Re: [Gajim-devel] Hardcoded Proxy65 instances
Op di, 23-05-2006 te 15:09 +0300, schreef Dimitur Kirov: > The problem with updating obsolete user settings remains. User settings are only obsolete when they aren't used anymore (which wasn't the case here!) and then they can be removed entirely. -- Jan Claeys ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
On Tue, 23 May 2006 13:44:08 +0200 Jan Claeys <[EMAIL PROTECTED]> wrote: > Op di, 16-05-2006 te 15:09 +0300, schreef Dimitur Kirov: > > @Jan Claeys <[EMAIL PROTECTED]> wrote: > > > As far as I understand, Florian configured proxy65.jabber.ccc.de > > > by hand, and an upgrade script replaced it by other proxies? In > > > that case I understand very well why he's angry... > > > It is not like that. proxy65.jabber.ccc.de was one of the default > > proxies since version 0.9. There was no way for to guess that user > > has manually set a default value. It was discussed here: > > http://trac.gajim.org/ticket/950 > > In this thread you just say that you don't like the chosen > > solution. > > If I understand that discussion correctly, gajim _copies_ the defaults > into the user's configuration, so they aren't really "defaults" > anymore, but are indistinguishable from user settings? > Yes, this is what happens. > A better solution is to keep those separate & only merge them at > runtime (and you could also implement three levels: default, system, > user). The default values would be kept with the program (and would > get updated with every program update), system config (if used) would > go somewhere under /etc on linux, unix, etc., and user config goes > somewhere in de user's $HOME. > It will be good, similarly to gconf.xml.defaults. This will allow administrator, or package maintainer to set different defaults. The problem with updating obsolete user settings remains. Maybe we can use wizard, when the setting update requires it. > If I understood that correctly I'll add the above to the bug report... > thanks. __ D. Kirov ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
Op di, 16-05-2006 te 15:09 +0300, schreef Dimitur Kirov: > @Jan Claeys <[EMAIL PROTECTED]> wrote: > > As far as I understand, Florian configured proxy65.jabber.ccc.de by > > hand, and an upgrade script replaced it by other proxies? In that > > case I understand very well why he's angry... > It is not like that. proxy65.jabber.ccc.de was one of the default > proxies since version 0.9. There was no way for to guess that user has > manually set a default value. It was discussed here: > http://trac.gajim.org/ticket/950 > In this thread you just say that you don't like the chosen solution. If I understand that discussion correctly, gajim _copies_ the defaults into the user's configuration, so they aren't really "defaults" anymore, but are indistinguishable from user settings? A better solution is to keep those separate & only merge them at runtime (and you could also implement three levels: default, system, user). The default values would be kept with the program (and would get updated with every program update), system config (if used) would go somewhere under /etc on linux, unix, etc., and user config goes somewhere in de user's $HOME. If I understood that correctly I'll add the above to the bug report... -- Jan Claeys ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
@Jan Claeys <[EMAIL PROTECTED]> wrote: > As far as I understand, Florian configured proxy65.jabber.ccc.de by > hand, and an upgrade script replaced it by other proxies? In that > case I understand very well why he's angry... It is not like that. proxy65.jabber.ccc.de was one of the default proxies since version 0.9. There was no way for to guess that user has manually set a default value. It was discussed here: http://trac.gajim.org/ticket/950 In this thread you just say that you don't like the chosen solution. > (If people wanted insecure software that does all sort of sneaky > things after their back, they would be using MSN Messenger on > Windows and not a Jabber client on linux...) Me and probably most of the users agree with that. @Jan Claeys wrote > The other point is the thing with the hardcoded lists. Dont do that, > please. Jabber provides really cooler ways to realize such things. > What, for example, about a disco#items request to a specific node at > the jabberd at gajim.org which contains a list of proxies? ... I don't think this will be much better. Whether list comes from update function, or stanza it is all the same. User still needs to say: I like [EMAIL PROTECTED] and I don't like that [EMAIL PROTECTED] . Besides, gajim.org is not quite stable. Personally I think that there should be a button "Manage proxies", near the checkbutton "Use proxies for FT". Update wizard was rejected, because of not being simple, but maybe update info dialog can be accepted as "simple". Other tickets, related to FT configuration: http://trac.gajim.org/ticket/1357 http://trac.gajim.org/ticket/1751 If you have other ideas in mind, please open a ticket. Regards, __ D. Kirov ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
