From 4c23893f5b83dd882e6aa55b829d89565c56d409 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 00:45:44 +0200 Subject: [PATCH 01/11] posts: encrypted_XMPP: update draft --- src/pages/posts/2026/encrypted_XMPP.md | 80 +++++++++++++++++--------- 1 file changed, 52 insertions(+), 28 deletions(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 12b8e71..8b07a9a 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -14,17 +14,20 @@ description: 'Secure and private messaging with XMPP and OMEMO encryption.' # End-to-End Encryption in XMPP with OMEMO I find it funny that twenty years ago I was already trying -to promote XMPP over ICQ to my classmates. -At the time, the proprietary messenger kept making life harder -for users of alternative clients. -That’s when I realized that I prefer protocols over services. +to get people to switch to XMPP. + +For a long time, ICQ was extremely popular around me, +but the proprietary messenger kept breaking things for people +using alternative clients, which was quite annoying. +After yet another round of this pointless battle +I realized clearly that I prefer protocols over services. I didn’t have much success back then, but fortunately, XMPP (and I hope I have too) has continued moving forward over the past two decades. It has developed slowly, sometimes awkwardly, but steadily. -Here I won’t talk about why XMPP is great or how to use it. +Here, I won’t talk about why XMPP is great or how it works. You can check widely supported +XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. You can read more about it on a how end-to-end encryption affects the XMPP user experience + href='#practical-aspects-of-omemo-and-xmpp'>how end-to-end encryption affects the XMPP user experience or jump straight to the step-by-step workflow I personally use. + href='#step-by-step-guide'>step-by-step workflow I personally use. ### Trade-offs Between Safety and Convenience @@ -99,7 +105,6 @@ your chats are secured with Signal-grade end-to-end encryption, and you can use as many devices as you want, all at the same time, without being tied to any proprietary service. -This post is here to show how to use it intentionally and safely. In general, the XMPP experience today could be described as a "WhatsApp with benefits and frictions". @@ -108,7 +113,9 @@ is actually based on XMPP, but incompatibly altered and defederated. ### Keys, Fingerprints and Trust -OMEMO is based on the Double Ratchet Algorithm. +OMEMO is based on the + + Double Ratchet Algorithm. While the internal details are quite interesting, for practical purposes it's enough to know that each client stores some cryptographic keys @@ -209,9 +216,9 @@ and notifying your contacts when fingerprints are added or no longer valid so they can keep their trust list up to date. -## Step-by-step Guide +## Step-by-Step Guide -Let’s say I have a XMPP account, me@some.server, +Let’s say I have a XMPP account, `me@some.server`, and a few devices: a phone, a laptop, and a desktop computer. First I’ll describe my mindset at a high level, then I’ll add some notes about specific clients. @@ -224,13 +231,12 @@ That’s where I keep the full chat history and get real-time notifications. On the other hand, I have a couple of desktop applications. I only open them when I need to discuss something using my keyboard -or move some text between devices. -I like to think of them as ad-hoc or satellite clients. +or share some text between devices. +I like to think of them as satellite clients. ### Before the Start First, enable OMEMO encryption on every client if it isn't enabled by default. -The client will usually generate the keys and fingerprint automatically. The next step is to add all clients to the trust list on each device: my phone should trust all my computers, @@ -238,29 +244,32 @@ and my computers should trust each other as well as my phone. Fingerprints do not have to be secret, so they can be published on your website or even on social media profiles. -Here is my page with the fingerprints: -https://oddsquat.org/about/keys/ +Here is my page with the fingerprints, for example: +
+ https://oddsquat.org/about/keys/ + ### Start the Conversation in Person Let’s say I meet Alice, -we start talking, and decide to continue the conversation online. +we start talking, and then decide to continue the conversation online. I open a special QR code on my phone, and Alice scans it with her client. This QR code already contains the fingerprints of all my devices, -so no extra steps are needed. +so no extra steps are needed on her phone. +After that, I do the same and scan her QR code as well. -Then I do the same and scan the QR code from Alice’s screen -with my mobile client. +Later at home, I manually mark her devices as trusted on my computers +using the trusted list on my phone, and she does the same. -Now we are both sure that it’s really us in the conversation, +Now we are both sure that it is really us in the conversation, and that all messages will be available on all our devices and only on them. ### Start the Conversation Online Let’s say Bob and I start discussing something on a forum or in the Fediverse, -and then decide to move to XMPP. +and then decide to continue the discussion on XMPP. Bob starts the chat. I trust the first device he messages me from, and then we exchange fingerprints for our other devices, if we have any. @@ -301,7 +310,7 @@ that I personally use. Conversations is a modern, fully featured chat application for Android. It supports everything a messaging app should support: -chats, voice calls, and sharing photos and files. +chats, voice calls, video calls, and sharing files of any kind. There are several forks of it where the UI or UX may differ, but the core features work exactly the same. @@ -312,7 +321,7 @@ you can see a list of published fingerprints and manually mark them as trusted or revoke trust. To simplify all these routine operations, a QR-code-based system is used: -You can show your own QR code or scan other people’s codes +you can show your own QR code or scan other people’s codes directly from the main screen. This makes device verification during in-person meetings simple and effortless. @@ -321,7 +330,7 @@ This makes device verification during in-person meetings simple and effortless. Dino is a lightweight GTK-based GUI client. It can be considered a fully functional one, -although some non-essential features are still not supported or implemented. +although some non-essential features are still not implemented. For example, it is not possible to clear local chat history using built-in methods :D @@ -338,7 +347,7 @@ Profanity is a powerful TUI client where everything is controlled through a built-in command system. If you somehow intend to use it, -below you will find a small cheat sheet for using OMEMO. +you can find a small cheat sheet for the `/omemo` command below. However, I strongly recommend reading the full documentation. - Generate a key and add your other clients: @@ -372,3 +381,18 @@ However, I strongly recommend reading the full documentation. ```text /omemo untrust alice@another.server some-cool-fingerprint-02 ``` + +## Late Disclaimer + +This post was originally intended as a collection of answers to questions +I had when I first started using XMPP with OMEMO. + +It isn’t meant to be exhaustive or formal, +but rather to clarify the practical side of things +and reduce that initial feeling of being lost +when you keep running into +"The message was not encrypted for this device" +over and over again. + +From now on, I hope you won’t encounter errors like this +or any other issues with end-to-end encryption in XMPP. From 6f86f019e352f4797cceff7916d27181fc7fbf14 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 00:49:06 +0200 Subject: [PATCH 02/11] posts: encrypted_XMPP: update draft --- src/pages/posts/2026/encrypted_XMPP.md | 66 +++++++++++++------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 8b07a9a..51e5b41 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -22,25 +22,25 @@ using alternative clients, which was quite annoying. After yet another round of this pointless battle I realized clearly that I prefer protocols over services. -I didn’t have much success back then, +I didn't have much success back then, but fortunately, XMPP (and I hope I have too) has continued moving forward over the past two decades. It has developed slowly, sometimes awkwardly, but steadily. -Here, I won’t talk about why XMPP is great or how it works. +Here, I won't talk about why XMPP is great or how it works. You can check this guide -(one of many) and I’d rather not write another one. +(one of many) and I'd rather not write another one. In this post, I want to focus specifically on end-to-end encryption and the practical aspects of using it. ## Short Glossary **End-to-end encryption** is a way to keep your chats truly private.
