Sergey Budaev

Nov 07, 2024

The omnipotence paradox reduces to the omniidiota dilemma

…sed evanuerunt in cogitationibus suis et obscuratum est insipiens
cor eorum dicentes enim se esse sapientes stulti facti sunt.
— Rom 21-22

There is an old—perhaps ancient—“puzzle” or “paradox” that is quite often used by atheists—even today—to prove that the concept of omnipotence is self-contradictory; ergo the existence of omnipotent being is logically impossible. One of the cornerstones of this reasoning is the paradox of the stone.

https://budaev.info/images/rock.jpg

The paradox of the stone

Can God create a stone so heavy that He cannot lift it?

  • If He can, then He is not omnipotent because of inability to lift such a stone.

  • If He cannot create such a stone, then He is not omnipotent because of inability to create such a huge object

In either case, the conclusion is straightforward: an omnipotent being (God) cannot exist, it is a logically contradictory concept.

St Thomas Aquinas did not address the paradox of the stone directly. Hist treatment of the omnipotence (Summa Theologiae I Q XXV) is much more abstract, detailed and deeper than the stone paradox caricature. Nonetheless, St Thomas concedes that “Sed rationem omnipotentiae assignare videtur difficile.” (It is difficult to account omnipotence). Moreover, St Thomas considers whether negation capacities like “deny Himself” are consistent with omnipotence, e.g. (2) "… Sed Deus non potest peccare, neque seipsum negare, ut dicitur II Tim. 2,13. Ergo Deus non est omnipotens.” (… But God cannot sin, nor deny Himself as it is said in 2 Tim. 2:13. Therefore He is not omnipotent), and further, in (5) “Utrum Deus possit facere quae non facit” (Can God do what He does not?).

Moreover, further, he clearly states “Hoc enim omnipotentiae non subditur, non propter defectum divinae potentiae; sed quia non potest habere rationem factibilis neque possibilis. Quaecumque igitur contradictionem non implicant, sub illis possibilibus continentur, respectu quorum dicitur Deus omnipotens. Ea vero quae contradictionem implicant sub divina omnipotentia non continentur: quia non possunt habere possibilium rationem. Unde convenientius dicitur quod non possunt fieri, quam quod Deus non potest ea facere …” (For this is not submitted to omnipotence, not because of a lack of divine power; but because it cannot have a reason that is feasible or possible. All things, therefore, which do not imply a contradiction, are contained under those things which are possible, in respect of which God is said to be omnipotent. But those things which imply a contradiction are not contained under the divine omnipotence: because they cannot have the reason of the possible. Hence it is more appropriate to say that they cannot be done, than that God cannot do them.) Incidentally, there is a close similarity between this omnipotence attribute following St. Thomas and the concept of positive qualities—purely positive qualities that are not limited or negated—used by Kurt Gödel as the principal element in hist modal version of the “ontologisk bevis” (see Gödel, 1995, pp. 389, 401, 403).

The paradox of the stone stone has been considered by many modern philosophers, including Mavrodes (1963), Frankfurt (1964), Cowan (1965,1974), Plantinga (1967), Schrader (1979), Anderson (1984) and more recently Cogburn (2004), Hill (2014), Beall & Cotnoir (2017), Wreen (2022), Bassford (2023). The treatment of the paradox by these authors seems overtly inkhorn, over-complicated, confusing and deliberately verbose. The Wikipedia (2024) description of the “omnipotence paradox” follows the confusing line of the modern philosophy. It looks like the philosopher’ job is to make trivial things fully unintelligible. Basically, if one dares to make a winding way through the thicket of quantum entangled reasoning, the principal argument nearly repeats that in the St. Thomas’ wording: omnipotence does not entail arbitrary, logically impossible and contradictory things: inability to do a self-contradictory task does not imply that the agent is limited. [An alternative is the Cartesian view that God is above and not subject to logic, so free from any contradiction, (see Bassford, 2023), but this position is incoherent (Geach, 1973)].

Some go much further by arguing that there must be truth-value gaps not accounted for by classical logic (Beall & Cotnoir, 2017), that the omnipotence concept is useless in theology (Cowan, 1974), that the solution to the stone paradox is that “it proves nothing” (Schrader, 1979) or that God is not omnipotent even if we do not deny His perfections and power (Hill, 2014).

