@@ChrisJones-rd4wb Can't speak of the protocol but I was referring to the application itself (especially Prosody). Compared to some other thing you can self-host like Matrix or Talagram it's night and day.
Mental outlaw is legit the truth... I read two chapters on fuzzing and was like, wtf, less than two mins in Outlaw showed me the light. Thanks man, doing gods work out here in the trenches of RUclips.
Matrix is a metadata disaster that feeds a bunch of info back to the main Synapse server. While your chats are end-to-end encrypted, the main Synapse server can still see who you are communicating with. That's not the worst of it, though. Matrix was funded by a company called Amdocs, which is an Israeli company that provides major wiretap and phone billing/record-keeping software contracts for the U.S. government. There are usability merits of Matrix over XMPP, but that does not excuse feeding metadata to a centralized source that you do not control. The metadata is still valuable information to glowies, even though they cannot see your E2E chats.
My Matrix account was just purged for "suspicious activity". I use a VPN. That's all I can think of. Element would be great if the Matrix developers stopped being retards
@@punishedpinecone4772 just use another homeserver. Matrix is decentralized/federated, nobody forces you to choose the biggest server. It’s the same with XMPP.
On the topic of server security, pretty much the first things I do on any of my servers is install fail2ban and change SSH from port 22. Here's a crazy anecdote, recently I had to reinstall one of my VPS' and after hitting reinstall I took my dog out for a 30 minute walk. I returned to an email with my SSH details, I fired up Putty, connected, signed in and the first thing CentOS did was inform me that there had been over 200 failed SSH login attempts since my last successful login (remember it was a fresh install so I had never logged in). Assuming a 10 minute reinstall time that means in 20 minutes of me leaving the server open on port 22 someone had port scanned me and tried to login to its secure shell over 200 times. Also remember, use CentOS for web based services since it comes OOTB preconfigured with firewall zones and rules applied. Ubuntu Server comes with UFW disabled and you have to manually create zones and rules before you enable it (otherwise it blocks port 22 which you're connected to). Firewalld also intergrates much nicer with Docker, it creates a docker zone for your docker networks automatically.
Ran into prosidy xmpp the other day during a pentesting CTF. The version was obviously outdated but the most recent CVE had a rating of 7.5isb so make sure to update Prosidy (if you aren't in the habit of updating software regularly.) As always, great content. Always a good way to end my day, my nightly infosec resource for learning knew stuff. Thanks for what ya do for this community!
Mozilla: owned by google, kicked out its founder Brendan Eich, encourages idiots to re-write mature and stable software in Rust for literally no reason whatsoever. Basically Mozilla is a glowie-controlled opp org for the glowies and the corporations.
@@alessandrorossi1294 owned by google: mozilla is practically funded all by google, but it doesn't really change much about anything since it's almost all open source (basically only default search engine as far as I know), isn't brendan eich homophobic?, rust is good for maintainability
@@alessandrorossi1294 I guess this is a good answer but i think kenny can explain it better and go into detail. And dont forget the pepe in the thumbnail, i always wonder where he gets those from
Setting up your own messaging server at a VPS is also a practice that I think we should consider questioning. How much can you trust on the host, or the server ISP to "not be spooky"?
As long as you use end-to-end encryption, that shouldn't be much of a problem. I'm not sure how well that's supported within the XMPP ecosystem, though.
@BUTTORFLĒOGE EXTRATÖNE shit I was just wrecked by that article I've been preparing and reading up to start contributing to matrix but now I'll change direction to xmpp
You've done lots of videos on setting up servers like this XMPP video and the VPN video and you've also talked a lot about how the only way to have secure email is to host it yourself. You should do a video on how to set up just a regular server to hold files and email and stuff, and maybe even how to register to get a domain. Basic things like setting up a server, hooking it up to a public or private network, making it secure, interfacing with it, etc.
I dont really see any reason why he would. Unless you're in the serverspace, it's like going back in time to late 90's linux where barely anything was supported and drivers didn't exist for much, plus having even LESS software compatibility than Linux.