-Only you and the person you’re messaging can read the messages. +Only you and the person you're messaging can read the messages. Not even the server owner has the keys needed to decrypt or modify them. **XMPP** is an extensible protocol for instant messaging. @@ -82,9 +82,9 @@ before its long dive into enshitification, really draws the line between convenience and security. Regular chats are easy and flexible, but "secret" chats come with a full set of limitations: -they’re one-on-one only, -can’t be synced to another device, -aren’t available on desktop at all, +they're one-on-one only, +can't be synced to another device, +aren't available on desktop at all, and so on. All commercial so-called "secure" messengers, like Signal or WhatsApp, @@ -92,12 +92,12 @@ end up with pretty similar limitations, because it's tricky to make end-to-end encrypted chats work the way users expect. -Luckily, protocols and cryptography don’t care about +Luckily, protocols and cryptography don't care about convenience or user expectations. -Many XMPP clients let you do almost anything you’re trying to do. -Sometimes it’s clunky and unintuitive, -sometimes it’s the kind of freedom that lets you shoot yourself in the foot. -At the end of the day, you’d better understand what you’re doing. +Many XMPP clients let you do almost anything you're trying to do. +Sometimes it's clunky and unintuitive, +sometimes it's the kind of freedom that lets you shoot yourself in the foot. +At the end of the day, you'd better understand what you're doing. It might sound messy, but for that price, XMPP actually gives you a lot of handy features: @@ -108,7 +108,7 @@ without being tied to any proprietary service. In general, the XMPP experience today could be described as a "WhatsApp with benefits and frictions". -It's kinda ironic, considering that WhatsApp’s protocol +It's kinda ironic, considering that WhatsApp's protocol is actually based on XMPP, but incompatibly altered and defederated. ### Keys, Fingerprints and Trust @@ -123,10 +123,10 @@ and can derive a hash from them, commonly called a fingerprint. Keys are usually managed automatically by the XMPP client, and in normal use you should never need to handle them manually. -In fact, you probably don’t even need to know what they look like. +In fact, you probably don't even need to know what they look like. A fingerprint lets you identify a specific client of your contact -and verify that it hasn’t been spoofed. +and verify that it hasn't been spoofed. Fingerprints for an account are not secret: clients publish their own fingerprints to the XMPP server and automatically receive the fingerprints of others. @@ -194,14 +194,14 @@ some data to a new device. ### Message Correction -It’s worth keeping in mind that +It's worth keeping in mind that features that seem simple and straightforward at first glance, such as message editing and deletion, actually rely on client-side implementation and may not behave for your recipient the way you expect. -They’re fine to use and are well supported in some clients, -but you shouldn’t rely on them to hide anything. +They're fine to use and are well supported in some clients, +but you shouldn't rely on them to hide anything. ### Maintenance @@ -209,7 +209,7 @@ OMEMO was designed as a set-it-and-forget-it solution, and it mostly succeeds in that goal. If you have a basic understanding of how the protocol works and check in online from time to time, -there shouldn’t be any surprises. +there shouldn't be any surprises. All maintenance comes down to making regular backups and notifying your contacts @@ -218,16 +218,16 @@ so they can keep their trust list up to date. ## Step-by-Step Guide -Let’s say I have a XMPP account, `me@some.server`, +Let's say I have a XMPP account, `me@some.server`, and a few devices: a phone, a laptop, and a desktop computer. -First I’ll describe my mindset at a high level, -then I’ll add some notes about specific clients. +First I'll describe my mindset at a high level, +then I'll add some notes about specific clients. ### Client Roles On the one hand, I have my phone. -It’s almost always with me and almost always online. -That’s where I keep the full chat history and get real-time notifications. +It's almost always with me and almost always online. +That's where I keep the full chat history and get real-time notifications. On the other hand, I have a couple of desktop applications. I only open them when I need to discuss something using my keyboard @@ -251,7 +251,7 @@ Here is my page with the fingerprints, for example: ### Start the Conversation in Person -Let’s say I meet Alice, +Let's say I meet Alice, we start talking, and then decide to continue the conversation online. I open a special QR code on my phone, and Alice scans it with her client. @@ -267,7 +267,7 @@ and that all messages will be available on all our devices and only on them. ### Start the Conversation Online -Let’s say Bob and I start discussing something +Let's say Bob and I start discussing something on a forum or in the Fediverse, and then decide to continue the discussion on XMPP. @@ -275,8 +275,8 @@ Bob starts the chat. I trust the first device he messages me from, and then we exchange fingerprints for our other devices, if we have any. This approach is called TOFU (Trust On First Use). -Bob can confirm it’s really me using my page with fingerprints. -I can confirm it’s really him by asking him to send his fingerprints +Bob can confirm it's really me using my page with fingerprints. +I can confirm it's really him by