[JDEV] help

2001-04-11 Thread Dillip Kumar Swain 
Title: RE: help



HI SirI am facing some problem with 
xdb_sql.as per your advice I am developing a mysql module in 
c.
to intigrate with Jabber Server 1.2/1.4 but when I 
am going to configure it..the problem islike that..but I am 
sure about path of MysqlLibrary...is currect...
 
but error is like..-checking for 
mysql_init in -lmysqlclient... (cached) mysqlclient_mysql_init noconfigure: 
warning: *** Native MySQL support will not be built (MySQL library not found) 
***-can you help me in this 
regards!!!
thanx in advance,babu

Re: Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Jens Alfke 
 On Wednesday, April 11, 2001, at 01:17 PM, Todd Bradley wrote:

I like the idea.  But what's to stop that user from just creating a new JID?
We might just see a lot of one-time JIDs pop up as happens with email spam
now.

If Jabber really takes off, someone will create a special Jabber server for spammers, which just sends every message from a different randomized fake JID. Although at least, with server-server dialback, they won't be able to fake the server name on their messages (right?)

For this and other reasons I would rather see trust as "opt-in", i.e. people will be blocked unless there is a reason to consider them trustworthy. Or if not blocked completely, then at least downgraded in importance, i.e. messages from them don't pop up on your screen but just get added to a list in a window that you can open once in a while and look through. Sort of like the "Junk?" mailbox that my mail rules throw suspicious messages into.

—Jens

RE: Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Todd Bradley 

> How about having a way for a client to report a message as spam, it
> could send back an  with the message content and sender, then if
> one user or message is reported many times as spam it will start to be
> blocked, have to be thought out well so as to not allow loop holes for
> abuse.

I like the idea.  But what's to stop that user from just creating a new JID?
We might just see a lot of one-time JIDs pop up as happens with email spam
now.


Todd.

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Trouble with local JUD

2001-04-11 Thread DJ Adams 

On Wed, Apr 11, 2001 at 12:28:57PM -0600, David Waite wrote:
> Sorry, I helped Ørjan out with his problem.
> 
> The first problem was using the server name instead of another unique name
> (like 'jud.servername')
> 
> The second problem was that there is a  block to add to the jsm
> block for reported services for browse and agents requests, and a 
> block for loading and running the jud. Both of these were in the JSM
> configuration, so the service was never being loaded.

Cool. Thanks for letting me know.

So my theory was right - jabberd was never able to load the service - not
because it was commented out, but because it wasn't even 'there'. Yay! :-)

dj
Ok. Only another 201 unread to go ...


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Trouble with local JUD

2001-04-11 Thread David Waite 

Sorry, I helped Ørjan out with his problem.

The first problem was using the server name instead of another unique name
(like 'jud.servername')

The second problem was that there is a  block to add to the jsm
block for reported services for browse and agents requests, and a 
block for loading and running the jud. Both of these were in the JSM
configuration, so the service was never being loaded.

-David Waite

DJ Adams wrote:

> Hi Ørjan
>
> In case you are still struggling (I don't see any further msgs in this
> thread) - I'll put in my two pence
>
> silly things out of the way first:
>
> are you sure the  stuff isn't between
> XML comments () so that the jabberd isn't able to find
> the instance definition?
>
> you refer to the 1.4 howto, so I assume you're installing JUD against
> 1.4, so the jud directory is normally jud-1.4/ - however I see you've
> used "jud/jud.so" in your examples... Is this OK?
>
> OK, now theory:
>
> the jud doesn't need to be resolvable as it's local(ly defined as a
> service component instance in the config). This suggests two things:
> (a) there shouldn't be any need to edit /etc/hosts with jud entries
> (b) the console log output that you quote suggests that it's trying
> to resolve the jud.vkhd name which suggests that it _hasn't_ found
> anything matching that locally (i.e. it's passed it to the dnsrv/dialback
> component).
>
> I've proved (a) to myself by installing jud without any hostname/DNS
> changes and it works, and (b) is just a theory, as I'm still learning
> of course :-)
>
> So it would seem to me the problem is that the JUD service definition
> is not getting recognised properly.
>
> Debug output (as temas suggests) by starting the server with -D and
> capturing STDERR would be very useful...
>
> dj
>
> (ready to be kicked for false assumptions...)
>
> ___
> jdev mailing list
> [EMAIL PROTECTED]
> http://mailman.jabber.org/listinfo/jdev


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Relationship with .NET?