Hi Jan, Hi List, on Mon, 15 May 2006, Jan Claeys wrote: > A good rule about upgrade scripts is to never ever change the (meaning > of) user's own configuration, and if you _really_ have to, at least give > them notice about it. This is even more important if security and/or > privacy are involved (like in this case). > > (If people wanted insecure software that does all sort of sneaky things > after their back, they would be using MSN Messenger on Windows and not a > Jabber client on linux...) Thanks a lot. You absolutely got my point.. :-) The other point is the thing with the hardcoded lists. Dont do that, please. Jabber provides really cooler ways to realize such things. What, for example, about a disco#items request to a specific node at the jabberd at gajim.org which contains a list of proxies? This is transparent to the user, too, but is much better to maintain. You dont need update functions with every new release, and you dont run into issues like I mentioned (see the wikipedia-url for --verbose). Greetings from Berlin, Florian. PS: Yes, proxy65.jabber.ccc.de is still nonfunctional. Something weird in twisted2 changed, so the proxy does not work properly - I'll have to dig deeper into it within the next days. -- Jabber: [EMAIL PROTECTED] ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
Op ma, 15-05-2006 te 19:15 +0200, schreef Yann Le Boulanger: > Indeed we removed proxy65.jabber.ccc.de cause it was dead for a long > time. I don't understand why you're angry. I hope you don't want us to > list all non-working FT proxies ? As far as I understand, Florian configured proxy65.jabber.ccc.de by hand, and an upgrade script replaced it by other proxies? In that case I understand very well why he's angry... A good rule about upgrade scripts is to never ever change the (meaning of) user's own configuration, and if you _really_ have to, at least give them notice about it. This is even more important if security and/or privacy are involved (like in this case). (If people wanted insecure software that does all sort of sneaky things after their back, they would be using MSN Messenger on Windows and not a Jabber client on linux...) -- Jan Claeys ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
On Mon, 15 May 2006 19:34:00 +0200 Jonas Ådahl <[EMAIL PROTECTED]> wrote: > Why not use service discovery to find a bytestream proxy? I believe > people prefer to use the proxy bundled with the jabber server (if > there is one). > This is exactly what Gajim-0.10 does http://trac.gajim.org/ticket/803 So, if your account is on jabber.ccc.de and proxy65.jabber.ccc.de is up, it will be resolved on startup and used as a first proxy in the list. You can set empty value for file_transfer_proxies then. Regards, __ D. Kirov ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
Yann Le Boulanger wrote: Florian Holzhauer wrote: Dear Gajim Developers, I was today fiddling around with proxy65.jabber.ccc.de, trying to bring it back to life. However, I experienced rather weird symptoms: The Filetranfer worked perfektly, but no sign of any activity in the proxylog. Weird, huh? Some digging in the config and the source revealed really interesting things to me: Not that just proxy65.jabber.ccc.de somehow disappeared as configured proxy, I had four new ones instead: jabber.org, netlab.cz, freenet.de and chalmers.se. Some minutes later, I knew why: Some update procedure for 0.10 removes proxy65.jabber.ccc.de from the list, and some other config procedure initalizes the setting mentioned above. This sucks, and I am really angry about it. Yes, I guess I understand the reason why you guys did it. Proxy65.jabber.ccc.de was dead for quite a long time (and still is, but will be fixed today, it needs just some more fiddling in the python-source), and maybe someone found that annoying enough to "fix" it that way. But: - There is no reason for any program to silently deal with the settings *I* did set up. Especially, if the sole possibility to revert that change is somewhere buried in the Advanced Configuration Editor, and nothing told me that this setting was changed. - Jabber is about privacy, so it is - at least in my eyes - a no-go to silently route private data through some private proxies. I trust the administrators of the four mentioned jabberds above, so no offense here, but still: It is *my* decision where I want to have, send or distribute my data, not the decision of any Gajim-Developers. - Hard coded server lists are evil. Just imagine what happens if one of those proxy operators has to pay for traffic beginning next month? It will take years or a shutdown of the service to stop the traffic. And no, this is not an obscure paranoic rant, see for example the various NTP server issues, a nice overview of incidents is available at wikipedia: http://en.wikipedia.org/wiki/NTP_vandalism Please, if you really dont want to think about this "feature" of pre-polluted proxy lists, change it at least to something more dynamic like "fetching an up to date list of proxies using an query at proxylist.gajim.org". - If you blacklist something at a jabberserver, you should at least drop a note to the server admin. Please, think again about this "feature". Gajim is a really cool client which I used to recommend as one of my favourite clients. But with such weird and (even worse) undocumented behaviours... Greetings from Berlin, Florian. Dear Florian, Indeed we removed proxy65.jabber.ccc.de cause it was dead for a long time. I don't understand why