Do you wash your hands when you come home? Now let's remember that there is also such a thing as digital hygiene. Failure to comply with it can also lead to sad consequences. And even the “safest” Jabber can lead not only to deanon you, but also your friends.
Suppose you added a contact to Jabber, renamed it as convenient and assigned it to the necessary group for ordering. All information instantly "flew" to the server contact list, or in other words - Roster. Imagine, the contact was called “bArmAlEy”, and you renamed it “Misha Berdoev” out of old friendship, and even added it to the “Carders” group. All this was saved on the server.
Clearly, for understanding, on the server everything looks like this
At the same time, the very bArmAlEy on the other end of the wire does not even suspect that it has already been drained. This is important to understand, because those who do not know you under a nickname, or know you under a different nickname, can “rename” you for nothing to do in their contact “as a priest”, or for some other sexual-racial-ethnic characteristics ... Or, for example, link different nicknames. And unexpectedly, the contact [email protected] will have the nickname Aibolit (more convenient for human communication), which goes to other contacts from other people as [email protected]. And no one in their hearts knows that barmaley @ and aibo @ are one and the same person. Only now the roster knows. This means everyone who has access to it.
You created two separate jabber with a person you know for personal correspondence, and someone (at least one of you) renamed it to your “usual” nickname or name, everything is fucked up, epic fail is a drain.
It is impossible to control this remotely. You can only observe social hygiene. That is, all your environment should be aware of this feature of contacts and not engage in such renaming or division into groups (according to them, you can also find the same people in the roster with different nicknames / contacts, if the group structure is the same).
To make life a little easier for Jabber users using Miranda NG, I cleaned up this issue there with the help of George Hazan. (Below is a list of commits).
It is very important to understand: how this happens in other jabber clients is known only to their authors. But, with a probability of about 95%, all information from the local contact list is sent to the roster by default, as the XMPP (server contact list) logic dictates. Those. all your local contact names and groups are merged to the server. (This applies to any clients that work as prescribed by the protocol - with a server contact list, i.e. all mobile clients of the Xabber type - too; do not rename contacts there and do not add people to groups ! Unless it is group1, group2 and etc. in the literal sense).
If you have previously leaked information about nicknames and groups, what should you do now? At least clean it up (although, most likely, it is already in the hands of “those who”). And as a maximum - update contacts.
I give instructions on how to clean up this information using the latest version of Miranda NG ( these fixes are available only in the latest debug beta version dated 05/27/2020 ; this is not yet available in the release).
1) First, see how bad it is. Just overview. In the top menu, select Status -> the required jabber account -> Services… -> Roster Editor. In the window that appears, click [Download]. A list of contacts from the roster will appear - this is what the server (and “those who”) knows about your contacts, their names, groups.
2) Do not rush to edit anything here - it does not make sense, this table is read only in practice (i.e. even if you change something, it will not work in any way).
3) Have you seen? Close the window.
4) Now go to the settings to turn off the synchronization of your contacts (now this turns off not only the synchronization of groups, but also of nicknames, + it also works perfectly).
The path is as follows:
= -> Options ... -> Network -> the required jabber account -> the “Advanced” tab.
Scroll the list almost to the very bottom. A checkbox will be visible above the Security subgroup:
[] Ignore server roster (groups and nick names)
Turn it on - [x].
Then - [OK] (close the settings).
5) Now you can start cleaning. You need to go to the Roster Editor for this account (how to do this is indicated in paragraph 1). Click the [Download] button there, then click the [Export] button and save to jabber-acc.xml (a name you like).
6) After that, open the jabber-acc.xml item saved in the previous paragraph in any editor convenient for you and bring all the fields name = ”” and group = ”” exactly to this (empty) state. (There you will probably have something like jid = ”[email protected]” name = ”Vasek Koreshok” group = ”Finance”, but you need to do jid = ”[email protected]” name = ”” group = ””).
7) After finishing the preparation of the clean .xml (better in another copy in case something happens), press the [Import] button in the same Roster Editor and load the cleaned .xml.
8) Done. (This should be done with all jabber accounts if you have more than one)
For information, the list of commits in Miranda NG with the indicated changes:
Roster (the ignore groups / nicknames):
github.com
github.com
github.com
github.com
Roster: xml export / import (roster editor)
github.com
Bonus:
1) Hiding the type / version of the client software:
github.com
2) Commits March 15-21, 2020: GPG fix for different situations (all sorts of freezes, etc.)
With the permission of sporaw.livejournal.com
Suppose you added a contact to Jabber, renamed it as convenient and assigned it to the necessary group for ordering. All information instantly "flew" to the server contact list, or in other words - Roster. Imagine, the contact was called “bArmAlEy”, and you renamed it “Misha Berdoev” out of old friendship, and even added it to the “Carders” group. All this was saved on the server.