asking him to send his fingerprints in a private message on the same forum or via email. Ideally, Bob also has a public page with his fingerprints. @@ -293,7 +293,7 @@ If I lose one of my devices or delete any private keys, the first thing I do is remove the corresponding client from the trusted list on my other devices. -Once I’ve updated all my personal lists, +Once I've updated all my personal lists, I should inform my contacts about changes via trusted channels. I can simply ask Alice to scan my new QR code the next time we meet, @@ -321,7 +321,7 @@ you can see a list of published fingerprints and manually mark them as trusted or revoke trust. To simplify all these routine operations, a QR-code-based system is used: -you can show your own QR code or scan other people’s codes +you can show your own QR code or scan other people's codes directly from the main screen. This makes device verification during in-person meetings simple and effortless. @@ -358,7 +358,7 @@ However, I strongly recommend reading the full documentation. /omemo qrcode ``` -- View the list of your own or someone else’s fingerprints: +- View the list of your own or someone else's fingerprints: ```text /omemo fingerprint me@some.server /omemo fingerprint alice@another.server @@ -387,12 +387,12 @@ However, I strongly recommend reading the full documentation. This post was originally intended as a collection of answers to questions I had when I first started using XMPP with OMEMO. -It isn’t meant to be exhaustive or formal, +It isn't meant to be exhaustive or formal, but rather to clarify the practical side of things and reduce that initial feeling of being lost when you keep running into "The message was not encrypted for this device" over and over again. -From now on, I hope you won’t encounter errors like this +From now on, I hope you won't encounter errors like this or any other issues with end-to-end encryption in XMPP. From 074ec47c02eec0f41fc1ea738aec7f1ce763759e Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 00:55:58 +0200 Subject: [PATCH 03/11] typograf: add common/punctuation/apostrophe --- tools/typograf.js | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/typograf.js b/tools/typograf.js index 2319865..2b7ed50 100644 --- a/tools/typograf.js +++ b/tools/typograf.js @@ -25,6 +25,7 @@ const tp = new Typograf({ const enabledRules = [ 'common/nbsp/*', + 'common/punctuation/apostrophe', 'common/punctuation/quote', 'en-US/dash/main', 'ru/dash/main', From bb5a989c20dc2edca66631e68e9cf0740d0a1c69 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 01:18:42 +0200 Subject: [PATCH 04/11] posts: encrypted_XMPP: linting --- src/pages/posts/2026/encrypted_XMPP.md | 477 ++++++++++++++----------- 1 file changed, 262 insertions(+), 215 deletions(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 51e5b41..909e317 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -11,346 +11,392 @@ description: 'Secure and private messaging with XMPP and OMEMO encryption.' --- -# End-to-End Encryption in XMPP with OMEMO +# End-to-End Encryption in XMPP with OMEMO -I find it funny that twenty years ago I was already trying -to get people to switch to XMPP. +I find it funny that twenty years ago I was already trying +to get people to switch to XMPP. -For a long time, ICQ was extremely popular around me, +For a long time, ICQ was extremely popular around me, but the proprietary messenger kept breaking things for people using alternative clients, which was quite annoying. -After yet another round of this pointless battle -I realized clearly that I prefer protocols over services. +After yet another round of this pointless battle +I realized clearly that I prefer protocols over services. -I didn't have much success back then, -but fortunately, XMPP (and I hope I have too) +I didn’t have much success back then, +but fortunately, XMPP (and I hope I have too) has continued moving forward over the past two decades. -It has developed slowly, sometimes awkwardly, but steadily. +It has developed slowly, sometimes awkwardly, but steadily. -Here, I won't talk about why XMPP is great or how it works. +Here, I won’t talk about why XMPP is great or how it works. You can check this guide -(one of many) and I'd rather not write another one. -In this post, I want to focus specifically on end-to-end encryption -and the practical aspects of using it. +(one of many) and I’d rather not write another one. +In this post, +I want to focus specifically on end-to-end encryption +and the practical aspects of using it. ## Short Glossary -**End-to-end encryption** is a way to keep your chats truly private.
-Only you and the person you're messaging can read the messages. -Not even the server owner has the keys needed to decrypt or modify them. +**End-to-end encryption** is a way +to keep your chats truly private.
+Only you and the person you’re messaging can read the messages. +Not even the server owner has the keys +needed to decrypt or modify them. -**XMPP** is an extensible protocol for instant messaging. -It's open, decentralized, and mature. +**XMPP** is an extensible protocol for instant messaging. +It’s open, decentralized, and mature. -**OMEMO** is a widely supported XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. You can read more about -it on a dedicated page by Daniel Gultsch. + target='_blank'>dedicated page by Daniel Gultsch. -**Client**, in this post, -means a specific instance of an XMPP application on a user device. +**Client**, in this post, +means a specific instance +of an XMPP application on a user device.
