Honestly, I struggle with this myself. On the one hand I like the diversity of clients; it feels like a sign of strength of the community and protocol that there are many options that have different values. But the cost of this diversity is that it makes things more complicated to coordinate, and different people with different values have different opinions on what a chat client should even want for features.

Something like Slack or Discord can roll out a server feature and client feature to all their clients all at the same time and have a unified experience. But the whole benefit of FLOSS is that anyone can fork the client to make changes, and the whole point of an open protocol is that multiple independent clients can interoperate, and so there’s a kind of irony in me wanting those things, but those things producing a fractured output.

So I think XMPP, as a protocol, does the best compromise. These differences between clients and servers aren’t just random changes in behaviour or undocumented features, they’re named, numbered, alterations that live somewhere and are advertised in the built-in “discovery” protocols. The protocol format itself is extensible, so unexpected content can be passed alongside known content in a message or a server response and the clients all know to ignore anything they don’t understand, and virtually all of the XEPs are designed with some kind of backwards compatibility in mind for how this feature might degrade when sent to a non-supported client.

It isn’t perfect, but I think perfection is impossible here. A single server and client that everyone uses and keeps up to date religiously with forced upgrades is best for cohesiveness, but worst for “freedom”, and a free-for-all where people just make random individual changes and everything is always broken isn’t really a community, and XMPP sits in the middle and has a menu of documented deviations for clients to advertise and choose.

As for security, that can be mostly solved with libraries, independent of the rest of the client or server implementation. Like, most clients used libsignal for their crypto, so that could in theory be audited and bug-fixed and all clients would benefit. Again, not perfect, there’s always room at the interface between the client code and the library code that’s unique, but it’s not as bad as rolling your own crypto.

That’s great! It’s what’s been holding me back from other self hosted solutions, is that they seemed to want a full two-way sync. Maybe it’s time to make the switch!

If you have a lot of photos, does immich require they all be downloaded locally, or does it fetch them from the server as needed?

By “this date” do you mean a notification thing that surfaces photos from this time years ago, etc?

The tailscale clients are, I believe, open source. It’s just the server that’s not, and you can run the unofficial but well supported “headscale” as a server if you want. But this requires you to run this somewhere publicly accessible, like a VPS, for coordination and NAT-punching purposes.

But! I’m pretty sure as the business operates right now, that tailscale doesn’t have access to the actual data connections or anything, it’s all encrypted, they’re basically just there for simplicity and coordination. And their business model is to offer simple things for free, like small numbers of devices, with the hope that you like the service and convince your business to pay for the fancy version for money. So I don’t think it’s quite as bad as the typical “free because I’m harvesting your data” models.

That all having been said, I run headscale 😛

On the contrary, as a dude with many friends, none of us put in “tons of effort”. Each of my friendships are casual and relaxed, we “see each other when we see each other”, and that works well for all of us. We have lots of mutual respect, and an intent to have a friendship, but friendship just means different things to different people.

Some people, like it seems maybe yourself and OP, have the energy of a drowning person who will take any person who tries to help them down with them. And also a sense of… justice?.. that’s highly attuned to amplify small slights. I’ve seen it before in some second hand reports of like “I sent him a photo that I really liked and he didn’t respond within 24 hours, and when he did it was just with a 😛. Can you imagine the gall!”, when actually there’s no indignity, he just doesn’t look at his phone much… or he was busy. But it’s a problem when the sender isn’t busy, and is in fact just sitting there fuming for 24h because they have way more energy invested into this.

I want to check in real quick here, none of my tone here is intended to be angry or even mocking. I’ve got a lot of privilege for sure, and it helps combat this. A person suffering with food scarcity is going to react differently to a backyard BBQ than a person without food scarcity, and I’m willing to bet a person suffering from social scarcity would do the same.

My only purpose for writing this is because I’ve met people who feel “desperate”, and people who have a sense of “principles of friendship” that are iron clad, but also not mutual and are inflexible and cause them to push everyone away for not respecting them, meanwhile all the people they pushed away seem to get by just fine. And often it’s easiest to just let these people go because they’re, perhaps through no fault of their own, toxic to non-manic casual friends and friend groups. And I figured I’d give a more “average” perspective of what the other side of this might actually look or feel like.