2001-04-11 Thread Jared Rhine 

[Citation date: Wed, 11 Apr 2001 17:49:35 +1000]

> Oliver == Oliver George <[EMAIL PROTECTED]>

Oliver> Sorry for the conspiricy theory: i've no doubt .NET will
Oliver> be great else MS wouldn't back it so hard.  but tell us
Oliver> why.

I'll second the request to take the .NET discussion offline.

-- [EMAIL PROTECTED]

"There is nothing like returning to a place that remains unchanged to find 
 the ways in which you yourself have altered." - Nelson Mandela [A
 Long Walk to Freedom]

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Thomas Parslow (PatRat) 

>> Ah, but have you tried downloading and registering an new ICQ account?
> Sure
>> when you have set it up it's OK, but as soon as you have registered a new
>> account within a few seconds you get spam'd!
>
> Not wanting to turn this list into a spam discussion, but I have a very low
> iCQ number, and you'd have thought i'd get more spam, being at the
> beginnings of their list (esp. seeing as iCQ numbers only start at 100,000).
> They can't spam you if you have those options ticked, as iCQ simply ignores
> it. They're not on your list, you don't get anything. They send it thru the
> web or email, again, you don't get it. Not sure what the implementation is
> in iCQ-t, but i'm sure such ignore measures could be put in, but obviously
> in most cases wouldn't be desired, as many haven't imported their entire iCQ
> lists.

Spammers target high numbered accounts because newbies are better
targets for spam :) My account get's very little but both my brothers
accounts get loads (they signed up more recently)

Thomas Parslow (PatRat) ICQ #:26359483
Rat Software
http://www.rat-software.com/
Please leave quoted text in place when replying



___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] How to check users presence?

2001-04-11 Thread DJ Adams 

On Wed, Apr 11, 2001 at 09:21:11AM -0700, Jens Alfke wrote:
>  
> But the client shouldn't need to send a probe at all. The server will 

s/shouldn't need/ought not/ 

probe is for servers; clients shouldn't be doing them...

> send you  elements from your subscribed buddies right after 
> you log in, and whenever their status changes. All you need to do is 
> listen for them. 

So long as you store the info when you get it ;-)

dj

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Trouble with local JUD

2001-04-11 Thread DJ Adams 

Hi Ørjan

In case you are still struggling (I don't see any further msgs in this
thread) - I'll put in my two pence

silly things out of the way first:

are you sure the  stuff isn't between
XML comments () so that the jabberd isn't able to find
the instance definition?

you refer to the 1.4 howto, so I assume you're installing JUD against
1.4, so the jud directory is normally jud-1.4/ - however I see you've
used "jud/jud.so" in your examples... Is this OK?

OK, now theory:

the jud doesn't need to be resolvable as it's local(ly defined as a 
service component instance in the config). This suggests two things:
(a) there shouldn't be any need to edit /etc/hosts with jud entries
(b) the console log output that you quote suggests that it's trying
to resolve the jud.vkhd name which suggests that it _hasn't_ found
anything matching that locally (i.e. it's passed it to the dnsrv/dialback
component). 

I've proved (a) to myself by installing jud without any hostname/DNS
changes and it works, and (b) is just a theory, as I'm still learning
of course :-)

So it would seem to me the problem is that the JUD service definition
is not getting recognised properly.

Debug output (as temas suggests) by starting the server with -D and 
capturing STDERR would be very useful...

dj

(ready to be kicked for false assumptions...)

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] segfault in libpth on 1.4.1

2001-04-11 Thread Nathan J. Mehl 


After an upgrade to 1.4.1, things were mostly quiet until today, when
jabberd took a very ungraceful dive, twice.  All I found in the logs
were:

@40003ad49bfc2c7752dc aim_tx_new: ERROR: no connection specified
@40003ad49bfd0ad24d44 unknown capability!
@40003ad49bfd0adae094 unknown capability!
@40003ad49bfd0addcaac unknown capability!
@40003ad49bfd0adf6ca4 unknown capability!
@40003ad49bfd0ae23f4c unknown capability!
@40003ad49bfd0b4229fc unknown capability!
@40003ad49bfd0b4523b4 unknown capability!
@40003ad49bfd0b4809e4 unknown capability!
@40003ad49bfd0b49a40c unknown capability!
@40003ad49bfd0b4c7a9c unknown capability!
@40003ad49bfd0c6c59ec unknown capability!
@40003ad49bfd0c7458cc unknown capability!
@40003ad49bfd0c754ee4 unknown capability!
@40003ad49bfd0c76ecf4 unknown capability!
@40003ad49c0713d51c3c 20010411T18:01:33: [notice] (yahoo.mspt.com): Closing down 
session for [EMAIL PROTECTED]
@40003ad49c07141044c4 20010411T18:01:33: [warn] (sessions.c:1082): [AT] Closing 
down session for [EMAIL PROTECTED]/Home
@40003ad49c0800291d64 Users-Agent: Connection to server lost...
@40003ad49c0800294474 Users-Agent: Giving up and exiting...

