I could not find a definitive answer on Twitter, but does that mean Eve players will become one of the biggest XMPP users group? I wonder if Eve enables federation and chatting with outsiders using regular XMPP clients.
> I wonder if Eve enables federation and chatting with outsiders using regular XMPP clients.
It's not planned. To be precise in the beginning nothing will change for the players. They might be able to send messages which are four times as large.
As far as i know a modern more modular design was the main reason. And thus offload some of the CPU utilisation to not-game server.
More comments from the Dev here [0] and partly [1] here.
10-20k concurrent users is nothing. I maintained ejabberd with 500K concurrent and built customj Erlang systems handling million of concurrent users per node.
Depends on what you class as a group. It is unlikely that their unfederated server will come close to the number of users on even the 114 public federated servers, much less all the federated private servers.
I noticed something interesting while looking; it appears that at least one public XMPP server has experienced a recent large influx of new users.
>"The number of daily active users has increased more then three-fold in the last year alone." [1]
OK, thanks. I hadn't thought such a thing would be worth the bother, but I guess spam will find a way.
I guess the eventual problem here is that everyone affected will turn off reception of messages from strangers. That would make XMPP somewhat less useful as a general method of getting in touch with someone.
I am happy that XMPP gets some love. Centralised messengers are a real problem now. People on whatsapp are only reachable on whatsapp, same for viber, messenger, skype, ... We are in a really stupid situation. XMPP works now, is decentralised, has secure E2E encryption, is not controlled by a single entity, and has good clients for android and desktop (iOS is unfortunately missing).
WhatsApp, the most popular messenger, does not allow chat sync. It's single device even. I don't think that's part of the features the average user values.
Not true in all cases. They have a wonderful backdoor into your the phone app so you can use the webchat/desktop app. You scan a code and it will allow the website to connect to your phone and download all your messages/photos/etc and talk real time to friends.. Funcionally identical to telegrams desktop app (except, obviously, using your phone as a gateway of some kind).
This functionality makes me nervous honestly, because if the app allowed connections like this silently and downloads your details then wouldn't it be possible to just bypass the QR code for WhatsApp's server team?
(Also, when I point this out I always get downvotes, so, maybe a response this time?)
More likely - app is relatively secure but it collects and stores all that private info, then they need to work in some dictatorship or paranoid country (essentially a majority of all countries) and then those governments require storing info on their own local servers with which they can either comply or be banned, and then either government misuses this info or it gets hacked and malicious 3rd party misuses this info.
How is this different from e.g Telegram web client? I don't see a reason why this couldn't be done safely. I wonder if it's possible to prevent Whatsapp from serving some people a modified web client though.
Anyway, as much as I dislike Telegram, their desktop client is UX-wise miles ahead of web clients or electron trash.
The problem I have with telegram is that /by default/ it's security is very poor. It's stored and relayed by their servers so you can have a unified chat history.
However, if you hit the secret chat button I don't see a reason to think that this is stored in any way by them (and auditing the client I use confirms this for Qt linux desktop/iOS)
Your running into exactly the problem that Signal faced when people asked for a web client. It can't really be done securely unless you're willing to put ultimate trust in Signal's servers and the CA system.
Btw, the web app knows when the phone battery is low and warns about it. IMHO it's too much information going from my phone to WhatsApp and I don't know what's the real reason they need it. It's not like the phone doesn't have its own battery warning. Anything else going from the app to their servers?
You do know that the connection between the web app and the phone is E2E encrypted, right? You're doing a key exchange when you scan the QR code.
Unless you think FB is intentionally poisioning their web interface and serving malicious clients that break their own security you've got nothing to worry about with respect to these features.
Being able to know that the phone my chat is proxying through is about to die is pretty valuable.
Isn't a lot of it's popularity among users who only have one device? I've only met one person who I know used WhatsApp, and that was just to talk to his parents in India.
WhatsApp isn't really single device in practice; sure all the messages are routed through (usually) your phone but there's very little friction to using n devices. I'm logged in from 4 different machines right now.
Chat sync really isn't the best statement of the problem because the feature that people want is that all clients see the entire authoritative chat history. WhatsApp solves this problem in a way that is largely invisible to the user without relying on a central message store.
Fortunately none of that can't be done in a decentralized fashion. :) I think there's one big advantage for "people" in it too - being able to use your favorite client, whatever it is.