However, the simplest and best solution to the stone paradox in my view was provided by (Savage, 1967): “God can create stones of any poundage, and God can lift stones of any poundage” (p. 79). Strangely, this transparent phrase does not look like the conclusions most philosophers like to come to.

However, the paradox of the stone can be reduced to a trivial form which I call “the omniidiota dilemma,” with an instructive corollary. The argument is as follows.

The omniidiota dilemma

Definition. Idiot is defined as someone suffering from (in certain cases, perhaps enjoying) extreme intellectual disability, primarily an utmost form of acalculia.

Comments. Dyscalculia describes a deficit in processing numerical information, learning and recalling arithmetic, as well as making calculations (American Psychiatric Association, 2022). Its extreme form is well described in the psychiatric and psychological literature as acalculia (Dehaene, 1997; Nieder, 2025). A person with acalculia suffers from extreme challenges with even the most basic arithmetic operations, often as a consequence of severe brain damage or extreme developmental disorder. For example, if asked to add one to a given number, the he/she is unable to do such elementary calculation. It is important to note that the term “idiot” should not be understood pejoratively. The original meaning of ἰδιώτης in Greek is just a normal person. There is also a large literature on idiot savants who combine extreme deficit in one cognitive capacity or many diverse capacities with much above the average achievement in certain specific intellectual domain (Dehaene, 1997).

The omniidiota dilemma:

Can a person make such a big number that he/she cannot imagine a number greater than that?

  • If he/she can imagine such a number, then it proves he/she is an idiot, since the task of guessing a number that is greater than the given number (without any other conditions or restrictions) is trivial. It can be solved in any of many different ways, e.g. adding one or two to the big number, or just doubling this number. Incapacity to increase a number (big or small) points to severe cognitive deficit.

  • If he/she cannot imagine such a number, then he/she is an idiot, because just imagining any number is a trivial task: take any number and then imagine an even bigger number using any of the elementary arithmetic operations. Incapacity to create a number therefore points to severe cognitive deficit.

It follows from the omniidiota dilemma that you (the reader) and I (the writer) are all idiots: Being not an idiot is a logically contradictory proposition. The dilemma is then simple: everyone is either an idiot or … an idiot: tertium non datur.

Corollary. It follows from The paradox of the stone and The omniidiota dilemma that, if God’s omnipotence is considered self-contradictory, then everyone is necessarily an idiot.

References

  • American Psychiatric Association, ed (2022). Diagnostic and statistical manual of mental disorders: DSM-5-TRTM. American Psychiatric Association Publishing, Washington, DC, Fifth revised edition.

  • Anderson, C.A. (1984). Divine omnipotence and impossible tasks: An intensional analysis– Int J Philos Relig 15: 109–124.

  • Bassford, A.D. (2023). God and the problem of logic. Cambridge University Press.

  • Beall, J. & Cotnoir, A.J. (2017). God of the gaps: a neglected reply to God’s stone problem– Analysis 77: 681–689.

  • Cogburn, J. (2004). Paradox lost– Can. J. of Philosophy 34: 195–216.

  • Cowan, J.L. (1965). The paradox of omnipotence– Analysis 25: 102–108.

  • Cowan, J.L. (1974). The paradox of omnipotence revisited– Can. J. of Philosophy 3: 435–445.

  • Dehaene, S. (1997). The number sense: how the mind creates mathematics. Oxford University Press.

  • Frankfurt, H.G. (1964). The logic of omnipotence– Philosophical Review 73: 262–263.

  • Geach, P.T. (1973). Omnipotence– Philosophy 48: 7–20.

  • Gödel, K. (1995). Collected Works: Volume III: Unpublished essays and lectures– (S. Feferman, J. W. D. Jr., W. Goldfarb, C. Parsons, & R. Solovay, Eds.). Oxford University Press

  • Hill, S. (2014). Giving up omnipotence– Can. J. of Philosophy 44: 97–117.

  • Mavrodes, G.I. (1963). some puzzles concerning omnipotence– The Philosophical Review 72: 221.

  • Nieder, A. (2025). The calculating brain– Physiological Reviews 105: 267–314.

  • Plantinga, A. (1967). God and other minds. Cornell University Press.

  • Savage, C.W. (1967). The paradox of the stone– The Philosophical Review 76: 74-79.