And I already feel like I’m going to regret it 😛

Also, since we talked about expressing intent upfront, let me say that I’m going to post this and then get out of bed, and I probably won’t look at Lemmy again the rest of the day. I have some errands to run and I’m going to a BBQ with some friends later, and I have notifications turned off because I don’t want Lemmy stuff being a force of push in my life, only pull, so I probably won’t see any replies until maybe tonight when I go to bed, maybe tomorrow morning if I do something else tonight? So I can’t guarantee I’ll want to respond to any replies, but if I haven’t replied in 24h, that isn’t actually emotionally meaningful. I’m not ignoring you, I’m just doing other stuff and literally not thinking about you. 😉

XMPP doesn’t change very very often, but there’s actually tons of XEPs that are in common use and are considered functionally essential for a modern client, and with much higher numbers than XEP-0004

The good news, though, is that mostly you as the user don’t need to care about those! Most of the modern clients agree on the core set and thus interoperate fine for most normal things. And most XEPs have a fallback in case the receiver doesn’t support the same XEPs.

I’m general XMPP as a protocol is a lightweight core that supports an interesting soup of modules (in the form of XEPs) to make it a real messenger in the modern sense. And I think that’s neat! But you can’t really judge the core to say how often things change.

They’re taking about switching to Jabber/XMPP, which is what those two bridges are for, and they’re saying XMPP servers are lightweight.

It’s a bit confusing in context, I’ll admit.

I don’t know what your plans are, and I don’t want to give you false hope, but if you’re otherwise planning on taking hormones as part of your journey, you may find as others have that blocking testosterone, especially early into thinning, can reverse thinning. Because it’s actually a testosterone problem.

But! There are lots of other side effects of this, so if it wasn’t part of your plan, then nevermind!

And importantly, I’m sure you’re lovely just the way you are, but I figured I’d mention it in case it’s relevant.

Hmmm… for reasons I cannot justify my brain is telling me the equivalent for “my man, you really blah blah blah” should be “madame, you really blah blah blah”

Though I agree you can’t correct someone by being like “ahem, it’s madame actually” 😛

To be fair, as a native English speaker from Canada, I don’t know what the heck is going on with the South African accent.

Half the time I can’t even recognize it (likely just due to lack of exposure), so when I hear someone speaking with an accent that’s kinda like Australia and New Zealand, but isn’t quite right for either of those, I think “must be South African”… 😅

This is also why taking about a country’s debt is often more complicated than people think. Because when I go into debt on my credit card or whatever, that’s bad because the credit card company starts feeding on me.

But when a properly functioning government goes into debt, it’s to me! What I get out of it is a bridge or train or something now, greater economic opportunities associated with that, and then also I get my money back later with interest, so it gives me a reliable way to grow my own money. Or, like I said, for banks or investment firms on my behalf to use these tools as some of the tools in the box to grow both my and their money.

It’s only a problem when the debt gets to the point that it doesn’t seem like the country will be able to pay it. Or, similarly, when the investment in infrastructure doesn’t produce enough extra value to fund this repayment.

But again, when a government is in debt, it’s in debt to investors who are using that debt to grow their money while the (well-functioning) government is using the money to grow the country.

This is the problem any time the news talks about countries’ debts.

The answer is others of us. The government wants to build a canal or something, but they don’t have room in their budget. So, they make some bonds that say we give them $100 today, they give us $105 in 5 years, and a bunch of people buy them and now they can finance their project.

And who are they in debt to? Us, the people who bought the bonds and who they have to pay back later.

And if some of the buyers if that investment was China, then you could say the government is in debt to China. Sometimes if just normal Chinese people buy it, the news will report the government is in debt to China, or “owned by China”, even though it just got some money and owes some money to normal Chinese citizens who just took a solid-looking investment.