(Note that the odd date format here is an artifact of multilog.)

Backtrace follows:

This GDB was configured as "i386-redhat-linux"...
Core was generated by `/local/vol/jabber/jabberd/jabberd'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /local/lib/libpth.so.13...done.
Reading symbols from /lib/libdl.so.2...done.
Reading symbols from /lib/libresolv.so.2...done.
Reading symbols from /lib/libc.so.6...done.
Reading symbols from /lib/ld-linux.so.2...done.
Reading symbols from /local/vol/jabber-1.4.1/./jsm/jsm.so...done.
Reading symbols from /local/vol/jabber-1.4.1/./xdb_file/xdb_file.so...done.
Reading symbols from /local/vol/jabber-1.4.1/./pthsock/pthsock_client.so...  done.
Reading symbols from /local/vol/jabber-1.4.1/./dnsrv/dnsrv.so...done.
Reading symbols from /local/vol/jabber-1.4.1/./dialback/dialback.so...done.
Reading symbols from /local/vol/jabber-1.4.1/./conference-0.4/conference.so...  done.
Reading symbols from /local/vol/jabber-1.4.1/./aim-transport/src/aimtrans.so...  done.
Reading symbols from /local/vol/jabber-1.4.1/./icq-transport-0.9/icqtrans.so...  done.
Reading symbols from /local/vol/jabber-1.4.1/./msn-transport-1.1/msntrans.so...  done.
Reading symbols from 
/local/vol/jabber-1.4.1/./yahoo-transport-0.8-1.4/src/yahootrans.so...done.
Reading symbols from /lib/libnss_dns.so.2...done.
#0  0x8056fd1 in jid_cmp (a=0x30, b=0x83462f0) at jid.c:231 231 
if(_jid_nullstrcmp(a->resource, b->resource) != 0) return -1;
(gdb) bt
#0  0x8056fd1 in jid_cmp (a=0x30, b=0x83462f0) at jid.c:231
#1  0x805715d in jid_append (a=0x30, b=0x83462f0) at jid.c:266
#2  0x401cac33 in yahoo_parse_presence (yjp=0x8346340) at presence.c:268
#3  0x401c9ade in yahoo_parse_jpacket (arg=0x8346340) at parser.c:279
#4  0x8055328 in mtq_main (arg=0x81436d8) at mtq.c:150
#5  0x4001 in pth_spawn_trampoline () from /local/lib/libpth.so.13
#6  0x4001d058 in pth_mctx_set_bootstrap () from /local/lib/libpth.so.13
#7  0x4001cfd6 in pth_mctx_set_trampoline () from /local/lib/libpth.so.13
#8  0x4005ac68 in __restore () at ../sysdeps/unix/sysv/linux/i386/sigaction.c:127
#9  0x80587e5 in pmalloc (p=0x1ed, size=128) at pool.c:151

-n

<[EMAIL PROTECTED]>
   "We have a kinky sex emergency over here! Only one man can save us now!"


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Thomas Parslow (PatRat) 

> Actually, I like the thought of rate-limiting. If they can only send two 
>subscription requests per minute, they would be discouraged from trying to 
>bulk-subscribe. Also, if they could only resolve
> two search matches per minute, they would be discouraged from walking the list and 
>bulk-messaging. Have the ability to implement rules like 'ten unique invalid user 
>requests in a minute bans s2s
> communication with that server for ten minutes', and it just won't be
> practical.
>
> I believe the spam response rate is well under 1%, if they were only able to spam a 
>hundred users a day or some such number, it would be unlikely they would consider 
>this to a viable advertising
> method.
>
> -David Waite

Sounds interesting, although IMHO it should allow slightly more than
that, consider what happens when someone comes from another IM and has
to add all their contacts to the roster.

How about having a way for a client to report a message as spam, it
could send back an  with the message content and sender, then if
one user or message is reported many times as spam it will start to be
blocked, have to be thought out well so as to not allow loop holes for
abuse.

Thomas Parslow (PatRat) ICQ #:26359483
Rat Software
http://www.rat-software.com/
Please leave quoted text in place when replying



___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Oliver Wing 

> Ah, but have you tried downloading and registering an new ICQ account?
Sure
> when you have set it up it's OK, but as soon as you have registered a new
> account within a few seconds you get spam'd!

