#meta 2020-04-01

2020-04-01 UTC
[chrisaldrich], [LewisCowles] and gRegorLove_ joined the channel
#
tantek.com edited /Foursquare (+338) "/* Past Features */ Nearby Notifications" (view diff)
#
tantek.com edited /Foursquare (+27) "float it manually" (view diff)
gRegorLove_, jjuran, jeremycherfas and [chrisaldrich] joined the channel
#
@JamieTanna ↩️ Hey Amit I meant to reach out - I think for this one I'll probably keep it as just for Nottingham, but I know the London event https://events.indieweb.org/2020/04/online-homebrew-website-club-europe-london-2Kc9aetW589f is open (https://www.jvt.me/mf2/2020/04/pix3i/) (twitter.com/_/status/1245239651985772544)
gRegorLove_ joined the channel
#
@aboutRSS #MicroDotBlog #介绍 a #Thread 1/n 前天提及了 #开放网络 和 #Linkblogging,怎能不提 http://Micro.blog 。这可是 #Microblogging 和 #IndieWeb 的一面大旗。 现在没什么人用 #Radio3io ,大概率和 #MicroDotBlog 的存在有关,功能上完全覆盖 #Radio3io 。 (twitter.com/_/status/1245255500326813696)
PSap joined the channel
#
@aboutRSS ↩️ 3/n 其它详情可以在IndieWeb关于http://Micro.blog的页面 https://indieweb.org/Micro.blog 查看,写得比其Wikipedia页还全,比如罗列了该平台的一些不足。这里只提一下和RSS有关的方面: (twitter.com/_/status/1245257314602373120)
[jeremycherfas], [LewisCowles], [jgmac1106], Kaja, Naptra, [g33kcentric] and swentel joined the channel; PSap left the channel
#
evgenykuznetsov.org edited /User:Evgenykuznetsov.org (+173) "/* Introduction */" (view diff)
#
evgenykuznetsov.org edited /User:Evgenykuznetsov.org (+275) "/* My site */" (view diff)
[LewisCowles] and [jeremycherfas] joined the channel
#
@shindakun Hmm. My webmentions seem to be acting up. Don't mind me just testing https://shindakun.dev/posts/sdl2-test-03-part-01/ #indieweb (twitter.com/_/status/1245370470880296960)
[tantek] joined the channel
#
[tantek] heads-up for folks using Zoom (including us today) — worth reading this thread (credible source) https://twitter.com/random_walker/status/1245103123389169665
#
@random_walker If Zoom cares to resurrect its reputation, it needs to do four things right away. 1. Stop acting like malware. Although the intent isn't malicious, it's a dangerous slippery slope that makes it harder for the OS to block actual malware and creates new security risks for users. (twitter.com/_/status/1245103123389169665)
#
@ChrisAldrich ↩️ Congratulations! I'm curious if you have plans to offer other IndieWeb building blocks like Micropub, Microsub, or IndieAuth? Given your offerings, I'm tempted to add @Typlog to the options at https://indieweb.org/Quick_Start. https://boffosocko.com/2020/04/01/55770003/ (twitter.com/_/status/1245376537290915840)
#
www.lewiscowles.co.uk edited /Zoom (+475) (view diff)
[grantcodes] and [LewisCowles] joined the channel
#
boffosocko.com edited /Webmention (+601) "split out closed source platforms: micro.blog, i.haza.website, pine.blog, typlog" (view diff)
#
sknebel [LewisCowles]: I'm not sure how "peer-to-peer" comes into it? afaik none of the things you mention are in any way peer-to-peer?
#
sknebel also "end-to-end" encryption isn't mentioned on the page, so it should be clearer what you are actually addressing - one of the links?
#
[LewisCowles] ALL Zoom traffic is HTTPS TLS, unless peer to peer, which is part of the RTC technology they use
#
[LewisCowles] it's why it's such a frustrating criticism
#
sknebel does zoom do peer-to-peer in any way?
#
sknebel is my question
#
[LewisCowles] Apparently, yes
#
[LewisCowles] that is the specific part which violates end to end
#
[LewisCowles] it's pedantry
#
sknebel huh?
#
[LewisCowles] and of a kind I'm not fond of
#
sknebel it's not end to end because video goes through a server which has clear text access
#
sknebel thats the opposite of peer-to-peer
#
Zegnat I didn’t know Zoom did P2P. I was pretty sure that in our testing we found it was always peer-to-zoom.
