#Conversations_im has this feature now. On restore you can opt to not restore the #OMEMO key material. (which will subsequently create new keys for that device)
Conversations 2.18.2 is available on Google Play and has client side mitigations for a server side security issue that was recently discovered and fixed in #ejabberd¹ and #OpenFire²
Go update your server. But just in case that takes a minute Conversations has your back too!
This release also fixes an issue with restoring (importing) backups on recent Android versions.
#Conversations_im has the ability to fetch outage status information from an independent server and display that in case the regular #XMPP server can not be reached.
This is powered by XEP-0455 (xmpp.org/extensions/xep-0455.h…). TLDR: Server gives client a URL to a JSON file during normal connects, client will hold on to that URL and fetch the JSON file in case server is unreachable.
This document defines an XMPP protocol extension that enables server administrators
to communicate issues with the server to all users in a semantic manner.
Security audits are a funny thing. We lack the (financial) resources for regular, thorough penetration tests. However I’m aware that some of the higher profile users of #Conversations_im occasionally perform audits without my direct involvement and without publishing it afterwards. Those audits aren’t adversarial as indicated by them wanting me to fix what they find.
The funniest instances are when they want to be credited for finding an issue but refuse to make the audit public.
You can put web+ap URIs into a message (or room description) and ideally a click on those will open your Mastodon client. However if no installed app supports those (the only app that I’m aware of is Fedilab) Conversations will open a browser instead.
Currently no app will create web+ap links but it is fairly easy to handcraft them.
For the next #Conversations_im release I’m refactoring how URIs are linked / made clickable. I’m adding a bunch of URI schemes like tel and mailto on top of the existing xmpp, http(s) and geo but removing support for "things that look like web URLs but aren’t actually URIs" (like 'example.com') to avoid some false positives.
Once the 2.18.0-beta comes out tomorrow or so let me know if you see things that isn’t matched and should be matched or vice versa.
Is there any #ActivityPub / #Mastodon URI scheme used in the wild that would allow me to open an ActivityPub account directly in my Android app?
I've seen 'acct' and 'web+ap' mentioned but none seem to be implemented.
The goal is that given a text of "Here is my Mastodon profile acct:daniel@gultsch.social" #Conversations_im can link that directly into #Tusky. (Just like mailto and xmpp URIs open my E-Mail or IM app respectively)
Have @apps or @Tusky considered that? If not why not?
Would like to #askfedi about the "Conversations Legacy" #conversations #conversations_im @daniel #xmpp client - this version used to be on GooglePlay before some time, but later has disappeared, and I seem to have missed any "official" comment in that regard.
Do I understand correctly that it is just not supported/updated anymore and people who have it (I know somebody) shall update to the mainstream for security reasons?
Would the update recognize the old data or one should proceed via backup and its restoration (if it is possible)? Thanks.
If you're still recommending #Signal, you may have missed the tech oligarchs' takeover of the US government. The best time to recommend European alternatives was 8 years ago; the second best is now.
I'm skipping #FOSDEM this year, but the #XMPP Standards Foundation will be there! Stop by the Realtime Lounge¹ to chat about XMPP, pick up some merch, and maybe grab a #Conversations_im sticker—while supplies last! 🚀
I don’t usually do this kind of evangelism, but if you’re looking for a reason to try #XMPP on #GlobalSwitchDay, now’s the perfect time: #Conversations_im is currently free on Google Play!
I love open source, and I want young people to know there’s a career path outside of #FAANG. Open source can be financially sustainable—it just gets super hard if one of your key goals is making your investors even richer. #Conversations_im is about the same age as #Matrix. I never took VC funding, and I’m doing fine.
The abandoned fork of #Conversations_im has a critical security issue: attackers can bypass STARTTLS negotiation, resulting in an unencrypted connection to a fake server. This vulnerability is similar to the STARTLS attack discovered in various email clients¹
✅ Fixed in Conversations 2.13.1 (Feb 2024)
📢 Please migrate to Conversations immediately! It's free on Google Play until the end of the year and always free on #fdroid
Did you know that you can configure custom notification sounds per contact or group chat in #Conversations_im?
Apparently not many people knew that so the next version will make, what essentially is a native Android feature, easier to access via the overflow menu of contact or group chat details.
After the next #Conversations_im update have a look at our new Chat Bubble Settings. We are now providing a few customization options that, among other things, allow you to render all message bubbles left aligned.
In combination with the setting that turns off the background color, this is relatively close to what Dino or other team messengers look like.
In 2015 I spent a couple of weeks in Singapore and I still remember sitting at a café and implementing the feature that merges multiple messages into the same bubble.
Today this feature has been removed from #Conversations_im in favor of moving the bubbles closer together. This gives better control over per messages actions such as sharing, quoting or adding a reaction.
I installed #Signal and #Conversations_im on a clean install of #GrapheneOS on my Pixel 4a and measured the battery impact. The results are shocking!
Both messengers had only one contact: my regular phone.
I used my regular phone to send messages to the Pixel 4a (which was not used for anything else over the course of the experiment).
I always sent the same message via Signal and #XMPP (mixing up which app went first). In total I sent ~32 messages in intervals of 10mins to a few hours.
Constantly begging for donations or ratings is not something you will see #Conversations_im do. An instant messaging app should benefit its users not its developers.
Should #Conversations_im add stun.conversations.im as a fallback for #XMPP servers missing XEP-0215: External Service Discovery?
I’ve hesitated to add anything resembling "calling home" (no update checker, no metrics).
However, the main goal here wouldn’t be improving A/V call success (though it helps) but making P2P file transfers more reliable. Many servers still lack HTTP Upload, and the refactored Jingle File Transfer would benefit greatly from a fallback STUN server.
After upgrading to #Android 15 I was tracking down this bug in #Conversations_im where the color of the text in the status bar sometimes doesn't change with the app theme. Occasionally I would get white status bar text on top of a light theme. Then I noticed that other apps - including the clock app! - have the same issue. I'm absolutely convinced that the engineers working on Android are all using iPhones. I mean how does one not notice issues like that?
(Note that the Google Play version has some drawbacks like no address book integration and no public channel discovery. For channel discovery you can use search.jabber.network directly.)
Good news and bad news. #Conversations_im 2.17.0 has support for emoji reactions 🎉 Since @Codeberg appears to be under constant DDoS attacks they have added pretty strict rate limits that the @fdroidorg build server keeps running into. 😞 Another build cycle just failed and it's unclear when 2.17.0 will be available on F-Droid. Maybe Codeberg and F-Droid can back channel an allow list or something? 🙏
#Conversations_im has just surpassed 250,000 installs on Google Play. 🥳
The official, publicly visible, install badges are handed out for 100k and 500k. Growth has been very linear over the last ten years so stay tuned for the next big milestone in 2034! 😜