@@hedgeearthridge6807 I use it as a daily driver. It has plenty of software support and is updated. Imo, it's more secure, but I just wanna hear what he thinks.
linux is already great though, and there is no reason to switch apart from it being different since linux is open source and free, with better compatibility and ease of use
@@gusstr20 You say it's more secure because you're regurgitating BS you heard elsewhere. Less eyes = less secure code. And nobody, i mean nobody use BSD, especially OpenBSD which is ony useful for server side. NSA do know better than you and they certainly do NOT use BSD for their desktop environment.
Maybe as a server, I've been experimenting with using OpenBSD for web apps instead of Debian since I think it has better security. The problem is there's fewer guides and compatible software, and I'm a noob at webdev (currently teaching myself fullstack) so its a bit of a challenge.
Hey whats your thoughts on SimpleX? Would you be able to do video about SimpleX from understanding of it, the privacy and anonymity is the best out there.
Personally I consider the documentation and forums for Gentoo to be better than Arch. As far as technical differences go Gentoo allows you easily compile individual packages and your kernel in different ways which adds a whole new layer of customization that Arch users don't get into (unless they decide to pull the source code and compile themselves instead of installing binaries with pacman)
Federation too. You can’t join a IRC server without creating an account on that server. A lot of feature comforts added as well like getting some of the chat history, messages received when you come back online, no line length limitations, etc.
He may very well be Christian level based The highest tier and original meaning of Based being Biblically Based (To build on a solid base instead of illogical shifting sands)
You don't really have to set up a web server. I mean I've done this without doing that I even enabled pub sub and was able to work out the issue with my subdomains and SSL certificates
The three letter "bois" can still just take the keys from your server if they want to and wiretap it all. The server provider most likely has easy access to your root fs.
They don’t have to… it’s federated. You can just create a few accounts to give to friends & instruct them to change passwords as needed. If they’re not your friends, just tell them to find their own server to join.
This tutorial was really incomplete, didn’t work and only left me more confused… if I want to run an xmpp on a server that’s also running a website, this tutorial doesn’t really help
XMPP requires way less resources (CPU, RAM, and especially storage). Less resources means it’s reasonable to self-host & still join MUCs without filling your hard drive with the entire history of messages/attachments upon joining. It was built a decade ago & optimized for that hardware rather than the bulk that is Matrix’s Python server and its web clients, Element.
Man the thumbnail game is on fire
0:00 to 0:02 is LITERALLY me when I catch glowies lackin'
this is why I clicked top tier
pepe is straight up breaking a glowie buck lmao
Yooo fr!
@Rlaziken UwU
XMPP is definitely less bloated than my Smoke Signals setup.
XMPP protocol is really really bloated
@@ChrisJones-rd4wb Can't speak of the protocol but I was referring to the application itself (especially Prosody). Compared to some other thing you can self-host like Matrix or Talagram it's night and day.
@@ChrisJones-rd4wb bloat is only bad when it hinders
@@zvezdan956 Yes, and it hinders me from making a decent extensible client.
Yeah! Running smoke signals on my pcs just made it too hot :\
Finally! Thanks for making privacy more accesible!
балгариа
Bulgaria
Болгария
IRC replacement
Mental outlaw is legit the truth...
I read two chapters on fuzzing and was like, wtf, less than two mins in Outlaw showed me the light.
Thanks man, doing gods work out here in the trenches of RUclips.
Can you please share me the those fuzzing videos link
Would you be so kind as to share the reading material that you're talking about?
@@hl2exe I’m reading through the Grey Hat Hacking Handbook by McGraw Hill. Chapter 3 is fuzzing!
some demonstration of how should work, in an session, like text, attachments and so on, will be nice.
The Death Star is now fully operational
a video on Matrix/Matrix Synapse and how it compares to XMPP would be neat
Matrix is a metadata disaster that feeds a bunch of info back to the main Synapse server. While your chats are end-to-end encrypted, the main Synapse server can still see who you are communicating with.
That's not the worst of it, though. Matrix was funded by a company called Amdocs, which is an Israeli company that provides major wiretap and phone billing/record-keeping software contracts for the U.S. government.