OMEMO-related documentation uses the term Device, -but I find it potentially confusing: -in practice, a single physical device can run multiple independent clients. +but I find it potentially confusing: +in practice, a single physical device +can run multiple independent clients. ## Basic Concepts -This section introduces some basics of end-to-end encryption. +This section introduces some basics of end-to-end encryption. -If you're already familiar with the concepts and terminology, +If you’re already familiar with the concepts and terminology, you can skip ahead to how end-to-end encryption affects the XMPP user experience -or jump straight to the step-by-step workflow I personally use. + href='#practical-aspects-of-omemo-and-xmpp'>how end-to-end encryption + affects the XMPP user experience, +or jump straight to the step-by-step workflow I personally use. ### Trade-offs Between Safety and Convenience Unfortunately, things that are truly secure are rarely convenient. -They often require some initial efforts and a bit of ongoing attention. +They often require some initial efforts +and a bit of ongoing attention. -Telegram, which used to be a benchmark for messenger usability +Telegram, which used to be a benchmark for messenger usability before its long dive into enshitification, really draws the line between convenience and security. Regular chats are easy and flexible, -but "secret" chats come with a full set of limitations: -they're one-on-one only, -can't be synced to another device, -aren't available on desktop at all, -and so on. +but “secret” chats come with a full set of limitations: +they’re one-on-one only, +can’t be synced to another device, +aren’t available on desktop at all, +and so on. -All commercial so-called "secure" messengers, like Signal or WhatsApp, -end up with pretty similar limitations, -because it's tricky to make end-to-end encrypted chats +All commercial so-called “secure” messengers, like Signal or WhatsApp, +end up with pretty similar limitations, +because it’s tricky to make end-to-end encrypted chats work the way users expect. -Luckily, protocols and cryptography don't care about -convenience or user expectations. -Many XMPP clients let you do almost anything you're trying to do. -Sometimes it's clunky and unintuitive, -sometimes it's the kind of freedom that lets you shoot yourself in the foot. -At the end of the day, you'd better understand what you're doing. +Luckily, protocols and cryptography don’t care about +convenience or user expectations. +Many XMPP clients let you do almost anything you’re trying to do. +Sometimes it’s clunky and unintuitive, +sometimes it’s the kind of freedom +that lets you shoot yourself in the foot. +At the end of the day, you’d better understand what you’re doing. -It might sound messy, but for that price, XMPP actually -gives you a lot of handy features: +It might sound messy, but for that price, XMPP actually +gives you a lot of handy features: your chats are secured with Signal-grade end-to-end encryption, -and you can use as many devices as you want, -all at the same time, -without being tied to any proprietary service. +and you can use as many devices as you want, +all at the same time, +without being tied to any proprietary service. -In general, the XMPP experience today -could be described as a "WhatsApp with benefits and frictions". -It's kinda ironic, considering that WhatsApp's protocol -is actually based on XMPP, but incompatibly altered and defederated. +In general, the XMPP experience today +could be described as a “WhatsApp with benefits and frictions”. +It’s kinda ironic, considering that WhatsApp’s protocol +is actually based on XMPP, but incompatibly altered and defederated. ### Keys, Fingerprints and Trust -OMEMO is based on the - +OMEMO is based on the Double Ratchet Algorithm. While the internal details are quite interesting, -for practical purposes it's enough to know that +for practical purposes it’s enough to know that each client stores some cryptographic keys -and can derive a hash from them, commonly called a fingerprint. +and can derive a hash from them, commonly called a fingerprint. -Keys are usually managed automatically by the XMPP client, -and in normal use you should never need to handle them manually. -In fact, you probably don't even need to know what they look like. +Keys are usually managed automatically by the XMPP client, +and in normal use you should never need to handle them manually. +In fact, you probably don’t even need to know what they look like. -A fingerprint lets you identify a specific client of your contact -and verify that it hasn't been spoofed. -Fingerprints for an account are not secret: -clients publish their own fingerprints to the XMPP server -and automatically receive the fingerprints of others. -Only fingerprints you explicitly mark as trusted are relevant. +A fingerprint lets you identify +a specific client of your contact +and verify that it hasn’t been spoofed. +Fingerprints for an account are not secret: +clients publish their own fingerprints to the XMPP server +and automatically receive the fingerprints of others. +Only fingerprints you explicitly mark as trusted are relevant. -In an ideal scenario, the contact should confirm in person -or through an already trusted and secure communication channel -that the fingerprint belongs to their device, -and only then you mark it as trusted. -In most XMPP clients this is simply done by ticking a checkbox -or by scanning a QR code. +In an ideal scenario, the contact should confirm in person +or through an already trusted and secure communication channel +that the fingerprint belongs to their device, +and only then you mark it as trusted. +In most XMPP clients this is simply done +by ticking a checkbox +or by scanning a QR code. -The list of trusted fingerprints is used at the moment a message is sent. -Behind the scenes, OMEMO performs a certain amount of key management, -and only the clients that are present in the trusted list -at the time of encryption will be able to decrypt the message later. +The list of trusted fingerprints +is used at the moment a message is sent. +Behind the scenes, +OMEMO performs a certain amount of key management, +and only the clients that are present in the trusted list +at the time of encryption +will be able to decrypt the message later. -It's important to understand that trust cannot be applied retroactively: -it's not possible to "extend" trust to new clients -after a message has already been encrypted and sent. +It’s important to understand +that trust cannot be applied retroactively: +it’s not possible to “extend” trust to new clients +after a message has already been encrypted and sent. -## Practical Aspects of OMEMO and XMPP +## Practical Aspects of OMEMO and XMPP ### Chat History -In theory, XMPP supports server-side message history storage via +In theory, XMPP supports server-side message history storage via **XEP-0313: Message Archive Management**. -In practice, support for this XEP, -as well as retention policies and message lifetime, -depends on the specific server. +In practice, support for this XEP, +as well as retention policies and message lifetime, +depends on the specific server. You should never assume that all conversations are stored -indefinitely by default. -From a practical standpoint, -the server-side MAM archive is better considered a cache: -it can help you handle recent messages after a short period offline -or synchronize conversations across multiple devices. +indefinitely by default. +From a practical standpoint, +the server-side MAM archive is better considered a cache: +it can help you handle recent messages after a short period offline +or synchronize conversations across multiple devices. -At the end of the day, keeping your chat history is your responsibility, -and this is a good place to apply a local-first approach. +At the end of the day, +keeping your chat history is your responsibility, +and this is a good place to apply a local-first approach. ### Synchronisation -Seamless switching between clients is handled by +Seamless switching between clients is handled by **XEP-0280: Message Carbons**. Before its introduction, only incoming messages were synced between devices, while your own outgoing messages were not. -Protocol-level mirroring of your own messages -is a rather non-obvious feature :D +Protocol-level mirroring of your own messages +is a rather non-obvious feature :D -It's important to note that with end-to-end encryption, -the concept of trusted fingerprints also applies to your own clients. -For seamless synchronisation of outgoing messages, -all your clients must trust each other's fingerprints. -A new client, -or an old one that was not trusted at the time messages were sent, -will receive the full history from MAM but will not be able to decrypt it. +It’s important to note that with end-to-end encryption, +the concept of trusted fingerprints also applies to your own clients. +For seamless synchronisation of outgoing messages, +all your clients must trust each other’s fingerprints. +A new client, +or an old one that was not trusted +at the time messages were sent, +will receive the full history from MAM +but will not be able to decrypt it.
