interface is intended for use over the cable. All of those ports have a pair of i2c pins and corresponding wires in their cables. The i2c interface is used for DDC/EDID which is how the computer can identify the capabilities and specifications of the attached display. DDC even provides some rarely-used control functionality. Probably the most useful of which is being able to control the brightness of the display from software. I use the ddcci module on Linux and it lets me control my desktop monitor brightness the same way a laptop would, which is great. I have no idea why this isn’t widely used.
Edit:
This i2c interface is widely used to control the lighting on modern graphics cards that have RGB lighting. We’ve spent a lot of time reverse engineering these chips and their i2c protocols for OpenRGB. GPU chips usually have more i2c buses than the cards have display connectors, so the RGB chip is wired to one of the unused buses. I think AMD GPUs tend to have 8 separate i2c buses but most cards only use 4 or 5 of them for display connectors. There is also an i2c interface present on RAM slots normally used for reading the SPD chip that stores RAM module specifications, timings, etc. This interface is also used for RAM modules with controllable RGB lighting.
Remember SOAP? Remember XML-RPC? Remember CORBA?
Those were not very good.
I had to do some soap integration last year and it feels like it only got worse with age.
I’m really into CloudEvents because I love event-driven systems, and since events can come from, or be consumed by, so many different services, having a robust spec is super duper useful.
So what problem is this solving? What are some event-driven systems that need to interoperate? Seems like even if you have a common encapsulation method, you still need code to understand and deal with the message body. Just seems like an extra layer around a JSON blob.
Why should this be at the editor level? There should be a linter that applies all these stylistic formatting changes to all files automatically. If the developer’s own editing tools or personal workflow have a chance to introduce non-standard styles to the codebase, you have a deeper problem.
Why should this be at the editor level?
Because for every programming language there’ll be people using text editors, but you’ll never succeed in even creating code formatters for them all.
The greatness in this project is in aiming low and making things better through simple achievable goals.
XMPP
Call me old fashioned, but I still call it Jabber.
🙂
Why not matrix?
You’re going off-topic from the OP question :-) But to answer your new question : I do not trust Matrix enough when it comes to privacy. I know that this link is old but still. https://disroot.org/en/blog/matrix-closure
Then again I do not trust Signal that much either but sometimes compromises need to be made to get things done. With XMPP the end user can host their own server if they wish to, without meta data going to a centralized point. And video calls via XMPP and Conversations were a pleasure to use when I used it during the Covid-19 pandemic.
I came here to say matrix but I’m not gonna lie. If XMPP had gotten the traction it deserved we wouldn’t need matrix.
RSS (RDF Site Summary or Really Simple Syndication) It is in use a fair amount, but it is usually buried. Many people don’t know it exists and because of that I am afraid it will one day go away.
I find it a great simple way to stay up to date across multiple web sites the way I want to (on my terms, not theirs) By the way, it works on Lemmy to :)
Honestly there is rarely a blog I want to follow that doesn’t have it. I do think it would be great to have more readers using it so that it becomes more significant, but for my reading it is actually pretty great.
RSS. It’s still around but slowly dying out. I feel like it only gets added to new websites because the programmers like it.
It’s seen it’s renneisance recently
Sadly so many rss feeds are just the first paragraph and not the whole article
How so? Outside very niche stuff or podcasts I just don’t seem to it used that often.
Most websites still use standard back ends with RSS support. Even static site generators also do it. The only difficulty is user discovery.
Yeah… It always being there hardly makes it a “renaissance”, no?
90% of the bullshit mass emails at my work could be an RSS feed.
“THIS WHOLE MEETING COULD HAVE BEEN AN RSS FEED!”
WebSub (formerly PubSubHubbub). Should have been a proper replacement for RSS with push support instead of polling. Too bad the docs were awful and adopting it as an end user was so difficult that it never caught on.
I still want something push based (without paying for those rss as a service)
deleted by creator
Oh neat! I didn’t know this existed. By any chance, do you know of any RSS readers that have implemented it?
deleted by creator
Theres quite a few sites that still use it and existing ones in the Fediverse have it built in (which is really cool). But your right, the general public have no concept of having something download and queue up on a service rather than just going to the site. And the RSS clients are all over the place with quality…
I wish more websites would use RSS Feeds. :-(
Matrix… it’s on such a good path I can’t complain. Adoption could be faster but it’s alright.
I2p, although I have no idea if the lack of adoption has not a very good reason.
I love i2p. I wish it had more adoption / was easier to use.
I second Matrix, though I’ve been waiting for e2ee direct p2p (the Dendrite project) do be worked on for a while. Having something like that, that’s truly decentralized while secure and hiding metadata where possible, would be a dream.
Apparently dendrite is just on maintenance due to insufficient funds. It was what i set up on a test instance because it is lighter, etc. Go figure.
Conduit might be an option. It’s still under development. It’s also lightweight due to Rust (instead of Python as in Synapse).
deleted by creator
Persistent object ooze prevention? Yes, that’s a solved problem.