There are usability merits of Matrix over XMPP, but that does not excuse feeding metadata to a centralized source that you do not control. The metadata is still valuable information to glowies, even though they cannot see your E2E chats.
@Nobody its super bloat, XMPP is also super bloat
My Matrix account was just purged for "suspicious activity". I use a VPN. That's all I can think of. Element would be great if the Matrix developers stopped being retards
@@punishedpinecone4772 just use another homeserver. Matrix is decentralized/federated, nobody forces you to choose the biggest server. It’s the same with XMPP.
@@nani8ot for running own Matrix server you must have a supercomputer, because Synapse is very resource-hungry
On the topic of server security, pretty much the first things I do on any of my servers is install fail2ban and change SSH from port 22.
Here's a crazy anecdote, recently I had to reinstall one of my VPS' and after hitting reinstall I took my dog out for a 30 minute walk. I returned to an email with my SSH details, I fired up Putty, connected, signed in and the first thing CentOS did was inform me that there had been over 200 failed SSH login attempts since my last successful login (remember it was a fresh install so I had never logged in).
Assuming a 10 minute reinstall time that means in 20 minutes of me leaving the server open on port 22 someone had port scanned me and tried to login to its secure shell over 200 times.
Also remember, use CentOS for web based services since it comes OOTB preconfigured with firewall zones and rules applied. Ubuntu Server comes with UFW disabled and you have to manually create zones and rules before you enable it (otherwise it blocks port 22 which you're connected to). Firewalld also intergrates much nicer with Docker, it creates a docker zone for your docker networks automatically.
Ran into prosidy xmpp the other day during a pentesting CTF. The version was obviously outdated but the most recent CVE had a rating of 7.5isb so make sure to update Prosidy (if you aren't in the habit of updating software regularly.)
As always, great content. Always a good way to end my day, my nightly infosec resource for learning knew stuff. Thanks for what ya do for this community!
A note: Hashing doesn't work without specifying "authentication = internal_hashed" under the VirtualHost
Day two of asking kenny to make a video on the mozilla is made by the feds situation
Mozilla: owned by google, kicked out its founder Brendan Eich, encourages idiots to re-write mature and stable software in Rust for literally no reason whatsoever. Basically Mozilla is a glowie-controlled opp org for the glowies and the corporations.
@@alessandrorossi1294 except it's open source.....................
@@JamesQHolden that doesn’t change anything I said though
@@alessandrorossi1294 owned by google: mozilla is practically funded all by google, but it doesn't really change much about anything since it's almost all open source (basically only default search engine as far as I know), isn't brendan eich homophobic?, rust is good for maintainability
@@alessandrorossi1294 I guess this is a good answer but i think kenny can explain it better and go into detail. And dont forget the pepe in the thumbnail, i always wonder where he gets those from
This guy is one step above everyone in choosing thumbnails
I was just wondering how to set up my own XMPP server and boom...this video shows up. The algorithm gets me!
Setting up your own messaging server at a VPS is also a practice that I think we should consider questioning. How much can you trust on the host, or the server ISP to "not be spooky"?
you could just use them as a glorified proxy to a sneedable home server :^)
As long as you use end-to-end encryption, that shouldn't be much of a problem. I'm not sure how well that's supported within the XMPP ecosystem, though.
*finally*, i had no idea why pidgin wasn't working for the past 15 years :v
Been hosting since 2012. Love XMPP!
Super scalable and very lightweight I am running prosody on my orange pi zero
I literally configured a prosody server yesterday for work and now you upload a video nice! xD
Dude, you're awesome, this channel is pure gold
timing, my dude... recently searched on this and got myself a bit confus-ed
Yee I been interested in hosting xmpp for a bit
I fucking love you
man I remember using Jabber on late 2000s German "scene" boards... what a vibe
matrix vs xmpp
please, i am really waiting for this from guys like you
matrix is better
> Comments "Matrix is better"
> Doesn't elaborate
> Leaves
@BUTTORFLĒOGE EXTRATÖNE shit I was just wrecked by that article
I've been preparing and reading up to start contributing to matrix but now I'll change direction to xmpp
Matrix: Is an Israeli glow op
XMPP: Is not an Israeli glow op
/thread
@@chronotriggerfan
Pretty sure it’s element that was the Israeli glow op
Just set one up myself, works great and was a neat experience!