Not wanting to turn this list into a spam discussion, but I have a very low
iCQ number, and you'd have thought i'd get more spam, being at the
beginnings of their list (esp. seeing as iCQ numbers only start at 100,000).
They can't spam you if you have those options ticked, as iCQ simply ignores
it. They're not on your list, you don't get anything. They send it thru the
web or email, again, you don't get it. Not sure what the implementation is
in iCQ-t, but i'm sure such ignore measures could be put in, but obviously
in most cases wouldn't be desired, as many haven't imported their entire iCQ
lists.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread David Bovill 

Interesting, I think I'd like to implement something along these lines, but
needs pinning down...

> One big vague architectural solution is to establish some kind of "web
> of trust" where transitive buddyhood ([EMAIL PROTECTED] is unknown to me but
> is on one of my buddy's buddy lists) is used as a heuristic to guess
> that someone is legit and therefore not block their messages. The
> problem is how to trawl through the directed graph of buddy lists
> without privacy concerns coming up, since I don't necessarily want all
> my buddies knowing who else is on my buddy list.
> 
> Here's a quick thought: Allow each user to keep a private server-side
> list that rates other users positively or negatively. Other users can
> then send special messages to your server to query for your rating of a
> single other user. By sending such a query to your whole buddy list, you
> can compute an aggregate ranking that gives you an idea of whether or
> not to trust or block some unknown user. Should be quite simple to
> implement...
> 
> ‹Jens
> 

Is anyone else is interested in this? Otherwise Jens I'll mail you off list
when I have something to say -:)


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread David Bovill 

Ah, but have you tried downloading and registering an new ICQ account? Sure
when you have set it up it's OK, but as soon as you have registered a new
account within a few seconds you get spam'd!

> From: "Oliver Wing" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Wed, 11 Apr 2001 17:16:42 +0100
> To: <[EMAIL PROTECTED]>
> Subject: Re: [JDEV] Kid-safe messaging: [was buddy icons]
> 
>> Part of the problem is that ICQ numbers are assigned sequentially,
>> this is how they can easily target new accounts (the reason that you
>> get loads of e-mails requesting you credit card number when you sign up
>> for compuserve).
> 
> I don't get any SPAM. iCQ (offical client that is) has several options to
> very much secure your client. Such as "Ignore messages from users not on my
> contact list", "Do not accept multi-recpient messages" and "Do not accept
> web gateway messages", etc..
> 
> 
> ___
> jdev mailing list
> [EMAIL PROTECTED]
> http://mailman.jabber.org/listinfo/jdev
> 


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] voice chat ...

2001-04-11 Thread Thomas Charron 

From: Jens Alfke
Subject: Re: [JDEV] voice chat ...
is it http://www.tellme.com ?
they use voiceXML
But that doesn't appear to be voice chat, rather voice recognition.

Close, but more along the lines of interactive voice response.  VoiceXML
is method to provide computer telephony scripting..


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] Test Suite released!

2001-04-11 Thread Dustin Puryear 

Ok, SourceForge is way too slow. I just decided to lose my existing
history and import directly into CVS. It is now up and running. You can
download via anonymous access using:

$ cvs
-d:pserver:[EMAIL PROTECTED]:/cvsroot/jabbertest
login
$ cvs -z3
-d:pserver:[EMAIL PROTECTED]:/cvsroot/jabbertest
co testsuite

Regards, Dustin

-- 
Dustin Puryear <[EMAIL PROTECTED]>
http://members.telocity.com/~dpuryear
In the beginning the Universe was created. 
This has been widely regarded as a bad move. - Douglas Adams

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] (no subject)

2001-04-11 Thread Kerem HADIMLI 

Uhm, well.. storing the password in server will cause you a trouble; you'll
need to login to the server in order to learn the password :))

Regards,
Kerem HADIMLI

> Girish wrote:
> 
> Hi all
>  Actually i wanna ask when we register a user then that info
> is stored on the server in normal text form which can be misused so i
>  wanted some way of registering the user so that we can store passwords in
> encrypted format on the server
> thanx
> Girish

-- 
If it happens once, it's a bug.
If it happens twice, it's a feature.
If it happens more than twice, it's a design philosophy.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread David Waite 

Actually, I like the thought of rate-limiting. If they can only send two subscription 
requests per minute, they would be discouraged from trying to bulk-subscribe. Also, if 
they could only resolve two search matches per minute, they would be discouraged from 
walking the list and bulk-messaging. Have the ability to implement rules like 'ten 
unique invalid user requests in a minute bans s2s communication with that server for 
ten minutes', and it just won't be
practical.