you're angry. I hope you don't want us to list all non-working FT proxies ? For hardcoded list: We want Gajim to be simple for everyone. So we hardcoded this list so that users don't have ton configure FT proxies manually. Most users don't even know what a proxy is. So we can't ask them to configure it, or click a button about that. This list is all the working FT proxies we could found. If the admin don't want to make their proxy public, that just have to disable public access ! You see 4 proxies for all the world. We can't ask users to find them and configure that in Gajim ! Now about security, maybe there is a JEP about GPG over FT proxies ? If you want to be secure, just disable proxies and configure your routeur to forward you FTPort (28011) to your machine and that's it. Unfortunatly it's not possible for 99.9% of users. We have not blacklisted anything, you can re-add it by hand if you want. We just removed it from default proxies as it doesn't work. But tell us when it's back so we'll re-add it in default list with pleasure ! Why not use service discovery to find a bytestream proxy? I believe people prefer to use the proxy bundled with the jabber server (if there is one). /Jonas signature.asc Description: OpenPGP digital signature ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel
Re: [Gajim-devel] Hardcoded Proxy65 instances
Florian Holzhauer wrote: > Dear Gajim Developers, > > I was today fiddling around with proxy65.jabber.ccc.de, trying to > bring it back to life. However, I experienced rather weird symptoms: > The Filetranfer worked perfektly, but no sign of any activity in the > proxylog. Weird, huh? > > Some digging in the config and the source revealed really interesting > things to me: Not that just proxy65.jabber.ccc.de somehow disappeared > as configured proxy, I had four new ones instead: jabber.org, > netlab.cz, freenet.de and chalmers.se. Some minutes later, I knew why: > Some update procedure for 0.10 removes proxy65.jabber.ccc.de from the > list, and some other config procedure initalizes the setting mentioned > above. > > This sucks, and I am really angry about it. Yes, I guess I understand > the reason why you guys did it. Proxy65.jabber.ccc.de was dead for > quite a long time (and still is, but will be fixed today, it needs > just some more fiddling in the python-source), and maybe someone > found that annoying enough to "fix" it that way. > > But: > - There is no reason for any program to silently deal with the settings *I* > did set up. Especially, if the sole possibility to revert that change > is somewhere buried in the Advanced Configuration Editor, and nothing > told me that this setting was changed. > > - Jabber is about privacy, so it is - at least in my eyes - a no-go to > silently route private data through some private proxies. I trust > the administrators of the four mentioned jabberds above, so no > offense here, but still: It is *my* decision where I want to have, > send or distribute my data, not the decision of any Gajim-Developers. > > - Hard coded server lists are evil. Just imagine what happens if one > of those proxy operators has to pay for traffic beginning next > month? It will take years or a shutdown of the service to stop the > traffic. And no, this is not an obscure paranoic rant, see for > example the various NTP server issues, a nice overview of incidents > is available at wikipedia: http://en.wikipedia.org/wiki/NTP_vandalism > Please, if you really dont want to think about this "feature" of > pre-polluted proxy lists, change it at least to something more > dynamic like "fetching an up to date list of proxies using an > query at proxylist.gajim.org". > > - If you blacklist something at a jabberserver, you should at least > drop a note to the server admin. > > Please, think again about this "feature". Gajim is a really cool > client which I used to recommend as one of my favourite clients. But > with such weird and (even worse) undocumented behaviours... > > Greetings from Berlin, > Florian. Dear Florian, Indeed we removed proxy65.jabber.ccc.de cause it was dead for a long time. I don't understand why you're angry. I hope you don't want us to list all non-working FT proxies ? For hardcoded list: We want Gajim to be simple for everyone. So we hardcoded this list so that users don't have ton configure FT proxies manually. Most users don't even know what a proxy is. So we can't ask them to configure it, or click a button about that. This list is all the working FT proxies we could found. If the admin don't want to make their proxy public, that just have to disable public access ! You see 4 proxies for all the world. We can't ask users to find them and configure that in Gajim ! Now about security, maybe there is a JEP about GPG over FT proxies ? If you want to be secure, just disable proxies and configure your routeur to forward you FTPort (28011) to your machine and that's it. Unfortunatly it's not possible for 99.9% of users. We have not blacklisted anything, you can re-add it by hand if you want. We just removed it from default proxies as it doesn't work. But tell us when it's back so we'll re-add it in default list with pleasure ! greetings, Yann ___ Gajim-devel mailing list Gajim-devel@gajim.org https://lists.gajim.org/cgi-bin/listinfo/gajim-devel