This is something I've been after for a while, so thanks for the upload!
Nice pfp
@@tikoblocks3224 thank you
The very low dislikes shows how good his viewers are, They exactly know what they watching
Mental outlaw rocks
You've done lots of videos on setting up servers like this XMPP video and the VPN video and you've also talked a lot about how the only way to have secure email is to host it yourself. You should do a video on how to set up just a regular server to hold files and email and stuff, and maybe even how to register to get a domain. Basic things like setting up a server, hooking it up to a public or private network, making it secure, interfacing with it, etc.
Not sure if you’re still interested but it’s incrediblyy complicated, running your own email server
Installing and using XAMP (the windows one) was so much fun back in university.
Man, those were the days.
😢🥺
Tor Hidden Service + XMPP server sounds pretty op
I wasn’t expecting a last second begonias grove reference thrown in there lol. Great video. Thanks!
Yes, finally got a riscv64 Gentoo VM running. So happy right now. Btw good video
Yes, i’ve wanted this!
just found this channel, your videos are top notch
how are your thumbnails consistently so good lol
Could you do a video about FreeBSD? Or just BSD in general...?
I dont really see any reason why he would. Unless you're in the serverspace, it's like going back in time to late 90's linux where barely anything was supported and drivers didn't exist for much, plus having even LESS software compatibility than Linux.
@@hedgeearthridge6807 I use it as a daily driver. It has plenty of software support and is updated. Imo, it's more secure, but I just wanna hear what he thinks.
@@gusstr20 yep i agree its getting better
linux is already great though, and there is no reason to switch apart from it being different since linux is open source and free, with better compatibility and ease of use
@@gusstr20 You say it's more secure because you're regurgitating BS you heard elsewhere.
Less eyes = less secure code. And nobody, i mean nobody use BSD, especially OpenBSD which is ony useful for server side.
NSA do know better than you and they certainly do NOT use BSD for their desktop environment.
Who knew that my hours and hours of Lua in Gmod would actually be worth something
Finally! XMPP is the best
Yes!
"alphabet boys at weird parties where they worship Moloch" 😂😂😂😂😂😂😂😂😂
It's funny cuz it's true.
Could you do a video covering how to secure an envelope and pigeon? Or should I use hawk/raven?
Your thumbnail game is on another level.
It's as the old saying goes; "If you want something done right, you have to do it yourself."
Mannnn this videos are so based, great stuff
Will your ever make a video on a BSD distro?
Maybe as a server, I've been experimenting with using OpenBSD for web apps instead of Debian since I think it has better security. The problem is there's fewer guides and compatible software, and I'm a noob at webdev (currently teaching myself fullstack) so its a bit of a challenge.
@@MentalOutlaw could you please make a video about the Tox protocol. it's one of the best and most promissing p2p projects I've seen in a while.
@@MentalOutlaw what stack are you using?
Thanks man!, Need this. Luke Smith would blabber how this is good and blah blah but he'd never how setup an xmpp server . You're the legit guy.
awesome channel man!!!
Hey whats your thoughts on SimpleX? Would you be able to do video about SimpleX from understanding of it, the privacy and anonymity is the best out there.
Nice thumbnail my guy
This is an off topic question. Why do you use gentoo ? What specific thing/features do you use on gentoo that's not possible on Arch (for example) ?
emerge gives him plenty of time to get his reps in
Gentoo penguins are pretty fast on water. I would say this is the reason.
Personally I consider the documentation and forums for Gentoo to be better than Arch. As far as technical differences go Gentoo allows you easily compile individual packages and your kernel in different ways which adds a whole new layer of customization that Arch users don't get into (unless they decide to pull the source code and compile themselves instead of installing binaries with pacman)
Legendary thumbnail man
woah thanks man, very cool
Appreciate your thumbnail game my dude
Any thoughts on taking this and connecting it to a matrix server if you can?
