Skip to main content

As a hobby, I hack instant messaging gateways from various chat "apps" to XMPP (XMPP is to Whatsapp what the fediverse is to Twitter). Slidge (the name I gave to my hobby software thingy) has been mostly usable for me for a few weeks, so I decided to talk about it a little in my blog, by pretending some milestone has been reached and calling it a "release candidate".

nicoco.fr/blog/2023/01/08/slid…

A screenshot of poezio, a TUI chat app. Image shows this conversation: 13:52:04 Carabistrot changed: status: Last seen Sunday 12:52 GMT, show: away 13:52:45 « nicoco> Some people like to use terminal-based chat apps. 13:53:03 Carabistrot changed: show: available 13:53:08 Carabistrot> Mais TG 13:53:47 Carabistrot changed: status: Last seen Sunday 12:53 GMT, show: away
The same conversations, in Conversations, a chat app for android.
The same conversation, in whatsapp on Android.

Breaking news: Slidge v0.1.0 RC1 is out! — nicoco.fr

www.nicoco.fr

Peter Vágner reshared this.

Unknown parent

Nicoco
Nicoco
@daniel That's really nice to read, thanks! Slidge tries to XEP-comply as much as it can and I'm happy to fix stuff if it doesn't. Bridged contacts and groups should not be differentiable from other #XMPP entities; it seems to be the case as it (mostly) just works with #Conversations (for me, at least).
#xmpp #conversations @Daniel Gultsch
Unknown parent

Nicoco
Nicoco

@aenea Yes it does!
Telegram is actually the walled garden that is the most OK with third party clients: they provide a rather easy to use open source lib: core.telegram.org/tdlib/

They still are a walled garden though, don't be fooled! ;-)


Telegram Database Library

TDLib (Telegram Database Library) is a cross-platform, fully functional Telegram client. We designed it to help third-party…
core.telegram.org
@Aenea
in reply to Nicoco

res_integra
res_integra
Congrats on the release candidate!
I follow the code since the `spectrum2_signald` era.
Wishes for the easiest path to a release version.
in reply to res_integra

Nicoco
Nicoco
Ooohh spectrum2_signald, fun times! I remember trying to make sense of the (hum, "minimalist"?) dev docs of spectrum2. Thanks for the reminder, I need to keep the docs up-to-date and well written; it is a very important part of making a cool piece of code. 🙃
in reply to Nicoco

res_integra
res_integra
I remember fighting with the purple shade of lib and custom builds from source...
Concise documentation and an introduction/summary to fresh eyes is a key feature.
in reply to Nicoco

Ercan Erdem Ardal
Ercan Erdem Ardal
Any Suggestions for a Nice
#XMPP client?
Preferably available on PC and Android.
Thnx
#Chat
#xmpp #chat
This entry was edited (1 year ago)
in reply to Ercan Erdem Ardal

Nicoco
Nicoco
I forgot to mention #quicksy for android, which is a #conversations version with "whatsapp-like' onboarding on their server (you receive an SMS code that acts as a one-time-password). I'm not fond of "your phone number is your username" *but* I'm grateful that quicky exists, since a lot of non tech savvy folks really like this. It's still federated XMPP underneath.
This entry was edited (1 year ago)
in reply to Nicoco

Ercan Erdem Ardal
Ercan Erdem Ardal
All SMS codes are archived by the operator.
is it possible to track the account associated with an sms code?
Does server record my #phone number?
I am concerned about the way accounts are stored / logged on the server. If my phone number is stored somehow then I am not interested with that solution.
Thankx,
#XMPP #Android
#xmpp #android #phone
in reply to Ercan Erdem Ardal

Nicoco
Nicoco
@ErcanErdemArdal Yes, credentials are stored server side with slidge. Although, just to clarify, I am not administrating a public slidge instance. Slidge is a software meant to be installed by XMPP server admins. #selfhosting an #XMPP server is relatively easy and cheap, and that's the option I recommend to anyone that wants to try slidge. Maybe some XMPP servers admins will propose this to their users one day, but right now, all slidge users that I know of are self-hosters.
#xmpp #selfhosting @Ercan Erdem Ardal
in reply to Ercan Erdem Ardal