I believe the spam response rate is well under 1%, if they were only able to spam a 
hundred users a day or some such number, it would be unlikely they would consider this 
to a viable advertising method.

-David Waite

Jens Alfke wrote:

> On Wednesday, April 11, 2001, at 09:02 AM, Thomas Parslow (PatRat) wrote:
>
>   why do you think it will become an issue if the user itself is careful
>   enough? It definitely isn't easy to guess the account names on Jabber, as 
>it
>   is the case with ICQ.
>
>  But that relies on every user knowing what they're doing ;)
>
> Precisely, which brings us back to the subject of this thread. I guess the 
>conclusion here is that clients should either default to blocking messages from 
>non-buddies, or should when first run ask the user if s/he wants to accept messages 
>from non-buddies, with the default answer being "no".
>
>  Also, many users wish to be listed in online directories so that
>  people can find them.
>
> This is a wider issue. Blocking all non-buddies is pretty severe. It might be enough 
>to also accept messages from people who have you on their buddy list, since you 
>presumably approved their doing so. The loophole I can see here is that you could end 
>up getting spammed with subscription requests like "The user [EMAIL PROTECTED] wants 
>to add you to their buddy list. Do you approve this?"
>
> One big vague architectural solution is to establish some kind of "web of trust" 
>where transitive buddyhood ([EMAIL PROTECTED] is unknown to me but is on one of my buddy's 
>buddy lists) is used as a heuristic to guess that someone is legit and therefore not 
>block their messages. The problem is how to trawl through the directed graph of buddy 
>lists without privacy concerns coming up, since I don't necessarily want all my 
>buddies knowing who else is on my buddy list.
>
> Here's a quick thought: Allow each user to keep a private server-side list that 
>rates other users positively or negatively. Other users can then send special 
>messages to your server to query for your rating of a single other user. By sending 
>such a query to your whole buddy list, you can compute an aggregate ranking that 
>gives you an idea of whether or not to trust or block some unknown user. Should be 
>quite simple to implement...
>
> -Jens


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Jens Alfke 
 On Wednesday, April 11, 2001, at 09:02 AM, Thomas Parslow (PatRat) wrote:

why do you think it will become an issue if the user itself is careful
enough? It definitely isn't easy to guess the account names on Jabber, as it
is the case with ICQ.
But that relies on every user knowing what they're doing ;)

Precisely, which brings us back to the subject of this thread. I guess the conclusion here is that clients should either default to blocking messages from non-buddies, or should when first run ask the user if s/he wants to accept messages from non-buddies, with the default answer being "no".

Also, many users wish to be listed in online directories so that
people can find them.

This is a wider issue. Blocking all non-buddies is pretty severe. It might be enough to also accept messages from people who have you on their buddy list, since you presumably approved their doing so. The loophole I can see here is that you could end up getting spammed with subscription requests like "The user [EMAIL PROTECTED] wants to add you to their buddy list. Do you approve this?"

One big vague architectural solution is to establish some kind of "web of trust" where transitive buddyhood ([EMAIL PROTECTED] is unknown to me but is on one of my buddy's buddy lists) is used as a heuristic to guess that someone is legit and therefore not block their messages. The problem is how to trawl through the directed graph of buddy lists without privacy concerns coming up, since I don't necessarily want all my buddies knowing who else is on my buddy list.

Here's a quick thought: Allow each user to keep a private server-side list that rates other users positively or negatively. Other users can then send special messages to your server to query for your rating of a single other user. By sending such a query to your whole buddy list, you can compute an aggregate ranking that gives you an idea of whether or not to trust or block some unknown user. Should be quite simple to implement...

—Jens

Re: [JDEV] How to check users presence?

2001-04-11 Thread Jens Alfke 
 On Tuesday, April 10, 2001, at 08:57 PM, Peter Saint-Andre wrote:

Are you subscribed to this person's presence (i.e., are you in the other
person's roster with a subscription type of 'from' or 'both')? You need
to be in order for the probe to work.

But the client shouldn't need to send a probe at all. The server will send you  elements from your subscribed buddies right after you log in, and whenever their status changes. All you need to do is listen for them.

—Jens

Re: [JDEV] voice chat ...

2001-04-11 Thread Jens Alfke 
 On Tuesday, April 10, 2001, at 06:38 PM, dlb wrote:

is it  http://www.tellme.com ?
they use voiceXML

But that doesn't appear to be voice chat, rather voice recognition.