#
sknebel and I also do not know any mode where it does peer-to-peer
#
[LewisCowles] > Instead, the company has TLS encryption in place. This is essentially what browsers use to secure HTTPS websites and it means that data is encrypted between users and Zoom’s servers. But that’s different from ‘end-to-end’ encryption which protects all content shared between users from the company providing the service.
#
[LewisCowles] > Read more: https://metro.co.uk/2020/04/01/zoom-meetings-arent-end-end-encrypted-12490588/?ito=cbshare
#
[LewisCowles] >
#
[LewisCowles] > Twitter: https://twitter.com/MetroUK | Facebook: https://www.facebook.com/MetroUK/
#
[LewisCowles] *data is encrypted between users and Zoom’s servers*
#
[LewisCowles] the part they control, is encrypted
#
[LewisCowles] video chat likely uses WebRTC
#
sknebel "peer-to-peer" would mean direct communication between client devices
#
sknebel not going through the server
#
sknebel (i.e. what some of the WebRTC things do. but e.g. not jitsi, that does webRTC to a server)
#
Zegnat “video chat likely uses WebRTC” - if it does, it is only WebRTC from browser to Zoom, it is not WebRTC between participants, IIRC
#
[LewisCowles] I think you've over-simplified what Jitsi does
#
[LewisCowles] at least from my understanding, Jitsi supports ICE servers, but does not enforce their use if clients can peer
#
[LewisCowles] I'm quite sure the reason for that is that it is outside of their control
#
sknebel afaik it goes through the server, intentionally. but I could be wrong
#
sknebel not relevant to the point about what peer-to-peer typically means
#
[LewisCowles] It's fundamental to the point of what peer-to-peer means
#
Zegnat As far as #indieweb-meta goes: I would maybe add a link to that extra piece of commentary on the wiki so it is clear what you are commenting on [LewisCowles]. As the rest of the wiki page does not seem to mention things like E2E.
#
Zegnat Woops, I also did not see #indieweb-chat, haha, that is probably the correct channel :)
#
[LewisCowles] zegnat I'm looking for a better link than a paper
#
[LewisCowles] 😉 will link once found
#
sknebel the label "peer-to-peer" isn't really used for communication client-server in this context, so I think it doesn't apply to e.g. Zoom
#
[LewisCowles] again. Zoom does not only communicate via its servers. This is what all the complaints seem to be about
#
sknebel do you have a source for "Zoom does not only communicate via its servers"?
#
sknebel what I've seen is people critizing that they said "end-to-end" when they only did transport encryption to their servers, so their servers had access to the data
#
[LewisCowles] Zoom << https://support.zoom.us/hc/en-us/articles/201362723-Encryption-for-Meetings
#
Loqi ok, I added "https://support.zoom.us/hc/en-us/articles/201362723-Encryption-for-Meetings" to the "See Also" section of /Zoom https://indieweb.org/wiki/index.php?diff=69349&oldid=69347
#
[LewisCowles] zoom << https://www.theverge.com/2020/3/31/21201234/zoom-end-to-end-encryption-video-chats-meetings
#
Loqi ok, I added "https://www.theverge.com/2020/3/31/21201234/zoom-end-to-end-encryption-video-chats-meetings" to the "See Also" section of /Zoom https://indieweb.org/wiki/index.php?diff=69350&oldid=69349
#
[LewisCowles] > Zoom does use TLS encryption, the same standard that web browsers use to secure HTTPS websites. In practice, that means that data is encrypted between you and Zoom’s servers, similar to Gmail or Facebook content. But the term end-to-end encryption typically refers to protecting content between the users entirely with no company access at all,
#
[LewisCowles] That is the verge article I just linked
#
[LewisCowles] also it goes on to say
#
[LewisCowles] > similar to Signal or WhatsApp. Zoom does not offer that level of encryption
#
[LewisCowles] > Zoom, however, denies that it’s misleading users. The company told _The Intercept_, “When we use the phrase ‘End to End’ in our other literature, it is in reference to the connection being encrypted from Zoom end point to Zoom end point,” and that “content is not decrypted as it transfers across the Zoom cloud.”