So you are here because of "deepfake blackface channel" ?
Yes.
XMPP vs Matrix , XMPP is more documented if you want to host an hidden service on I2P or TOR
What are the upsides of a XMPP server over a selfhosted IRC server apart from it being a more lightweight solution?
e2e encryption
Federation too. You can’t join a IRC server without creating an account on that server.
A lot of feature comforts added as well like getting some of the chat history, messages received when you come back online, no line length limitations, etc.
Noice
can we get one on Matrix server setup as well?
yeah
this
Yes
Please
Sure
That thumbnail tho.. lit
Are you down with XMPP??
Why are you not uploading to Odysee? I'd rather watch as many people over there as I can instead of RUclips.
Yes
Indian government might ban e2e encryption chats
So I do indeed plan to host a chat server
Our government is becoming trash day by day😂 privacy me piracy daal rahe hai
Got Instagram ad on this nice one RUclips
"worship Moloch"
Just how based can a man be?
He may very well be Christian level based
The highest tier and original meaning of Based being Biblically Based
(To build on a solid base instead of illogical shifting sands)
Great video, can’t wait to try it myself 👍
Get down with XMPP, yeah you know me ♫
You don't really have to set up a web server. I mean I've done this without doing that I even enabled pub sub and was able to work out the issue with my subdomains and SSL certificates
Can you post the nginx config? I got to that point in the video and I don't think you share the entire config.
I always wanted good privacy 😂
When thumbnail creation takes more time than making the video
You could use matrix, if you want a federated server infrastructure
Matrix is an Israeli glow op.
@@chronotriggerfan
Pretty sure it’s the client known as element that is the Israeli glow op, you liar
I like it, but who im I going to talk to? All my friends are 100% normies
Sweet, ty. But now how do I get an anon Vps and domain with my wownero/monero👉👈🥺
The three letter "bois" can still just take the keys from your server if they want to and wiretap it all. The server provider most likely has easy access to your root fs.
Thats why you use end 2 end encryption with verified contacts only, no private keys are stored on the server anyways.
Mental outlaw are you on other platforms in case they get rid of your channel?
youtube have blocked age restricted videos on mpv. Do you now how to fix it for a windows normie like me?
Thanks Luke
Breaking Glow
When will be the proton mail video?
I wrote my own IRC server in C in one week.
I like the Moloch part
XMPP is awesome, but nobody I know would ever move beyond Whatsapp. What's the point of having an XMPP account with 0 (zero) friends?
thanks. now I can communicate with my drug dealer easily..
can this is accessible in windows??😊
How can users register to this xmpp instance of mine?
also e2e encryption was not covered
They don’t have to… it’s federated. You can just create a few accounts to give to friends & instruct them to change passwords as needed. If they’re not your friends, just tell them to find their own server to join.
It's not bad, but it gets sketchy on mobile with the existing apps. At least back in 2015
Please do Matrix next!
Can you do XMPP vs Matrix? 🙃
Is this where we talk about organizing minecraft marches?
Eksem Peepee is a funny name tbqh 😳
Hidden Terry Davis in thumbnail, the creator of TempleOS
Did this around 2015 on a raspberry PI 2B+, we used it like 3 times and then never again :(
could you go through OTR with XMPP? Not sure if Profanity is a good service.
This tutorial was really incomplete, didn’t work and only left me more confused… if I want to run an xmpp on a server that’s also running a website, this tutorial doesn’t really help
XMPP i cant think of ot seriously
Extended
Mesmorizing
pp
I still laugh at fart jokes
What about Matrix?
UwU
Ok
No comparison to Jami (.net)?
Why are so many governments using astraChat? I can't finde the source code for it? Is it even open source? I am confused
Compared to Matrix? (Dendrite/Synapse, Element)
XMPP requires way less resources (CPU, RAM, and especially storage). Less resources means it’s reasonable to self-host & still join MUCs without filling your hard drive with the entire history of messages/attachments upon joining. It was built a decade ago & optimized for that hardware rather than the bulk that is Matrix’s Python server and its web clients, Element.
Why not just using Briar?
Make tutorial how to setup matrix api server.