Are there open standards for voice-over-IP, as there are for video-over-IP (H.263)?

I would guess that all that's necessary is to send a jabber:x:oob attachment giving your IP address and port number, and then the receiver connects using some standard voice/video protocol. But what would the protocol name used in the URL be?

—Jens

Re: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Oliver Wing 

> Part of the problem is that ICQ numbers are assigned sequentially,
> this is how they can easily target new accounts (the reason that you
> get loads of e-mails requesting you credit card number when you sign up
> for compuserve).

I don't get any SPAM. iCQ (offical client that is) has several options to
very much secure your client. Such as "Ignore messages from users not on my
contact list", "Do not accept multi-recpient messages" and "Do not accept
web gateway messages", etc..


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re[2]: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Thomas Parslow (PatRat) 

>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
>> Sent: Wednesday, April 11, 2001 5:05 PM
>>
>> However, even though spam isn't a problem yet on the
>> Jabber network, there will come a day when it is does
>> become a problem.  Once there are enough users of
>> Jabber, there will naturally follow those who want to
>> advertise to them and then it's only a small step to
>> Jabber spam.  That's why it's important (to me, at
>> least) to start planning for countermeasures sooner
>> rather than later.
>
> why do you think it will become an issue if the user itself is careful
> enough? It definitely isn't easy to guess the account names on Jabber, as it
> is the case with ICQ.
> For example, I don't get any spam on my MSN Messenger account (and no email
> spam to my hotmail account neither).

But that relies on every user knowing what they're doing ;)
Also, many users wish to be listed in online directories so that
people can find them.

Thomas Parslow (PatRat) ICQ #:26359483
Rat Software
http://www.rat-software.com/
Please leave quoted text in place when replying



___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

RE: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread John Hebert 

Agreed. Spam doesn't have to be a problem with jabber or any IM that allows one to
reject messages or even subscription requests from unknowns.

4/11/01 10:43:40 PM, "Neeme Praks" <[EMAIL PROTECTED]> wrote:
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
>> Sent: Wednesday, April 11, 2001 5:05 PM
>>
>> However, even though spam isn't a problem yet on the
>> Jabber network, there will come a day when it is does
>> become a problem.  Once there are enough users of
>> Jabber, there will naturally follow those who want to
>> advertise to them and then it's only a small step to
>> Jabber spam.  That's why it's important (to me, at
>> least) to start planning for countermeasures sooner
>> rather than later.
>
>why do you think it will become an issue if the user itself is careful
>enough? It definitely isn't easy to guess the account names on Jabber, as it
>is the case with ICQ.
>For example, I don't get any spam on my MSN Messenger account (and no email
>spam to my hotmail account neither).
>

--
John Hebert
System Engineer
http://www.vedalabs.com
Changing your state of mind through sound. 


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

RE: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Neeme Praks 


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Sent: Wednesday, April 11, 2001 5:05 PM
>
> However, even though spam isn't a problem yet on the
> Jabber network, there will come a day when it is does
> become a problem.  Once there are enough users of
> Jabber, there will naturally follow those who want to
> advertise to them and then it's only a small step to
> Jabber spam.  That's why it's important (to me, at
> least) to start planning for countermeasures sooner
> rather than later.

why do you think it will become an issue if the user itself is careful
enough? It definitely isn't easy to guess the account names on Jabber, as it
is the case with ICQ.
For example, I don't get any spam on my MSN Messenger account (and no email
spam to my hotmail account neither).


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Relationship with .NET?

2001-04-11 Thread Thomas Charron 

RE: [JDEV] Relationship with .NET?From: Colin Madere
Subject: RE: [JDEV] Relationship with .NET?
Can you guys please take this elsewhere unless you are going to give
explicit examples of how Jabber development will relate to .NET.
Thanks

Err, I believe I did earlier.

P.S. Just because a company with a lot of money backs something, doesn't
mean it is great.

And just becouse it's backed by alot of money, doesn't mean it isn't.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

RE: [JDEV] Relationship with .NET?

2001-04-11 Thread Colin Madere 
Title: RE: [JDEV] Relationship with .NET?





Can you guys please take this elsewhere unless you are going to give explicit examples of how Jabber development will relate to .NET.

Thanks


P.S. Just because a company with a lot of money backs something, doesn't mean it is great.  


