The Mac input bar was in bad need of some updating. This should look a lot better. Despite the size of the input area, it should hold two lines before needing to scroll. I have also made more improvements to accessibility, adding unread counters and better descriptions to UI elements when using voice over.
All of this is in the latest Mac beta, which is available right now.
Attention iOS beta testers. I am upgrading the iOS push servers tonight. There might be some downtime as the DNS changes propagate. You will also have the close and reopen Monal to register with the new server. After restarting, make sure that the push switches are all on in the Notifications under Settings.
There is a long running joke about open source software that it is almost always a paragon of poor UI/UX. If you have ever struggled with software on linux you know that sometimes it can be impenetrable. I don’t blame developers, UI/UX is hard and when you are the same person developing and testing it, it is easy to forget that works for me may not work for everyone else.
This is sort of how we need to think about accessibility. It is really hard to understand how someone else will use it if you are used to always using your app one way. With that in mind I recommend other developers use the Accessibility Inspector and Voice over to get an idea for how accessible their software is.
I have made several improvements to the next Mac release to address issues with accessibility. The elements of the UI should have descriptions and help text where applicable. You can now navigate through the conversations list and quickly hear your messages, who sent them and where they came from. I will keep improving in future update (and check iOS as well ) let me know how I can make this better.
I have brought the new MAM and controls code to iOS and added the following screens to the accounts screen.
I have finally had the time to take a look at OMEMO. I know that end to end encrypted chat has been something people have requested for almost a decade now. There finally appears to be a workable solution it a permissive license that can be published in the App Store.
As usual, the Mac client is my testing ground for new logic and I will probably focus the next release after this one on E2E encryption. I know that OTR was something former Adium users missed, I hope that a native Mac client with a user friendly OMEMO interface fills the gap there. I’ve been looking at Gajim and Chatsecure and will probably fish out a Android tablet (actually an HP touchpad) from somewhere to test with Conversations too.
There is another new beta for the Mac client. I’ve made a few UI fixes and adjustments to MAM. Generally, I think the MAM code is working well enough that I will push this client out to production with some more UI fixes. You will probably see me working on Mac UI issues on GitHub for a little bit.
Regarding iOS. I am still unhappy with the push server. At the moment it is not properly throttling pushes and I see far more pushes coming for a single message than there should be. There are also issues with the XMPP spec (XEP) that I am unhappy about. In particular, I feel pushes should only happen for messages and voip calls and nothing else. It appears to be happening for far more than that. Due to the way that push is designed for user privacy, I don’t see what content is triggering a push. It is entirely dependent on individual servers.
As many people know the EU’s GDPR regulations come into effect on May 25th. While Monal is privacy focused, it is also free, open source and run by a single person — me. I simply do not have the resources or the time to jump through the regulatory hoops required by the EU. While I do not live in the EU, I frequent Europe and do not want to get into legal trouble on vacation. As GDPR approaches, I get the impression that it is an end of an era for the internet. The days of someone making something, putting it on the internet and offering it to the world seem to be over. EU users can always download the source on GitHub and compile the iOS app but they will be blocked from using push when I deploy it.
The problems below are likely not unique to me and there are many other issues. Other open source projects may want to consider their fate under GDPR as well.
Data Protection Officer
I do not have the resources to hire a Data Protection Officer (DPO) or EU Representative as required by GDPR. I do not have designated EU contacts.
Tracking crashes with Crashlytics introduces new issues because it is posted to Fabric from a user’s device, IP addresses are in the logs this is personally identifiable information (PII). Crashlytics is GDPR compliant but the burden is on me to show regulators that I am compliant points back to the need for DPO.
Even though no message traffic passes through Monal’s sever, registering for a push does make an HTTP call which logs a user’s IP and this requires GDPR compliance. APNS push tokens are associated with devices which can be traced back to a user if combined with info on the originating XMPP server. Obviously, this is needed for a notification to be delivered to the right person. However,the fact that it can be combined to identify a person makes it PII. I believe in privacy but I do not have the resources to meet the letter of the law for compliance especially with respect to retention and processing these tokens.
XMPP Federation in General
Honestly, I do not know if XMPP federation is legal anymore in the EU with GDPR. EU user data is sent out of Europe constantly. GDPR is written such that a user cannot agree to a user agreement that gives up GDPR requirements it’s not a matter of saying you agree to X by using this service. GDPR compliance is something the XSF is talking about right now.