Yes, even your own messages. -In theory, re-encrypting messages on already trusted clients -could solve this issue, but no XMPP client implements it yet. -So in practice you may need to manually resend -some data to a new device. +In theory, re-encrypting messages on already trusted clients +could solve this issue, but no XMPP client implements it yet. +So in practice you may need to manually resend +some data to a new device. ### Message Correction -It's worth keeping in mind that -features that seem simple and straightforward at first glance, -such as message editing and deletion, -actually rely on client-side implementation +It’s worth keeping in mind that +features that seem simple and straightforward at first glance, +such as message editing and deletion, +actually rely on client-side implementation and may not behave for your recipient the way you expect. -They're fine to use and are well supported in some clients, -but you shouldn't rely on them to hide anything. +They’re fine to use and are well supported in some clients, +but you shouldn’t rely on them to hide anything. ### Maintenance -OMEMO was designed as a set-it-and-forget-it solution, -and it mostly succeeds in that goal. -If you have a basic understanding of how the protocol works -and check in online from time to time, -there shouldn't be any surprises. +OMEMO was designed as a set-it-and-forget-it solution, +and it mostly succeeds in that goal. +If you have a basic understanding of how the protocol works +and check in online from time to time, +there shouldn’t be any surprises. -All maintenance comes down to making regular backups +All maintenance comes down to making regular backups and notifying your contacts -when fingerprints are added or no longer valid -so they can keep their trust list up to date. +when fingerprints are added or no longer valid +so they can keep their trust list up to date. ## Step-by-Step Guide -Let's say I have a XMPP account, `me@some.server`, -and a few devices: a phone, a laptop, and a desktop computer. -First I'll describe my mindset at a high level, -then I'll add some notes about specific clients. +Let’s say I have a XMPP account, `me@some.server`, +and a few devices: +a phone, a laptop, and a desktop computer. +First I’ll describe my mindset at a high level, +then I’ll add some notes about specific clients. ### Client Roles -On the one hand, I have my phone. -It's almost always with me and almost always online. -That's where I keep the full chat history and get real-time notifications. +On the one hand, I have my phone. +It’s almost always with me and almost always online. +That’s where I keep the full chat history +and get real-time notifications. -On the other hand, I have a couple of desktop applications. -I only open them when I need to discuss something using my keyboard -or share some text between devices. -I like to think of them as satellite clients. +On the other hand, I have a couple of desktop applications. +I only open them +when I need to discuss something using my keyboard +or share some text between devices. +I like to think of them as satellite clients. ### Before the Start -First, enable OMEMO encryption on every client if it isn't enabled by default. +First, enable OMEMO encryption +on every client if it isn’t enabled by default. -The next step is to add all clients to the trust list on each device: -my phone should trust all my computers, -and my computers should trust each other as well as my phone. +The next step is to add +all clients to the trust list on each device: +my phone should trust all my computers, +and my computers should trust each other +as well as my phone. -Fingerprints do not have to be secret, so they can be published on -your website or even on social media profiles. -Here is my page with the fingerprints, for example: +Fingerprints do not have to be secret, +so they can be published on +your website or even on social media profiles. +Here is my page with the fingerprints, for example:
https://oddsquat.org/about/keys/ -### Start the Conversation in Person +### Start the Conversation in Person -Let's say I meet Alice, -we start talking, and then decide to continue the conversation online. +Let’s say I meet Alice, +we start talking, +and then decide to continue the conversation online. -I open a special QR code on my phone, and Alice scans it with her client. -This QR code already contains the fingerprints of all my devices, -so no extra steps are needed on her phone. -After that, I do the same and scan her QR code as well. +I open a special QR code on my phone, +and Alice scans it with her client. +This QR code already contains +the fingerprints of all my devices, +so no extra steps are needed on her phone. +After that, I do the same +and scan her QR code as well. -Later at home, I manually mark her devices as trusted on my computers -using the trusted list on my phone, and she does the same. +Later at home, +I manually mark her devices as trusted on my computers +using the trusted list on my phone, and she does the same. -Now we are both sure that it is really us in the conversation, -and that all messages will be available on all our devices and only on them. +Now we are both sure +that it is really us in the conversation, +and that all messages will be available +on all our devices and only on them. ### Start the Conversation Online -Let's say Bob and I start discussing something -on a forum or in the Fediverse, -and then decide to continue the discussion on XMPP. +Let’s say Bob and I start discussing something +on a forum or in the Fediverse, +and then decide to continue the discussion on XMPP. -Bob starts the chat. I trust the first device he messages me from, -and then we exchange fingerprints for our other devices, if we have any. -This approach is called TOFU (Trust On First Use). +Bob starts the chat. +I trust the first device he messages me from, +and then we exchange fingerprints for our other devices, +if we have any. +This approach is called TOFU (Trust On First Use). -Bob can confirm it's really me using my page with fingerprints. -I can confirm it's really him by asking him to send his fingerprints -in a private message on the same forum or via email. +Bob can confirm it’s really me using my page with fingerprints. +I can confirm it’s really him +by asking him to send his fingerprints +in a private message on the same forum or via email. -Ideally, Bob also has a public page with his fingerprints. -That way, we can both independently verify -that we are who we say we are. +Ideally, Bob also has a public page with his fingerprints. +That way, we can both independently verify +that we are who we say we are. -### New or Lost Devices +### New or Lost Devices -If I start using a new device or install another client application, -the first thing I do is add it to the list of trusted clients -on my existing devices. +If I start using a new device +or install another client application, +the first thing I do is add it to the list +of trusted clients on my existing devices. -If I lose one of my devices or delete any private keys, -the first thing I do is remove the corresponding client -from the trusted list on my other devices. +If I lose one of my devices +or delete any private keys, +the first thing I do is remove the corresponding client +from the trusted list on my other devices. -Once I've updated all my personal lists, -I should inform my contacts about changes via trusted channels. +Once I’ve updated all my personal lists, +I should inform my contacts about changes via trusted channels. -I can simply ask Alice to scan my new QR code the next time we meet, -and send Bob a message introducing my new client or letting him know -that the lost device is no longer trusted -and that no real messages will ever come from it again. +I can simply ask Alice to scan +my new QR code the next time we meet, +and send Bob a message introducing +my new client or letting him know +that the lost device is no longer trusted +and that no real messages will ever come from it again. ## Client Applications -This section describes how OMEMO is used in specific client applications -that I personally use. +This section describes +how OMEMO is used in specific client applications +that I personally use. ### Conversations and Forks -Conversations is a modern, fully featured chat application for Android. -It supports everything a messaging app should support: -chats, voice calls, video calls, and sharing files of any kind. +Conversations is a modern, +fully featured chat application for Android. +It supports everything a messaging app should support: +chats, voice calls, video calls, and sharing files of any kind. -There are several forks of it where the UI or UX may differ, +There are several forks of it where +the UI or UX may differ, but the core features work exactly the same. -I personally use Monocles Chat. +I personally use Monocles Chat. -On the Contact Details screen (including your own account), -you can see a list of published fingerprints -and manually mark them as trusted or revoke trust. +On the Contact Details screen (including your own account), +you can see a list of published fingerprints +and manually mark them as trusted or revoke trust. -To simplify all these routine operations, a QR-code-based system is used: -you can show your own QR code or scan other people's codes +To simplify all these routine operations, +a QR-code-based system is used: +you can show your own QR code or scan other people’s codes directly from the main screen. -This makes device verification during in-person meetings simple and effortless. +This makes device verification during in-person meetings +simple and effortless. ### Dino -Dino is a lightweight GTK-based GUI client. +Dino is a lightweight GTK-based GUI client. -It can be considered a fully functional one, +It can be considered a fully functional one, although some non-essential features are still not implemented. For example, -it is not possible to clear local chat history using built-in methods :D +it is not possible to clear local chat history +using built-in methods :D -Trust and untrust decisions can be easily managed -in the Encryption tab of the Conversation Details window. +Trust and untrust decisions can be easily managed +in the Encryption tab of the Conversation Details window. -It is important to note that, by default, Dino is configured -to automatically trust new fingerprints. -I recommend disabling this feature. +It is important to note that, +by default, Dino is configured +to automatically trust new fingerprints. +I recommend disabling this feature. ### Profanity -Profanity is a powerful TUI client -where everything is controlled through a built-in command system. +Profanity is a powerful TUI client +where everything is controlled through a built-in command system. -If you somehow intend to use it, -you can find a small cheat sheet for the `/omemo` command below. -However, I strongly recommend reading the full documentation. +If you somehow intend to use it, +you can find a small cheat sheet for the `/omemo` command below. +However, I strongly recommend reading the full documentation. -- Generate a key and add your other clients: +- Generate a key and add your other clients: ```text /omemo gen /omemo trust me@some.server some-cool-fingerprint-01 @@ -358,41 +404,42 @@ However, I strongly recommend reading the full documentation. /omemo qrcode ``` -- View the list of your own or someone else's fingerprints: +- View the list of your own or someone else’s fingerprints: ```text /omemo fingerprint me@some.server /omemo fingerprint alice@another.server ``` - Trusted ones will be marked as `trusted`. + Trusted ones will be marked as `trusted`. -- Start an encrypted conversation: +- Start an encrypted conversation: ```text /omemo start alice@another.server ``` -- Add fingerprints to the trusted list: +- Add fingerprints to the trusted list: ```text /omemo trust alice@another.server some-cool-fingerprint-02 /omemo trust alice@another.server some-cool-fingerprint-03 /omemo trust bob@another.server some-cool-fingerprint-04 ``` -- Revoke trust for a specific client: +- Revoke trust for a specific client: ```text /omemo untrust alice@another.server some-cool-fingerprint-02 ``` ## Late Disclaimer -This post was originally intended as a collection of answers to questions -I had when I first started using XMPP with OMEMO. +This post was originally intended +as a collection of answers to questions +I had when I first started using XMPP with OMEMO. -It isn't meant to be exhaustive or formal, -but rather to clarify the practical side of things -and reduce that initial feeling of being lost +It isn’t meant to be exhaustive or formal, +but rather to clarify the practical side of things +and reduce that initial feeling of being lost when you keep running into -"The message was not encrypted for this device" +“The message was not encrypted for this device” over and over again. -From now on, I hope you won't encounter errors like this -or any other issues with end-to-end encryption in XMPP. +From now on, I hope you won’t encounter errors like this +or any other issues with end-to-end encryption in XMPP. From 06bb6f95d9239207413bf5624c2632d4163da807 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 01:19:01 +0200 Subject: [PATCH 05/11] posts: encrypted_XMPP: fixup hrefs --- src/pages/posts/2026/encrypted_XMPP.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 909e317..5950d81 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -163,7 +163,9 @@ that trust cannot be applied retroactively: it’s not possible to “extend” trust to new clients after a message has already been encrypted and sent. -## Practical Aspects of OMEMO and XMPP +

+ Practical Aspects of OMEMO and XMPP +

### Chat History From 85d795417ceccccbb890ecc67bf0e833afc8d267 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 01:22:03 +0200 Subject: [PATCH 06/11] about: typograf --- src/pages/about.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pages/about.html b/src/pages/about.html index 204bb91..01b1af1 100644 --- a/src/pages/about.html +++ b/src/pages/about.html @@ -25,7 +25,7 @@ description: 'General info about this website and the author'

- I'm a front-end developer and a big fan of open-source, + I’m a front-end developer and a big fan of open-source, customization, and minimalist software.
Member of the BadBar crew, From 8dbe4b7ab86b75eeb175f4fa507251709794f5b3 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 01:24:15 +0200 Subject: [PATCH 07/11] projects: typograf --- src/pages/projects.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pages/projects.md b/src/pages/projects.md index 6172c8d..a7593f6 100644 --- a/src/pages/projects.md +++ b/src/pages/projects.md @@ -123,7 +123,7 @@ Incomplete list of my projects and experiments. -

- Cantor MX Tastatura + Cantor MX Tastatura
@@ -141,7 +141,7 @@ Incomplete list of my projects and experiments.
- Huge custom ergonomic mechanical Dactyl-Manuform (5×6) keyboard. + Huge custom ergonomic mechanical Dactyl-Manuform (5×6) keyboard.
repository From 58a8d53e40aecb6a7944de629fab05ecbd7f5b52 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 01:25:50 +0200 Subject: [PATCH 08/11] lost+found: typograf --- src/pages/lost+found.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/pages/lost+found.md b/src/pages/lost+found.md index 9a3e36e..1f247f5 100644 --- a/src/pages/lost+found.md +++ b/src/pages/lost+found.md @@ -200,7 +200,7 @@ in the middle of a conversation.
Interactive articles about physics, math, and engineering. - It's probably the best website on the entire internet.
+ It’s probably the best website on the entire internet.
My favorite post is the one about bicycles.
@@ -245,7 +245,7 @@ in the middle of a conversation.
Torrenting can leave traces.