JabberID | Nickname | Group | Subscription |
---|---|---|---|
[email protected] | Misha Berdoev | Carders | both |
At the same time, the very bArmAlEy on the other end of the wire does not even suspect that it has already been drained. This is important to understand, because those who do not know you under a nickname, or know you under a different nickname, can “rename” you for nothing to do in their contact “as a priest”, or for some other sexual-racial-ethnic characteristics ... Or, for example, link different nicknames. And unexpectedly, the contact [email protected] will have the nickname Aibolit (more convenient for human communication), which goes to other contacts from other people as [email protected]. And no one in their hearts knows that barmaley @ and aibo @ are one and the same person. Only now the roster knows. This means everyone who has access to it.
You created two separate jabber with a person you know for personal correspondence, and someone (at least one of you) renamed it to your “usual” nickname or name, everything is fucked up, epic fail is a drain.
It is impossible to control this remotely. You can only observe social hygiene. That is, all your environment should be aware of this feature of contacts and not engage in such renaming or division into groups (according to them, you can also find the same people in the roster with different nicknames / contacts, if the group structure is the same).
To make life a little easier for Jabber users using Miranda NG, I cleaned up this issue there with the help of George Hazan. (Below is a list of commits).
It is very important to understand: how this happens in other jabber clients is known only to their authors. But, with a probability of about 95%, all information from the local contact list is sent to the roster by default, as the XMPP (server contact list) logic dictates. Those. all your local contact names and groups are merged to the server. (This applies to any clients that work as prescribed by the protocol - with a server contact list, i.e. all mobile clients of the Xabber type - too; do not rename contacts there and do not add people to groups ! Unless it is group1, group2 and etc. in the literal sense).
If you have previously leaked information about nicknames and groups, what should you do now? At least clean it up (although, most likely, it is already in the hands of “those who”). And as a maximum - update contacts.
I give instructions on how to clean up this information using the latest version of Miranda NG ( these fixes are available only in the latest debug beta version dated 05/27/2020 ; this is not yet available in the release).
1) First, see how bad it is. Just overview. In the top menu, select Status -> the required jabber account -> Services… -> Roster Editor. In the window that appears, click [Download]. A list of contacts from the roster will appear - this is what the server (and “those who”) knows about your contacts, their names, groups.
2) Do not rush to edit anything here - it does not make sense, this table is read only in practice (i.e. even if you change something, it will not work in any way).
3) Have you seen? Close the window.
4) Now go to the settings to turn off the synchronization of your contacts (now this turns off not only the synchronization of groups, but also of nicknames, + it also works perfectly).
The path is as follows:
= -> Options ... -> Network -> the required jabber account -> the “Advanced” tab.
Scroll the list almost to the very bottom. A checkbox will be visible above the Security subgroup:
[] Ignore server roster (groups and nick names)
Turn it on - [x].
Then - [OK] (close the settings).
5) Now you can start cleaning. You need to go to the Roster Editor for this account (how to do this is indicated in paragraph 1). Click the [Download] button there, then click the [Export] button and save to jabber-acc.xml (a name you like).
6) After that, open the jabber-acc.xml item saved in the previous paragraph in any editor convenient for you and bring all the fields name = ”” and group = ”” exactly to this (empty) state. (There you will probably have something like jid = ”[email protected]” name = ”Vasek Koreshok” group = ”Finance”, but you need to do jid = ”[email protected]” name = ”” group = ””).
7) After finishing the preparation of the clean .xml (better in another copy in case something happens), press the [Import] button in the same Roster Editor and load the cleaned .xml.
8) Done. (This should be done with all jabber accounts if you have more than one)
For information, the list of commits in Miranda NG with the indicated changes:
Roster (the ignore groups / nicknames):
Jabber: stronger appliance of Roster Editor with RFC 6121 · miranda-ng/miranda-ng@5ebba85
Miranda NG: Next Generation of Miranda IM. Contribute to miranda-ng/miranda-ng development by creating an account on GitHub.
Jabber: custom roster nicks should be ignored as well as roster groups · miranda-ng/miranda-ng@67adb1e
Miranda NG: Next Generation of Miranda IM. Contribute to miranda-ng/miranda-ng development by creating an account on GitHub.
Jabber: if we ignore roster, thy shalt update existing nicks either · miranda-ng/miranda-ng@fd1139f
Miranda NG: Next Generation of Miranda IM. Contribute to miranda-ng/miranda-ng development by creating an account on GitHub.
Jabber: if we ignore roster nicks, we don't apply them when local CLi… · miranda-ng/miranda-ng@c6f19f0
…st/MyHandle isn't empty
Roster: xml export / import (roster editor)
Jabber: roster to be exported into the simple xml format (import from… · miranda-ng/miranda-ng@59bcd60
… the old format is also supported)
Bonus:
1) Hiding the type / version of the client software:
Jabber: fix for hiding software version via caps request · miranda-ng/miranda-ng@728b55c
Miranda NG: Next Generation of Miranda IM. Contribute to miranda-ng/miranda-ng development by creating an account on GitHub.
2) Commits March 15-21, 2020: GPG fix for different situations (all sorts of freezes, etc.)
With the permission of sporaw.livejournal.com