  • Schrader, D.E. (1979). A solution to the stone paradox– Synthese 42: 255–264.

  • Wikipedia (2024, November 7). Omnipotence paradox. https://en.wikipedia.org/wiki/Omnipotence_paradox.

  • Wreen, M. (2022). The contradiction approach to solving problems about omnipotence– TheoLogica 6: 52533.

Nov 03, 2024

Det er enkelt å dele

Informasjonsdeling innenfor en liten gruppe er brukes ganske typisk. For eksempel, hvis barna dine er i en skole eller barnehage, må du gå inn i en klassegruppe for å dele forskjellig informasjon, meldinger osv. Ofte proprietære sentraliserte plattformer som Facebook eller Whatsapp (Å, begge er i bunn og grunn det samme uetiske selskapet, Meta!) eller noen ganger Telegram.

Mange ikke-IT-folk bruker bare det de pleide å bruke i dagliglivet. De som er mer bekymret for personvern og sikkerhet til dem og barna deres, vil ikke bruke noen av Meta eller andre store teknologiske apper. Men det er andre og det er en behov til å kommunisere. Valget er enkelt: Enten blir du med i foreldregruppen på Facebook eller så blir du ekskludert. Hvis ekskludert, vil du ikke få oppdateringer om arrangementer, bursdager og så videre. De andre foreldrene vil kanskje se på deg med en viss mistanke: er du en spion eller en narkohandler som prøver å gjemme deg i en skygge av darknet? Dette er hva Cory Doctorow kaller "the nettwork effect." Og det utnyttes og promoteres av de gigantiske plattformene. De gjør sitt beste for å manipulere deg til å se på plattformen og reklame deres så mye tid som mulig, ideelt sett 24 timer i døgnet, og de lokker deg til å gi ut så mye privat data som mulig. Ingen vet hvordan disse dataene vil bli brukt i fremtiden. Det er skjult i usikkerhet. Den eneste sikkerheten er at brukerne utnyttes for andres fortjeneste.

Mens Facebook og andre prøver å pålegge enorme byttekostnader for å holde deg på plattformen, er det en enkel løsning som er tilgjengelig for alle. Det er den gamle gode e-posten. Alle har det nå. Men noen bruker det kun til å registrere seg på nettsider, få lenker til tilbakestilling av passord og lignende. Nei, e-post er fortsatt i live og er faktisk bedre enn mange pleide å tro.

Epostlister

Maillister er velkjente. Vanligvis brukes de bare å spam deg med unødvendig informasjon, reklame kampanjer og så videre. Men epostlister kan brukes til bedre. Det er noe åpen kildekode-programvare for e-postlistebehandling som du (jeg antar at du er administrator for gruppen) kan bruke på din egen server. Deretter kan du abonnere alle i gruppen på listen (eller nyhetsbrevet ditt). Okay– nå får alle i gruppen oppdateringer. Enkelt. Folk kan ha muligheten til å abonnere seg på listen, eller avslutte abonnementet seg selv (uten din, administratorens, manuelle handling). Det er nyttig.

E-post diskusjonsgrupper

E-postdiskusjonsgrupper eller listserv er egentlig en eldgammel (et bedre ord: moden) teknologi som har blitt brukt for flere tiår siden. Den brukes fortsatt mye av programvareutviklerfellesskapet med åpen kildekode. For eksempel det berømte Linux kernel prosjektet. Ideen er bare triviell:

  1. Du abonnerer på e-postlisten

  2. Du får gruppens e-post ("listserv") e-postadresse, f.eks. foreldre@din.fqdn

  3. Alle meldinger sendte en melding til denne gruppeadressen (ja, foreldre@your.fqdn) spres til hver abonnents postkasse.

Deretter, hvis du abonnerer, svarer det å svare på gruppeadressen til å dele e-postmeldingen med alle medlemmer.

Den gode gamle e-posten konkurrerer ikke om oppmerksomheten din med irrelevante og irriterende varsler, manipulerer deg ikke til å blikk og dumscrolling. Alt kommer bare til postkassen din. Du kan svare når som helst fra hvilken som helst enhet, ingen spesielle apper er nødvendig.