#
[LewisCowles] zoom << https://theintercept.com/2020/03/31/zoom-meeting-encryption/
#
Loqi ok, I added "https://theintercept.com/2020/03/31/zoom-meeting-encryption/" to the "See Also" section of /Zoom https://indieweb.org/wiki/index.php?diff=69351&oldid=69350
#
sknebel okay, so Zoom says end-to-end only refers to the text chat?
#
sknebel if they say " “Currently, it is not possible to enable E2E encryption for Zoom video meetings.” "
#
[LewisCowles] zoom << https://bloggeek.me/when-will-zoom-use-webrtc/
#
Loqi ok, I added "https://bloggeek.me/when-will-zoom-use-webrtc/" to the "See Also" section of /Zoom https://indieweb.org/wiki/index.php?diff=69352&oldid=69351
#
[LewisCowles] > t its core, WebRTC is about sending data in real time in peer-to-peer fashion across browsers. Be it voice, video or arbitrary data.
#
sknebel hm. not quite clear if they do it to other browser clients or to their servers
#
aaronpk considering most zoom clients are not browsers i would assume it's to their servers
#
sknebel to me the article reads like that they replaced a websocket connection to the server partially with a webrtc connection to the server
#
aaronpk same
#
[LewisCowles] self rebuttal
#
[LewisCowles] > Zoom is using WebRTC. Somewhat. With a data channel. To handle live video streams, with their previous WebSocket architecture as fallback. And not the peer connection itself.
#
[LewisCowles] which makes even less sense
#
[LewisCowles] are they asking for the video data to be encrypted as well as transported through an encrypted socket? If so isn't it worse to layer encryption like that?
#
sknebel end-to-end would mean that zooms servers can't decrypt the traffic. That IMHO does not make sense as a default for a video chat product, but as on opt-in thing would do probably
#
Zegnat And then it gets double confusing when you get more technical people reading it, because they have yet again a different expectation for what all the terms mean, haha.
#
Zegnat I feel like the problem is non-network people communicating with non-network people in multiple layers while Zoom themselves feel no need to clarify any of the terms they use.
#
sknebel (not good for a default because you'd want the server to be able to re-encode etc the video to adapt for bandwidth - I think they do that)
#
sknebel so zoom apparently has end-to-end encryption for text chat as an option
#
sknebel but not for video, but their marketing materials were unclear about that
#
sknebel I don't think they do anything peer-to-peer (it's of course cheaper server-load wise, but has lots of problems, as many of the other examples show), but use WebRTC (a technology designed to support peer-to-peer) between browser client and server for performance reasons
gRegorlove joined the channel
#
sknebel which I think is a sane choice, their marketing just shouldn't muddle that up (no personal opinion if they did or not, I didn't review the sources)
#
[LewisCowles] They do have an option to refuse non-encrypted phone participants from the zoom official link I added
#
sknebel yeah, enforcing "transport encryption" there I guess
#
sknebel an external phone obviously would never be able to do end-to-end (I think that's not a thing in SIP for conferences)
#
sknebel (another example of why e2e doesn't fit well with what they are offering: you'd break call-ins, cloud recording, ...)
#
aaronpk lack of e2e is not really a fair criticism. however having them call it e2e when it's clearly not, is.
#
sknebel yes
[calumryan] joined the channel
#
boffosocko.com edited /OPML (+235) "/* XSL (making an OPML file look like HTML) */ Hsiaoming Yang using XSL to create a human-readable RSS feed" (view diff)
[jgmac1106] and [chrisaldrich] joined the channel
#
[jgmac1106] https://clients.marcus-povey.co.uk/review/course/view/d05f1a608251e3594c8ad8afe3323dcf/
#
Loqi [Greg McVerry] EDU522: Digital Teaching and Learning Too https://clients.marcus-povey.co.uk/review/file/4eb760003a6a6d8afa73cbbf6972af9f/2632569486_b02fde5b29_z.jpg
#
[jgmac1106] doubleloop the wiki I am playing with, thinking about moving bunch of my half baked thought to a wiki instead of my website
#
[jgmac1106] for me it is also versioning control, I like the revision history of a wiki compared to just the line editing in GitHub
[tantek] joined the channel
#
[tantek] same
#
@jgmac1106 Hey folks at #oer20, the #indieweb homebrew website club London has started intros, lemme check http://events.indieweb.org for more info if you want to join us. (https://quickthoughts.jgregorymcverry.com/s/12Zngi) (twitter.com/_/status/1245414543196598275)
[Rose] joined the channel
#
[jgmac1106] https://clients.marcus-povey.co.uk/review/module/view/e2be79bd4a8b42fc6dcd261a53bda9e9/
#
Loqi Module One: Who Am I? https://clients.marcus-povey.co.uk/review/file/2f0684427979f381440061c6700bf5c5/4398743792_0b03f7723a_z.jpg
#
[chrisaldrich] tantek, did you mean to add the "6" in front of the emoji here? https://indieweb.org/wiki/index.php?title=likes&type=revision&diff=56030&oldid=56017
#
[tantek] haha yes
#
[tantek] it's indicating that there are 6 likes
#
[tantek] maybe I should pick another number
#
[jgmac1106] sorry for the rando links, sharing stuff we are working on in HWC London, that is a module page int he course builder
#
[chrisaldrich] I just didn't understand the context for the number or why... figured it was specific because of the commit note, but...