We should definitely be switching to the specification in RFC 6214. IPoACv6 is the latest standard.
Can you please explain what this is?
They are humorous IETF standards published on 1 April over the years. These are specifically about implementing internet protocols using carrier pigeons instead of more traditional media like wires or optical fiber.
Look at the date of the linked RFC documents…
I sincerely wish all of my messages were delivered to me by an owl holding a scroll.
i wish all the big players would agree on one of the many open chat and IM protocols. it’s like kindergarten where the toddlers don’t want to share toys
Was it really back in 2009 that both Google and Facebook used XMPP compatible chats? Those were the days.
I was the cool guy with all the chats in one place: Pidgin.
We had the future in our hands but our corporate platform overlords made a wrong turn at Albuquerque.
I wish people used email for chat more. SMTP is actually a pretty great protocol for real time communication. People think of it as this old slow protocol, but that’s mostly because the big email providers make it slow. Gmail, by default, waits ten seconds before it even tries to send your message to the recipient’s server. And even then, most of them do a ridiculous amount of processing on your messages that it usually takes several seconds from the time it receives a message to the time it shows up in your account.
There’s a project called Delta Chat that makes email look and act like a chat app. If you have a competent email service, I think it’s better than texting. It doesn’t stomp on the images you send like SMS and Facebook do, everyone has it unlike all the proprietary services, and you can run your own server for it that interacts with everyone else’s servers.
Unfortunately, Google, Microsoft, etc all block you if you try to run your own server “to protect against spam”. Really, I’m convinced that’s just anticompetitive behavior. The fewer players are allowed to enter the email market, the less competition Gmail and Outlook will have.
As much as I like ProtonMail too, unfortunately their encryption models prevents it from working with Delta Chat. I’d love to see Proton make a compatible chat app that works with their service.
I made an email service called Port87 that I’m working on making compatible with Delta chat too. I’d love to see people using email the way it was originally meant to be used, to talk to each other, without being controlled by big businesses.
SMTP is actually a pretty great protocol for real time communication.
remembers greylisting is a common thing
Yes, I mentioned that. That’s not a protocol issue, that’s a big business controls everything issue.
The delay is there because email has no deletion support.
And a host of other shortcomings.
I’d rather we replaced email with matrix
If you’re relying on the remote server to delete something, you can’t trust it no matter what protocol you’re using.
For a regular email, the chance to undo might be fine, but for real time communication, it’s just an unnecessary road block.
Maybe if it was optional per recipient, or per conversation, or better yet, depending on the presence of a header, it might be fine. Gmail only supports all-on or all-off.
SMTP is a terrible protocol. Text based for sending effectively binary data with complex header wrapping and “generate a random delimiter” framing. We really need a HTTP/2 of SMTP.
That being said I agree that it exists and works. The biggest blocker to more IM-style communication is largely the UI and user expectations. I have no problem having quick back-and-forths over email but most people don’t expect it.
Fair enough. Sending binary data over SMTP adds a lot of overhead, because it all has to be encoded. We should fix that.
Oh, another awesome thing about email is that you can ensure that your address is always yours, even if you use an email service provider like Gmail. Any provider that supports custom domains will allow you to use your own domain for your address, then if you want to change your provider, you keep your address. So, since I own hperrin.com, I can use the address me@hperrin.com, and I know it’ll always be mine as long as I pay for that domain.
This is a much better model than anything else. Even on the fediverse, you can’t have your own address unless you run your own instance.
If your email service provider goes out of business or gets sold off (skiff.com, anyone?), as long as you’re on your own custom domain, your address is still yours.
I’m working on custom domains for Port87. It’s definitely a feature I think every email provider should offer.
Yes, I shifted to my own domain after my default ISP of 20 years decided that email was just too hard, you know? They didn’t outright say it, they just started batch processing emails so that I’d get all my daily emails at around 2 am the next day. Super handy for time limited password reset emails!
A few hours reading a guide and setting up a $5/mo linode email server with SPF and dmarc, a few more hours transferring 20 years of IMAP mail from my old account to a folder, and a month or so of changing a few site contact emails over each day when they emailed something to my old account, and now I’ve got an email server on my own domain that is 10 times faster at sending/receiving mail than my old ISP ever was.
And now I can have amazon@mydomain.com and career@mydomain.com and random other disposable addresses so that when they are inevitably sold off for the $$$ I can just dump them and maintain a spam free inbox.
IPv6. Lack of IPv4 addresses it’s a problem, specially in poorer countries. But still lots of servers and ISPs don’t support it natively. And what is worse. Lots of sysadmins don’t want to learn it.
Lots of really large sites are horribly misconfigured. I had intermittent issues because one of the edge hosts in Netflix ‘s round robin dns did not do MTU discovery properly.
Say this to my very large Canadian ISP who still doesn’t support IPv6 for residential customers. Last I checked, adoption in Canada was still under 50%.