Check torrent downloads and distributions - for your own or your neighbor's IP address. + for your own or your neighbor’s IP address.
@@ -300,7 +300,7 @@ in the middle of a conversation.
- Ask HN: Programmers who don't use autocomplete/LSP, how do you do it? + Ask HN: Programmers who don’t use autocomplete/LSP, how do you do it?
@@ -314,7 +314,7 @@ in the middle of a conversation.
- Your Computer Isn't Yours + Your Computer Isn’t Yours
@@ -411,7 +411,7 @@ in the middle of a conversation.
- Most software tutorials suck. Here's how to make one that doesn't. + Most software tutorials suck. Here’s how to make one that doesn’t.
From 690bd431e7ab38c1d717266d3d12c6da4b20e958 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 02:02:56 +0200 Subject: [PATCH 09/11] pages: reorder data fields --- src/pages/about.html | 2 +- src/pages/about/keys.md | 5 +++-- src/pages/index.ejs | 3 ++- src/pages/posts.md | 2 +- src/pages/posts/2020/initial_post.md | 9 ++++----- src/pages/posts/2020/typographic_linter.md | 9 ++++----- src/pages/posts/2024.md | 1 - src/pages/posts/2024/selfhosted_llm.md | 9 ++++----- src/pages/posts/2024/wrapped_bw_ru.md | 10 +++++----- src/pages/posts/2026.md | 6 ++++++ src/pages/posts/2026/encrypted_XMPP.md | 9 +++++---- src/pages/posts/2026/ugly_keyboards_ru.md | 9 +++++---- src/pages/test.md | 9 ++++----- 13 files changed, 44 insertions(+), 39 deletions(-) create mode 100644 src/pages/posts/2026.md diff --git a/src/pages/about.html b/src/pages/about.html index 01b1af1..f936f72 100644 --- a/src/pages/about.html +++ b/src/pages/about.html @@ -4,7 +4,7 @@ layout: post lang: 'en' title: 'about' -description: 'General info about this website and the author' +description: 'General info about this website and the author.' --- diff --git a/src/pages/about/keys.md b/src/pages/about/keys.md index e5145cc..910b8e8 100644 --- a/src/pages/about/keys.md +++ b/src/pages/about/keys.md @@ -2,12 +2,13 @@ layout: post lang: 'en' -date: '2026-04-05' -section: 'about' title: 'keys' description: 'Public keys and fingerprints.' +section: 'about' +date: '2026-04-05' + --- # Public Keys and Fingerprints diff --git a/src/pages/index.ejs b/src/pages/index.ejs index 336d045..a30b27a 100644 --- a/src/pages/index.ejs +++ b/src/pages/index.ejs @@ -1,6 +1,7 @@ --- -description: 'My own private fanzine' +description: 'My own private fanzine.' + css: - index diff --git a/src/pages/posts.md b/src/pages/posts.md index e6cbe7e..498cd8c 100644 --- a/src/pages/posts.md +++ b/src/pages/posts.md @@ -4,7 +4,7 @@ layout: post lang: 'en' title: 'posts' -description: 'Сomplete list of posts' +description: 'Сomplete list of posts.' --- diff --git a/src/pages/posts/2020/initial_post.md b/src/pages/posts/2020/initial_post.md index 42075d6..e56ee0b 100644 --- a/src/pages/posts/2020/initial_post.md +++ b/src/pages/posts/2020/initial_post.md @@ -1,16 +1,15 @@ --- layout: post - lang: 'ru' -date: '2020-11-08' - -year: '2020' -section: 'posts' title: 'initial post' description: 'Первый пост в этом фэнзине, рассказывающий о его внутреннем устойстве.' +section: 'posts' +year: '2020' +date: '2020-11-08' + --- # Initial Post diff --git a/src/pages/posts/2020/typographic_linter.md b/src/pages/posts/2020/typographic_linter.md index be94f32..245e55a 100644 --- a/src/pages/posts/2020/typographic_linter.md +++ b/src/pages/posts/2020/typographic_linter.md @@ -1,16 +1,15 @@ --- layout: post - lang: 'ru' -date: '2020-11-18' - -year: '2020' -section: 'posts' title: 'typographic linter' description: 'Prettier для текста. Автоматизация рутинной типографики.' +section: 'posts' +year: '2020' +date: '2020-11-18' + --- # Типографика как code style diff --git a/src/pages/posts/2024.md b/src/pages/posts/2024.md index d1b54b3..ecca402 100644 --- a/src/pages/posts/2024.md +++ b/src/pages/posts/2024.md @@ -4,4 +4,3 @@ layout: redirect redirectTarget: '/posts/#2024' --- - diff --git a/src/pages/posts/2024/selfhosted_llm.md b/src/pages/posts/2024/selfhosted_llm.md index 1b6cdb1..3952ce4 100644 --- a/src/pages/posts/2024/selfhosted_llm.md +++ b/src/pages/posts/2024/selfhosted_llm.md @@ -1,16 +1,15 @@ --- layout: post - lang: 'ru' -date: '2024-01-15' - -year: '2024' -section: 'posts' title: 'selfhosted LLM' description: 'Персональные LLM в docker-контейнере на твоём компьютере.' +section: 'posts' +year: '2024' +date: '2024-01-15' + --- # Your Own Private Large Language Models diff --git a/src/pages/posts/2024/wrapped_bw_ru.md b/src/pages/posts/2024/wrapped_bw_ru.md index db685e9..f55b5b7 100644 --- a/src/pages/posts/2024/wrapped_bw_ru.md +++ b/src/pages/posts/2024/wrapped_bw_ru.md @@ -1,15 +1,15 @@ --- layout: post - lang: 'ru' -date: '2024-07-27' - -year: '2024' -section: 'posts' title: 'wrapped bw' description: 'Превращаем fully-featured Bitwarden command-line interface в удобный.' + +section: 'posts' +year: '2024' +date: '2024-07-27' + --- # Интеграция Bitwarden CLI с fzf и буфером обмена diff --git a/src/pages/posts/2026.md b/src/pages/posts/2026.md new file mode 100644 index 0000000..cf8324c --- /dev/null +++ b/src/pages/posts/2026.md @@ -0,0 +1,6 @@ +--- + +layout: redirect +redirectTarget: '/posts/#2026' + +--- diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 5950d81..d3ddbc9 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -2,12 +2,13 @@ layout: post lang: 'en' + +title: 'encrypted XMPP' +description: 'Secure and private messaging with XMPP and OMEMO encryption.' + +section: 'posts' year: '2026' date: '2026-04-07' -section: 'posts' - -title: 'encrypted_XMPP' -description: 'Secure and private messaging with XMPP and OMEMO encryption.' --- diff --git a/src/pages/posts/2026/ugly_keyboards_ru.md b/src/pages/posts/2026/ugly_keyboards_ru.md index 3b3adb6..9a72747 100644 --- a/src/pages/posts/2026/ugly_keyboards_ru.md +++ b/src/pages/posts/2026/ugly_keyboards_ru.md @@ -2,12 +2,13 @@ layout: post lang: 'ru' + +title: 'ugly keyboards' +description: 'Почему нас окружают уродливые клавиатуры и что с этим можно сделать.' + +section: 'posts' year: '2026' date: '2026-03-18' -section: 'posts' - -title: 'ugly_keyboards' -description: 'Почему нас окружают уродливые клавиатуры и что с этим можно сделать.' --- diff --git a/src/pages/test.md b/src/pages/test.md index 727d8fb..7066777 100644 --- a/src/pages/test.md +++ b/src/pages/test.md @@ -1,16 +1,15 @@ --- layout: post - lang: 'en' -date: '2020-10-30' - -year: '2020' -section: 'posts' title: 'markdown test page' description: 'A test document written using the Markdown language.' +section: 'posts' +year: '2020' +date: '2020-10-30' + --- # Markdown: Syntax From 77415af136ca1050a019a98b2901928dc7473fae Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 03:11:28 +0200 Subject: [PATCH 10/11] posts: encrypted_XMPP: update draft --- src/pages/posts/2026/encrypted_XMPP.md | 55 ++++++++++++++++---------- 1 file changed, 35 insertions(+), 20 deletions(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index d3ddbc9..723a216 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -57,7 +57,7 @@ XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. You can read more about it on a dedicated page by Daniel Gultsch. **Client**, in this post, @@ -143,13 +143,10 @@ clients publish their own fingerprints to the XMPP server and automatically receive the fingerprints of others. Only fingerprints you explicitly mark as trusted are relevant. -In an ideal scenario, the contact should confirm in person +In an typical scenario, the contact should confirm in person or through an already trusted and secure communication channel that the fingerprint belongs to their device, and only then you mark it as trusted. -In most XMPP clients this is simply done -by ticking a checkbox -or by scanning a QR code. The list of trusted fingerprints is used at the moment a message is sent. @@ -226,8 +223,8 @@ but you shouldn’t rely on them to hide anything. ### Maintenance -OMEMO was designed as a set-it-and-forget-it solution, -and it mostly succeeds in that goal. +OMEMO was designed as a set-it-and-forget-it solution +and mostly succeeds in that goal. If you have a basic understanding of how the protocol works and check in online from time to time, there shouldn’t be any surprises. @@ -306,12 +303,7 @@ Let’s say Bob and I start discussing something on a forum or in the Fediverse, and then decide to continue the discussion on XMPP. -Bob starts the chat. -I trust the first device he messages me from, -and then we exchange fingerprints for our other devices, -if we have any. -This approach is called TOFU (Trust On First Use). - +Before starting the chat, Bob can confirm it’s really me using my page with fingerprints. I can confirm it’s really him by asking him to send his fingerprints @@ -321,6 +313,16 @@ Ideally, Bob also has a public page with his fingerprints. That way, we can both independently verify that we are who we say we are. +In an alternative scenario, +where there has been no prior communication or public pages +and only a single JID is known, +things play out a bit differently: +Bob starts the chat, +I trust the first device he messages me from, +and then we exchange fingerprints for our other devices, +if we have any. +This approach is called TOFU (Trust On First Use). + ### New or Lost Devices If I start using a new device @@ -351,7 +353,10 @@ that I personally use. ### Conversations and Forks -Conversations is a modern, + + Conversations is a modern, fully featured chat application for Android. It supports everything a messaging app should support: chats, voice calls, video calls, and sharing files of any kind. @@ -359,7 +364,10 @@ chats, voice calls, video calls, and sharing files of any kind. There are several forks of it where the UI or UX may differ, but the core features work exactly the same. -I personally use Monocles Chat. +I personally use + Monocles Chat. On the Contact Details screen (including your own account), you can see a list of published fingerprints @@ -374,7 +382,10 @@ simple and effortless. ### Dino -Dino is a lightweight GTK-based GUI client. + + Dino is a lightweight GTK-based GUI client. It can be considered a fully functional one, although some non-essential features are still not implemented. @@ -392,11 +403,14 @@ I recommend disabling this feature. ### Profanity -Profanity is a powerful TUI client + + Profanity is a powerful TUI client where everything is controlled through a built-in command system. If you somehow intend to use it, -you can find a small cheat sheet for the `/omemo` command below. +you can find a small cheat sheet for the `omemo` command below. However, I strongly recommend reading the full documentation. - Generate a key and add your other clients: @@ -444,5 +458,6 @@ when you keep running into “The message was not encrypted for this device” over and over again. -From now on, I hope you won’t encounter errors like this -or any other issues with end-to-end encryption in XMPP. +From now on, I hope you won’t encounter such errors +or any other issues +connected to end-to-end encryption in XMPP. From e0095d2683843298bebb931220c10262f3a3e501 Mon Sep 17 00:00:00 2001 From: He4eT Date: Thu, 16 Apr 2026 03:13:51 +0200 Subject: [PATCH 11/11] posts: encrypted_XMPP: update date --- src/pages/posts/2026/encrypted_XMPP.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pages/posts/2026/encrypted_XMPP.md b/src/pages/posts/2026/encrypted_XMPP.md index 723a216..74a34bf 100644 --- a/src/pages/posts/2026/encrypted_XMPP.md +++ b/src/pages/posts/2026/encrypted_XMPP.md @@ -8,7 +8,7 @@ description: 'Secure and private messaging with XMPP and OMEMO encryption.' section: 'posts' year: '2026' -date: '2026-04-07' +date: '2026-04-16' ---