#
[tantek] note that is the /likes page which is about displaying the set of likes on a post, rather than the /like page which is all about a like post itself
#
[chrisaldrich] then I'll like it and we can bump it to 7 then... 🙂
#
[LewisCowles] lucky 7
#
[tantek] haha yes you should go edit it and change it to 7
#
[chrisaldrich] having the number actually may serve as an indicator that it's different from the similar like page.
#
[tantek] that was the idea yes
#
[LewisCowles] so like is like-this, and likes is how many like this got, or all my likes?
#
boffosocko.com edited /likes (+1) "bump emojicon to 7; bolded entire sentence for /like page to make it a bit more obvious" (view diff)
#
[LewisCowles] I noticed I couldn't find an endpoint to show me that actually via webmention
[Ana_Rodrigues] joined the channel
#
tantek.com edited /likes (+22) "call out the like link a bit more" (view diff)
[amit] joined the channel
#
@mantonsblog Goes without saying that we won’t have an IndieWeb Meetup at Mozart’s this week. There are more online-only meetups popping up, though. Check out https://events.indieweb.org/ for upcoming events. (twitter.com/_/status/1245423756098646016)
nec joined the channel
#
doubleloop [jgmac1106]: do you look at the revision history much in your wiki?
#
doubleloop I definitely would like both the current state of my ideas and the ability to see a history of how they evolved.
#
@ChrisAldrich Review of @Typlog as a turnkey platform for #IndieWeb as a Service https://boffosocko.com/2020/04/01/review-of-typlog-as-a-turnkey-platform-for-indieweb-as-a-service/ (twitter.com/_/status/1245441867832897536)
[jacky] joined the channel
#
boffosocko.com created /Typlog (+821) "stub; definition; pagelo; examples;" (view diff)
#
loqi.me created /Typolog (+19) "prompted by [tantek] and redirect added by [tantek]" (view diff)
#
[tantek] lots to learn in this post by denschub: https://schub.wtf/blog/2020/01/01/2010s-alternative-social-media.html
#
boffosocko.com edited /Quick_Start (+1221) "typlog; additional notes section (commented out ATM)" (view diff)
[KevinMarks], willnorris_ and Zegnet joined the channel
#
[tantek] I'm having a better and better experience with "Hangouts" (https://meet.google.com/) for video chats of <10 people and I'm wondering what people think of considering using that for HWC instead of Zoom (given all the recent Zoom concerns reported)
#
aaronpk main downside is that requires that everyone has a google account
#
[tantek] It feels like Google has been putting in the effort to improve https://meet.google.com/ substantially (cross browser)
#
[tantek] Yeah
#
[tantek] Does that also mean less chance of trolls/griefing?
#
aaronpk only one way to find out: post a google meet link to twitter :)
#
[tantek] lol
#
aaronpk whoa google meet does automatic captioninig
voxpelli_ joined the channel
#
[tantek] I guess I'm saying I used to be frustrated by it, performance issues etc., and some combination of fixes in meet.google plus maybe fixes in Firefox have made it substantially better over the past few months
#
[tantek] Wouldn't surprise me if Google had put more resources in to fixing (and infrastructure) for Hangouts over the past few weeks / month
#
jacky aaronpk: yeah - I was talking to family and saw that come up randomly once; kinda cool
#
aaronpk could be worth a try
#
gRegorlove I think Google Meet has same chance of griefing if the link is public. Not sure what add'l controls it has from Hangouts, though.