But I think the major hurdle in this situation is (as usual?) not about an well organized colorful emoji library, but offering something that is clearly better than what we have now in order to disrupt the status quo. :(
The major hurdle in this situation is that most XMPP clients are developed by FOSS volunteers or small underfunded developer groups. There is no VC monetization concept to be built on top of federated messaging, and there is no benevolent billionaire spending 50M USD for the development of awesome XMPP clients.
Matrix has created great clients for the major platforms with a dozen paid developers; Signal had a handful of developers as well. Conversations[0] on Android is a proof that a single dedicated developer can create a great and standards-compliant XMPP messenger.
Conversations has had frequent complaints about battery life issues, which to my knowledge have always been closed with some variation of "just ask about this on the chat" and/or "this is not something that can be fixed". In the past, I've noticed it doesn't work well for my battery life personally as well (so it's not just rumour).
For something that needs to run on a phone, battery life is one of the most important factors to make something actually useful. While the GUI looks great and I don't remember any usability warts, I don't think it's fair to recommend something with an issue this big.
Conversations is keeping its own TCP connection to the server. Battery usage depends on how many XMPP contacts you have, which modules your server has enables and whether you have the F-Droid or the Google Play version of the app. Come to the chat to find out what it is in your case ;-)
Signal also requires biometrics to be shared with the govt for 1/6th of the world's population (India) by insisting on a phone number for registration.
I wonder if there would be interest in sim swap parties. This is an idea I had with Oyster cards in London where you get together and swap Oyster cards with other people to confound the profile building.
You might, however, get investigated (search warrant etc) because unless such mixing becomes really common, it's reasonable for the authorities to suspect you for the crime in the first instance.
This is a myth. If you didn't commit a crime, you aren't on the hook for it.
This is a nice theory. In Germany, if you are the owner of a SIM card associated with a crime, it is well possible that a prosecutor will consider this sufficient for a warrant, and the police will visit you early in the morning, taking away all your digital devices for something between three months and some years.
Regarding the Wi-Fi hotspot examples you provided (which are not quite the same), in Germany there is a nice legal construct called the "Störerhaftung" (liability for interference), in which you have a civil liability for e.g. copyright violation commited over your uplink.
> This is a nice theory. In Germany, if you are the owner of a SIM card associated with a crime, it is well possible that a prosecutor will consider this sufficient for a warrant, and the police will visit you early in the morning, taking away all your digital devices for something between three months and some years.
Like I already said: just because you aren't already on the hook for it doesn't mean that you won't be legitimately suspected of the crime in the first instance.
In many countries, burner phones require registration with biometrics as well.
For example, Germany requires registration of burner phones with ID or passport before any network is allowed to activate the SIM. The ID and passport obviously are linked to your fingerprints and face.
Signal is advertised to people in oppressive regimes as a solution to avoid the government from snooping on their messages (this security from nation states is further implied due to their framing of Snowden comments).
Requiring an identifier that’s linked to a government ID is the opposite of that.
It works in the US where the govt doesn’t even understand the meaning of the word “privacy” so, yes it seems to work. It works elsewhere too, but understandably it might require money or effort to get going.
I'm wondering if this isn't a lost opportunity by not leveraging something a little more modern like the matrix protocol (which is still decentralized)??
As someone who's worked with ejabberd I was about to suggest they're in for a headache but it looks like the peak player count for Eve Online is something like 65k users. They might not even have to cluster.
Well, the most difficult part is to understand how the Erlang VM / Environment works.
Once you have set it up, ejabberd just works. You can have massive scale and large uptime. This, ultimately, saves bigger headaches.
Well, in practice, it is more than a promise. You are not forced to use Mnesia. You can use other backends to simplify the ops. Yes, it is as simple and make managing the platform a breeze. You need to be as stateless as possible.
An interesting aside for the unfamiliar: Eve Online's server is a monolithic app built in Python 2.7 [0]. Anecdotally, it is a hellscape of spaghetti code, sparse documentation, and features whose implementation details are quite literally lost (in that no current maintainer knows how they work or where in the codebase they exist).
69 comments
[ 1.7 ms ] story [ 106 ms ] threadIt's not planned. To be precise in the beginning nothing will change for the players. They might be able to send messages which are four times as large.
As far as i know a modern more modular design was the main reason. And thus offload some of the CPU utilisation to not-game server.
More comments from the Dev here [0] and partly [1] here.