Nicoco
Nicoco
@ErcanErdemArdal Oh, I realise you were probably talking about #quicksy and not slidge in this toot, sorry about that. Yes, Quicksy JIDs (#XMPP addresses) look like +555123456@quicksy.im, so if you want an XMPP account not linked to your phone number, do not use Quicksy but rather #conversations or forks like cheogram or blabber.
I also don't like to see my phone number in my JID *but* a lot of users appreciate it. It makes the user experience closer to whatsapp, signal, telegram, etc.
#xmpp #conversations #quicksy @Ercan Erdem Ardal
Unknown parent

0 (shadowbanned)
0 (shadowbanned)

@daniel

Care to expand on what was your objection to gateways?

@Daniel Gultsch
Unknown parent

Nicoco
Nicoco

@0 @ErcanErdemArdal

It could be nice indeed. I guess we could ~sortof maintain e2ee with omemo. Probably the first step would be to have a "xep0114 with encryption" somehow. Prosody is probably a good playground for attempting to implement some experimental server-side module like that. I am unsure of the security implications behind letting users run a whole namespace@some-custom-domain.example.com

@Ercan Erdem Ardal
Unknown parent

Nicoco
Nicoco

@0 @ErcanErdemArdal

The main "objection" I see: if you're able to run a component, why not run the xmpp server too? I see some little benefits, like not needing a static IP, possibly no need to worry about dns and certificates... but overall running prosody alongside gateway components is not much overhead. Who would be interested by such deployment option?

@Ercan Erdem Ardal
Unknown parent

Nicoco
Nicoco
@nels Haaa, quelqu'un a remarqué l'humour glacé et sophistiqué qui se glissait dans les screenshots, merci ;)
@Nels
in reply to Nicoco

Chartrux
Chartrux
Hi, thanks a lot for sharing this !
I recently gave a try to matrix/WhatsApp. Could you tell if you have a different philosophy or if it is "just" a xmpp/matrix difference ?
Thanks :)
Sinon je ne prendrais pas mal de recevoir un TG
in reply to Chartrux

Nicoco
Nicoco
@Chartrux
The "technical" philosophy of the bridge part is very similar. In fact, both for whatsapp and messenger slidge relies on (reverse engineered) libs from the mautrix project. I even had a one-line pull request merged in maufbabi (the facebook lib), wow!
One difference though, I don't plan to run a large-scale paid instance like beeper.com. Slidge's amateurism is a feature ;-).
@Chartrux
in reply to Chartrux

Nicoco
Nicoco
@Chartrux pas de TG sur le fediverse, on est bienveillants ici, je vois pas pourquoi tu dis des gros mots comme ça... je suis choqué 😋
@Chartrux
Unknown parent

Nicoco
Nicoco
@0
For what it's worth, the maintenance effort of an XMPP server is waaaaay smaller than an email server, especially if you don't allow account creation.
Unknown parent

0 (shadowbanned)
0 (shadowbanned)

@ErcanErdemArdal

That said, perhaps the real issue is with services that don't support authorisation grants (e.g., #OAuth2). It's more acceptable to store a limited grant on someone else's component than to share your actual login details with them.

Not perfect, mind, just better.

#oauth2 @Ercan Erdem Ardal
in reply to 0 (shadowbanned)

0 (shadowbanned)
0 (shadowbanned)

@ErcanErdemArdal

> Facebook, Mattermost, Signal, Skype, Steam, Telegram, and Whatsapp

Out of curiosity, how many of those do #OAUTH2, API tokens or similar? I don't use any of those services & don't even know what steam is.

#oauth2 @Ercan Erdem Ardal
in reply to 0 (shadowbanned)

Nicoco
Nicoco

@0

- signal, telegram, whatsapp: revokable, "per device" access ~token
- discord, mattermost: slidge login process = "get your access token from the web UI via dev browser dev tools" 🤡
- facebook, steam: optional 2FA (but right now, password is stored slidge-side anyway, possible area of improvement). they used to have "revokable application password" but I've had less success with them recently
Steam is the largest game store for PC, with social network-like features.