#
gRegorlove Haven't tried it. It says my account can only join others meetings, not start one.
#
gRegorlove Hangouts has worked well for me for several video hangouts in recent weeks
#
[tantek] Presumably the Google account requirement would raise the bar on rejoining after the account was banned
#
gRegorlove "Your account only lets you join meetings [Learn more]"
#
gRegorlove Learn more doesn't tell me how to change that, hah
#
gRegorlove Guess maybe it's sign up for G Suite?
#
aaronpk before we actually do one on google meet i'd want to double check everyone knows how to kick people out and such
#
gRegorlove Ah, yep "To create a new Meet video meeting or add a link in a Google Calendar event, you must be signed in to a G Suite account."
#
aaronpk wait what
#
gRegorlove It's not like Hangouts. Not just any Google account can start a Google Meet.
#
aaronpk oh yeah huh when i go to meet.google.com it only gives me my g suite account in the account chooser
#
[tantek] same
#
aaronpk only reason i have a g suite account is because i'm grandfathered in
#
aaronpk hm is there a better word for that
#
GWG I am too
[jgmac1106] joined the channel
#
[jgmac1106] Zoom does autocaptioning as well
#
[jgmac1106] In fact at our university we use WebEx unless documented need for captioning and then you get Zoom
#
[jgmac1106] The only issue with Google Meets is the lack of Brady Brunch view, the person speaking becomes default main screen
#
[jgmac1106] but auto captioning by Google crushes Zoom
#
[tantek] I do like the full grid view
#
[tantek] much better for screen capture photographs 🙂
#
[jgmac1106] yeah leads to a lot of male dominate discourse patterns where the person speaking the most gets the prominence
#
[jgmac1106] already some chrome plugins to fix this, teachers want grid, will come soon I suspect
#
[jgmac1106] I use Google Meets for my companies, hoping Google finally realizes Google Hangouts was good enough, especially when interoperable
#
aaronpk [jgmac1106]: where is the auto caption feature in zoom? I haven't seen that
#
[jgmac1106] hold on one sec, let me go check our university docs
#
[jgmac1106] wonder if it is an Enterprise feature or something
#
aaronpk they support designating someone as the captionist and whatever they type will be sent as captions to everyone
#
aaronpk they have an api for it too
#
aaronpk does not appear to be built in
#
[jgmac1106] ohh...we are paying real people....
#
[jgmac1106] ....Google Meet I would say is accessibility out of the box...caveat English first language speakers
#
[jgmac1106] makes sense as a university to pay a real person. Cheaper than lawsuit, and right thing to do
#
[jgmac1106] the Google Voice Recorder is amazing at transcripts, not live, but recognizes voices well
#
[jgmac1106] ..you would think they had massive server farms and billions of hours of voice recordings or something
#
[jgmac1106] i also 100% have no problem with the privacy and security on a G Suite account. It is strict.
#
aaronpk so basically we'd need to have someone with a g suite account host the calls
#
aaronpk now that you mention it, *do* you need a google account to join a call then?
#
aaronpk you do not!
#
aaronpk you just type in a name and then it asks the host if you can join
#
[tantek] type in a name? you mean a google account?
#
[tantek] [jgmac1106] this "the person speaking the most gets the prominence" is definitely a problem for the reasons you point out
#
[tantek] I've seen that in at least 1 HWC
#
[tantek] despite being on Zoom
#
GWG I always set the screen to gallery view
#
aaronpk no like literally just type a name
#
aaronpk no account required to join a meet from the link
#
aaronpk you can test it yourself, create a meeting, then get the link for it, then open that link in an incognito window
#
[tantek] how does the host identify you to know whether to let you in or not?
[snarfed] joined the channel
#
aaronpk based on whatever you type in
#
aaronpk it's literally just free form text
#
aaronpk if you're interested in using this, i recommend doing a test flow with two windows side by side to see what the experience is like both hosting and joining a meeting
#
[tantek] ugh well that doesn't really help then does it (in terms of blocking trolls)
#
[tantek] alright we'll have to think this through some more to consider it as an alternative for HWC
#
aaronpk correct, it does not. however we could ask that people join with their chat name or domain name, and then the trolls might be more recognizable
petermolnar joined the channel