[0] https://forums.eveonline.com/t/dev-blog-new-chat-backend-com... [1] https://forums.eveonline.com/t/dev-blog-preparing-for-the-fu...
(Filter by clickning on the blue [DEV] avatar near "Frequent Posters" and select 'x post in this thread' to only see posts from that developer.
They mention 3.4 million concurrent users online.
From what they say on clustering, it looks that this is also ejabberd.
And this is on a single node. ejabberd can scale to a huge number of concurrent users.
I noticed something interesting while looking; it appears that at least one public XMPP server has experienced a recent large influx of new users.
>"The number of daily active users has increased more then three-fold in the last year alone." [1]
[1] https://jabber.at/b/temporary-suspension-of-registration/
https://yaxim.org/blog/2017/12/22/spam-reduction-on-yax-dot-...
https://www.bleepingcomputer.com/news/security/xsender-the-s...
https://github.com/ge0rg/jabber-spam-fighting-manifesto
I guess the eventual problem here is that everyone affected will turn off reception of messages from strangers. That would make XMPP somewhat less useful as a general method of getting in touch with someone.
EDIT: Or maybe Android users; looks like GCM is also XMPP behind the scenes.
I am rooting for an XMPP comeback.
This functionality makes me nervous honestly, because if the app allowed connections like this silently and downloads your details then wouldn't it be possible to just bypass the QR code for WhatsApp's server team?
(Also, when I point this out I always get downvotes, so, maybe a response this time?)
Anyway, as much as I dislike Telegram, their desktop client is UX-wise miles ahead of web clients or electron trash.
The problem I have with telegram is that /by default/ it's security is very poor. It's stored and relayed by their servers so you can have a unified chat history.
However, if you hit the secret chat button I don't see a reason to think that this is stored in any way by them (and auditing the client I use confirms this for Qt linux desktop/iOS)
Unless you think FB is intentionally poisioning their web interface and serving malicious clients that break their own security you've got nothing to worry about with respect to these features.
Being able to know that the phone my chat is proxying through is about to die is pretty valuable.
But I think the major hurdle in this situation is (as usual?) not about an well organized colorful emoji library, but offering something that is clearly better than what we have now in order to disrupt the status quo. :(
Matrix has created great clients for the major platforms with a dozen paid developers; Signal had a handful of developers as well. Conversations[0] on Android is a proof that a single dedicated developer can create a great and standards-compliant XMPP messenger.
[0] https://conversations.im/
For something that needs to run on a phone, battery life is one of the most important factors to make something actually useful. While the GUI looks great and I don't remember any usability warts, I don't think it's fair to recommend something with an issue this big.
Thus, in theory, the gov has access to it too.
This is a myth. If you didn't commit a crime, you aren't on the hook for it. For example: https://arstechnica.com/information-technology/2016/08/publi...
You might, however, get investigated (search warrant etc) because unless such mixing becomes really common, it's reasonable for the authorities to suspect you for the crime in the first instance.
Edit: perhaps a better example is https://torrentfreak.com/eu-court-open-wifi-operator-not-lia...
This is a nice theory. In Germany, if you are the owner of a SIM card associated with a crime, it is well possible that a prosecutor will consider this sufficient for a warrant, and the police will visit you early in the morning, taking away all your digital devices for something between three months and some years.
Regarding the Wi-Fi hotspot examples you provided (which are not quite the same), in Germany there is a nice legal construct called the "Störerhaftung" (liability for interference), in which you have a civil liability for e.g. copyright violation commited over your uplink.
(IANAL)
Like I already said: just because you aren't already on the hook for it doesn't mean that you won't be legitimately suspected of the crime in the first instance.
https://en.wikipedia.org/wiki/Aadhaar
1. Use your phone number
2. Don’t use Signal.
I don’t see a "don’t use the phone number, but still use Signal" option there.
For example, Germany requires registration of burner phones with ID or passport before any network is allowed to activate the SIM. The ID and passport obviously are linked to your fingerprints and face.
Signal is advertised to people in oppressive regimes as a solution to avoid the government from snooping on their messages (this security from nation states is further implied due to their framing of Snowden comments).
Requiring an identifier that’s linked to a government ID is the opposite of that.
At the stated goal, of being a free app to allow people to avoid government surveillance, Signal is failing horribly.
0 - https://www.eveonline.com/article/stackless-python-2.7/