And if one person buys such investments from two countries, or is part of a mutual fund that does, then perhaps they may own hundreds in dollars of debt from two countries.

So I assume in this case they took the debts of various countries and added them up. But the answer of who the governments are all in debt to is us, normal people, and also banks and investors and other governments, etc.

There’s an app I’ve never used but heard of: https://adresilo.com/

I think the way it works is that it queries Google’s API for locations, proxies through them, but it can’t show them on a map due to Terms of Service, but it can provide links that will then open in any map app of your choice.

The app is open source, but the DB is obviously Google. So it’s trying to blur that line of providing Open Source functionality, and using Open Source maps, with the practicality of “Google has all the stuff” UX problem.

At least I think…

XMPP/Jabber via a web client like movim.eu sounds like it ought to work!

You can also look into Snikket as a host for small groups like friends or family, but can continue to use the Movim web client even if you’re hosting with Snikket rather than Movim itself.

I’m not 100% deep on the crypto, but my understanding is they use blind signatures (which have been around for a long time) to do their issuing. If you’re unfamiliar, these are kinda like an envelope with a hole cut in it, so you can put a document in it with a hidden unique key, and they can see some info through the hole, and can stamp their signature through the hole to validate that it’s legit without knowing the hidden info.

Then the user can remove it from the envelope (unblind) and now have a certified valid coin without the issuer knowing which coin is theirs.

So in the context of an ATM, the ATM wouldn’t “issue” coins, it would be given a request for coins from your wallet, it would certify the validity of that request, and then give your wallet back that certification in such a way that the wallet could unblind it and have the anonymous secret. So ultimately your wallet is the one that’s in charge of producing the unique parts.

It seems there’s also a system for making sure you don’t produce bad transactions by asking you to generate N, promping you to unwrap a bunch of them to prove there’s nothing weird about them, and then signing one of the remaining ones under the assumption it’s also legit. At least it sounds like it, but I’m even less familiar with that part. But even if you did spoof someone else’s secrets… it doesn’t allow you to steal their money I don’t think… because in order to have your transaction validated in the first place you had to truly give the ATM your money… so you could I guess pay $10 to screw over your friend for $10 because it’ll look like they spent money they didn’t… but you still spent $10… so it’s less like stealing their money and more like paying to throw their wallet off a bridge? You don’t gain anything, but they lose something? Maybe there’s another exploit I don’t know about in the like “renewal” or “refund” or “transfer” protocols that make that more important.

Anyway, I’m still not a Taler fan, but in this case I think it’s possible to do what they claim. Now, if the bank or ATM or whatever asks for ID or an account to use their services, they could track that you withdrew money, and how much. That’s data they can collect. The anonymous buyer part just means they can’t tie the coin they issued you to a spent deposit they receive later. So they know you got $10 out, and they can assume you probably spent it, but they can’t know what you spent it on.

If I could momentarily be a douchebag for a good cause: I’ve been to Japan and visited gardens there, and when I saw this photo I thought it was a photo from a place I’ve been in Japan, so this garden seems pretty legit to me! Beautiful!

You might actually like Taler, it’s fundamentally different from blockchain based systems, to the point of being a cryptocurrency only in the technical sense, but not having any of the properties people associate with that word culturally.

Taler doesn’t use any kind of proof of work, and so doesn’t consume excess power or other resources, at least not more than, like, visiting any normal webpage. It’s also not decentralized, and only partially anonymous, so I can acquire money anonymously and no one can trace the money I got to a particular spend, but the only place I can reasonably spend it has to be registered to the centralized issuer and is firmly not anonymous. And the only things they can do with the tokens they receive is redeem them, which means there’s no place for tax evasion because the issuing authority can track every dollar the registered vendors redeem with them. And you can’t really transfer money from random person to person, so there’s no black market opportunity, etc.

So basically the only thing Taler “protects” is that the buyer’s identity can be anonymous, but any vendor accepting Taler must not be and are highly trackable.

These are things I actually don’t like about Taler, but we may be on opposite sides of a few issues, which is fair.

Who? Vivian’s dad?