> -Original Message-
> From: Oliver George [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 11, 2001 2:50 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [JDEV] Relationship with .NET?
> 
> 
> > 
> > 
> >>> I suggest if we as an industry are going to back anything 
> we back SOAP
> >>> and XML and let .NET .DIE
> >> 
> >> 
> >> Wow, I can honestly say I've never heard such an ignorant 
> statement in
> >> my life.  Let me put the statement in perspective for 
> people who are not up
> >> to par with .NET..
> >> 
> >> "I suggest if we as an industry are going to back anything 
> we back small
> >> peices of wood made so we can pick our teeth, and LET 
> TOOTHPICKS DIE.."
> >> 
> >> Shesh..
> >> 
> > 
> > Shouldn't that be "sheesh"? Or is that "shush"???
> > 
> > Oh, and I don't use toothpicks... any chance of letting us 
> in on how you see
> > .NET, SOAP and Jabber developing - sorry to be so slow -:)
> > 
> Heh, just my 2c... the initial posting was enthusiastic and hollow.  
> give us an example.  else we cant tell an insightful comment from the 
> new age of propaganda: 'spamming good technology mail groups'.  Sorry 
> for the conspiricy theory: i've no doubt .NET will be great else MS 
> wouldn't back it so hard.  but tell us why.
> 
> 
> ___
> jdev mailing list
> [EMAIL PROTECTED]
> http://mailman.jabber.org/listinfo/jdev
>

RE: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Duncan, Paul 


Uhm... did I mention ..


  http://www.mysoftware.com/bannerads/buy.jpg
http://www.mysoftware.com/bannerads/default.htm
AE9323DEFGH123


- Duncan


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Todd Bradley
Sent: Wednesday, April 11, 2001 10:05 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [JDEV] Kid-safe messaging: [was buddy icons]


> What I would recommend if you want to protect your users from messages
> of this type is blocking all messages from people not on the roster,
> this should be fairly watertight... Maybe things could be setup so
> that all messages received from users not on the roster are forwarded
> to another JID (the admins) but this would require a modified client.

Or a server side module.


> For the time being, just not using the ICQ transport should be enough,
> it's not a problem on Jabber (in my experience).

True enough.  The only porn spam I ever get is when
the ICQ gateway is working.  Of course, once there is
a Jabber client that works well through a firewall,
I'll be able to convince the last ICQ holdouts to
move over to Jabber and then it won't be an issue for
me.

However, even though spam isn't a problem yet on the
Jabber network, there will come a day when it is does
become a problem.  Once there are enough users of
Jabber, there will naturally follow those who want to
advertise to them and then it's only a small step to
Jabber spam.  That's why it's important (to me, at
least) to start planning for countermeasures sooner
rather than later.


Todd.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

RE: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Todd Bradley 

> What I would recommend if you want to protect your users from messages
> of this type is blocking all messages from people not on the roster,
> this should be fairly watertight... Maybe things could be setup so
> that all messages received from users not on the roster are forwarded
> to another JID (the admins) but this would require a modified client.

Or a server side module.


> For the time being, just not using the ICQ transport should be enough,
> it's not a problem on Jabber (in my experience).

True enough.  The only porn spam I ever get is when
the ICQ gateway is working.  Of course, once there is
a Jabber client that works well through a firewall,
I'll be able to convince the last ICQ holdouts to
move over to Jabber and then it won't be an issue for
me.

However, even though spam isn't a problem yet on the
Jabber network, there will come a day when it is does
become a problem.  Once there are enough users of
Jabber, there will naturally follow those who want to
advertise to them and then it's only a small step to
Jabber spam.  That's why it's important (to me, at
least) to start planning for countermeasures sooner
rather than later.


Todd.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

Re: [JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread Thomas Parslow (PatRat) 

> Is there one - what's the address?
>
> Wouldn't the solution be that all servers and transports have to do some
> Public Key based authentication on first connection?
>
> Personally I'm fairly new to messaging and became interested more from the
> live XML data communications face of Jabber, and as a result signed up for a
> variety of IM "accounts".
>
> I have noticed that I pretty well invariably get spam'd by "Valerie" or
> whoever when I sign up for a new account on ICQ ( a few seconds after
> signing up)... not good news if you are thinking of building chat into a
> kids learning environment.
>
> Can anyone give e an idea of how "they" do this? And what the implications
> are for using Jabber in this area are?

Part of the problem is that ICQ numbers are assigned sequentially,
this is how they can easily target new accounts (the reason that you
get loads of e-mails requesting you credit card number when you sign up
for compuserve).