50%?? I fucking wish. In Spain we are at 5%. I finally got IPv6 in my phone this year, but I want it in my home, which is still only available as IPv4 even if they’re the same ISP.
My university recently had Internet problems, where the DHCP only leased Out iov6 addresses. For two days, we could all see which sites implemented iov6 and which didn’t.
Many big corpo sites like GitHub or discord Apperently don’t. Small stuff like my personal website or https://suikagame.com do.
github is so stupid with that, it’s actually funny
That’s a fun little game there!
IPv6 is great, but NAT is quite functional and is prolonging the demise of IPv4.
My isp decided to put me behind a CGNAT and broke my access to my network from outside my network. Wanted to charge me $5 a month to get around it. It’s not easy to get around for a layman, but possible. More than anything it just pissed me off that I’d have to pay for something that 1 day ago was free.
How can you bypass CGNAT?
Set up a reverse proxy on another machine (like one of those free oracle cloud things). I can’t go into detail because I don’t know exactly how. I think cloudflare also has options for that for free. Either way it’s annoying.
Cloudflare tunnel, and its alternatives, such as localXpose, altho the privacy is probably questionable, and a many of them require a domain.
NAT is functional as long as you like NAT, which im pretty sure nobody likes, so uh.
Plenty of people like NAT.
the only people that like nat are network admins, and ISPs.
Everyone else hates them. The rest don’t care, but they wouldn’t know a NAT if it hit them in the face.
NAT is also good security wise. Personally I’d rather the inside of my network stay completely anonymous
Found the guy that does not want to learn IPv6!
NAT is not for security, that’s what the firewall is for. Nobody can access your IPv6 network unless you allow access through the firewall.
I don’t think they were talking about access to the network.
“The inside of the network stay anonymous” sounds like they are talking about internet access to the internal network.
If computers connect to others through the internet, the IPv6 address can reveal how many computers there are on the local network, and if certain traffic to different destinations are coming from the same computer, but also if one of the computers has gone offline but then resumes from sleep/hibernation.
To me their comment means they want to avoid that, and I agree, I want to avoid that too. To fix these, I would need to configure NAT on my router for IPv6.Yes IPv6 address privacy extensions help somewhat, but
- computers won’t use a different v6 address for every distinct destination, they will just start using a new one from time to time
- computers won’t stop using the old v6 address immediately after wakeup
With v4 addresses these did not really matter, because everything was being sent from the same public IP, and and outside observer could only see what a “network” is doing collectively. But with v6 an address identifies a computer, across websites/services. Even if it’s just for a "short’ time, even if the address is randomized.
If you want privacy, you need some kind of VPN or onion routing. Even if everything you list were correct, the difference between IPv4 and 6 for privacy would be marginal.
You can have that with ipv6, too.
You’re thinking of a firewall. NAT is just the thing that makes a connection appear to come from an IP on the internet when it’s really coming from your router, and it’s not needed with IPv6. But you would not see any difference with IPv6 without it.
You’re thinking of a firewall. NAT is just the thing that makes a connection appear to come from…
That connection only “appears to come from” if I explicitly put a rule in my NAT table directing it to my computer behind the router doing the NAT-ing.
Otherwise all connections through NAT are started from internal->external network requests and the state table in NAT keeps track of which internal IP is talking to which external IP and directs traffic as necessary.
So OP is correct, it does apply a measure of security. Port scanning someone behind NAT isn’t possible, you just end up port scanning their crappy NAT router provided by their ISP unless they have specifically opened up some ports and directed them to their internal IP address.
Compare this to IPV6 where you get a slice of the public address space to place your devices in and they are all directly addressable. In that case your crappy ISP router also is a “proper” firewall. Strangely enough it usually is a “stateful” firewall with default deny-all rules that tracks network connections and looks and performs almost exactly like the NAT version, just without address translation.
So OP is correct, it does apply a measure of security. Port scanning someone behind NAT isn’t possible, you just end up port scanning their crappy NAT router provided by their ISP unless they have specifically opened up some ports and directed them to their internal IP address.
You end up just port scanning their crappy router on IPv6 as well because ports that are not opened are stuck at the firewall either way, no matter if you use IPv4 or IPv6.
Just because every device gets a public IP does not mean that IP is publicly accessible.
An advantage that IPv6 has against port scanning is the absurdly large network sizes. For example, my ISP gives me a /56 prefix, that is 4,722,366,482,869,645,213,696 IPv6 addresses. Good luck finding the used ones with the port open you need.
Even with just a /64 prefix you get 18,446,744,073,709,551,616 addresses, way outside the feasibility of port scanning.
No. Stop spreading that myth. NAT does fuck all for security. If you want a border gateway, you can just have a border gateway.
Am sysadmin, can confirm I don’t wanna learn it.
Also a sysasmin, really don’t wanna learn it…or have to type it on the daily