What I would recommend if you want to protect your users from messages
of this type is blocking all messages from people not on the roster,
this should be fairly watertight... Maybe things could be setup so
that all messages received from users not on the roster are forwarded
to another JID (the admins) but this would require a modified client.

For the time being, just not using the ICQ transport should be enough,
it's not a problem on Jabber (in my experience).

Thomas Parslow (PatRat) ICQ #:26359483
Rat Software
http://www.rat-software.com/
Please leave quoted text in place when replying



___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] Kid-safe messaging: [was buddy icons]

2001-04-11 Thread David Bovill 

Interesting post (thanks):

> I suggest that we take this to the 'security' Jabber mailing list.

Is there one - what's the address?

Wouldn't the solution be that all servers and transports have to do some
Public Key based authentication on first connection?

Personally I'm fairly new to messaging and became interested more from the
live XML data communications face of Jabber, and as a result signed up for a
variety of IM "accounts".

I have noticed that I pretty well invariably get spam'd by "Valerie" or
whoever when I sign up for a new account on ICQ ( a few seconds after
signing up)... not good news if you are thinking of building chat into a
kids learning environment.

Can anyone give e an idea of how "they" do this? And what the implications
are for using Jabber in this area are?


> From: [EMAIL PROTECTED]
> Reply-To: [EMAIL PROTECTED]
> Date: Tue, 10 Apr 2001 09:45:21 -0500 (CDT)
> To: [EMAIL PROTECTED]
> Subject: Re: [JDEV] RE: File Transfer [was buddy icons]
> 
>> One thing though, once the conversation has been snooped on, isn't the
>> security already totally compromised?
> 
> It's a reasomable goal for any system to ensure that passive traffic sniffing
> does not compromise the security, As was mentioned earlier, SSL, PGP, and
> 0K authentication can help assist in reaching this goal.
> 
> 
> One design 'feature' that I like about Jabber is that all communication
> is user-to-server and not directly user-to-user. This protects the client
> from DOS attacks against your IP address (As is common on IRC) because your
> IP address is never revealed to the client.
> 
> Unfortunately, this design means that a malicious server operator can very
> easily sniff, log, and even modify all communications to and from any user
> logged in to that server. Even with PGP you still have traffic analysis, etc.
> 
> 
> For example, without SSL (and without SSL certificate validation) I can create
> a MITM attack, a XML forwarder that looks like your favorite Jabber server,
> but actually logs/modifies all traffic, or even translates everything you
> say into pig latin. I was hoping to release my proof of concept for this on
> April 1st...
> 
> I suggest that we take this to the 'security' Jabber mailing list.
> 
> 
> Kevin Kadow
> MSG.Net, Inc.
> 
> ___
> jdev mailing list
> [EMAIL PROTECTED]
> http://mailman.jabber.org/listinfo/jdev
> 


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] (no subject)

2001-04-11 Thread Girish 



Hi all
 
Actually i wanna ask when we register a user then that info is stored on the 
server in normal text form which can be misused so i  wanted some way 
of registering the user so that we can store passwords in encrypted format on 
the server
thanxGirish

Re: [JDEV] Relationship with .NET?

2001-04-11 Thread Oliver George 

> 
> 
>>> I suggest if we as an industry are going to back anything we back SOAP
>>> and XML and let .NET .DIE
>> 
>> 
>> Wow, I can honestly say I've never heard such an ignorant statement in
>> my life.  Let me put the statement in perspective for people who are not up
>> to par with .NET..
>> 
>> "I suggest if we as an industry are going to back anything we back small
>> peices of wood made so we can pick our teeth, and LET TOOTHPICKS DIE.."
>> 
>> Shesh..
>> 
> 
> Shouldn't that be "sheesh"? Or is that "shush"???
> 
> Oh, and I don't use toothpicks... any chance of letting us in on how you see
> .NET, SOAP and Jabber developing - sorry to be so slow -:)
> 
Heh, just my 2c... the initial posting was enthusiastic and hollow.  
give us an example.  else we cant tell an insightful comment from the 
new age of propaganda: 'spamming good technology mail groups'.  Sorry 
for the conspiricy theory: i've no doubt .NET will be great else MS 
wouldn't back it so hard.  but tell us why.


___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev

[JDEV] (no subject)

2001-04-11 Thread Girish 



Hi all
 
Hey i wanna know whether there is any jabber client that supports zero 
authentication. Since i have tried with jabber client installed on my m/c but 
that asks always u to enter your username and password. But Zero Knowledge 
authentication requires u to only send your username and 
password. 
 
please reply as early as possible
  
thanks
     
                
                
                
                
        Girish