Men slutt, for å bruke listserv trenger du din egen (eller kontrollerte) e-postserver, domenenavn, kompetanse og tid for konfigurering og vedlikehold. Hvis du er modig nok, kan du konfigurere din egen GNU Mailman:

Men hvis du liker å unngå bryet, er det flere åpne servere som tillater registrering og gratis hosting for små ideelle grupper.

Det er også en Listserv on steroids som er gratis for små ikke-rpfit-grupper (opptil 1000 abonnenter, som vanligvis er nok):

Her kan du:

  1. Registrer din (admin) konto

  2. Legg til gruppe-e-poster

  3. Del, svarer, videresend gruppe-e-poster, med arkiver og mye annen funksjonalitet.


Doctorow, C. 2023. The internet con: how to seize the means of computation. Verso.

Apr 15, 2024

Bruk F-Droid i stedet av Google Play Store

Googles Android Play Store blir verre over tid. Det blir stadig mer strødd med ubrukelige apper som utelukkende tar sikte på å vise reklame. I navnet av "personvern" gjennomfører Google ytterligere hindringer for både utviklere og brukere, mens ekte skadelig programvare blomstrer på plattformen. Det ofte blir et mareritt for utviklere av åpne kilde programmer som er fokusert på personvern og sikkerhet. Den nylige de-listingen av Snikket—en sikker, personvernsentrert melding app—viser at personalet som er ansvarlig for applikasjonsvurdering på Googles side, er mentalt forsinket idioter. Sjekk ut hele historien her: https://snikket.org/blog/snikket-google-play-removal/.

Google, er det slik at ansatter med IQ<50 koster mindre? Eller alle mennesker på Google ble erstattet med en AI som mangler intelligens? Mange utviklere gir opp å slite med idioter på Googles applikasjonsvurdering og slutter å distribuere appene sine i Play Store (her kommer en annet eksempel).

Situasjonen kan være så absurd at åpne kilde Conversations appen som går ikke fri (NOK 47) på Google Play måtte forringe funksjonaliteten på denne distribusjonsplattformen. Den samme appen går gratis med fult funksjonalitet på F-Droid.

Men det er en løsning for alle Android-brukere: bare installer F-Droid, en appbutikk som publiserer åpne kilde programmer uten reklame, traking, datalekkasjer, skadevare og bakdører.

Den eneste garantien mot skadelig programvare er åpen kildekode som alle som helst kan sjekke og revidere: mange øyne oppdager problemer tidligere og bedre. F-Droid gjennomfører "reproducible builds" som sikrer at binær apk bloben er bygget av samme kildekoden som utvikler har publisert, så det finnes ikke noe uautorisert tilleg eller endringer (apk fra Google Play inkluderer Googles blober for reklame og tracking). Det anbefales å søke apper først på F-Droid og gå til Google Play kun når den ikke er tilgjengelig. Da skal Google Play brukes bare for apper som er klarert på forhånd, f.eks. banken.

Mar 19, 2024

A year with Mikrotik router

I use NextGenTel with fibre broadband connection as my home Internet provider. The connection line works fairly well with no interruptions. I have been using a Mikrotik router for nearly a year now and have experienced no single interruption. No hanging internet, no problems at all. I nearly forgot that it is here.

Year traffic plot

Mikrotik

Why I love Mikrotik is the Router OS, a professional operating system with tons of configurability and fine tuning. You can tweak any aspect and configure a variety of services. For example VPNs with different protocols for connecting into the local home network is easy to configure using the Mikrotik documentation. Queues are a nice configuration feature to control and manage bandwidth given to devices in the local network. There is also quite advanced scripting that can be used to do many interesting things. I do not recommend Mikrotik to an average user, however, because Router OS has a professional interface with too many options and details: you need to understand what you are doing. Mikrotik is a Latvian company that makes a lot of professional carrier-grade equipment, all run the same OS.

The previous router provided by the NextGenTel was pure disaster. I in fact used two different units of the same marque: Inteno.

Intento shit router

This shit router tended to hung up at least one or twice a week, leaving no connection. The NextGenTel support was useless, with the routine advice to reboot router. Rebooting helped indeed until the next hangup, maybe the next day. It is not a solution to fix bad hardware. It is so weird that they supply their users with this shit when the competition between providers is so intense. Many people would not figure out that it is the router that is so bad and will blame NextGenTel as a whole and switch to another provider. Shame, NextGenTel.

But if you subscribe for the home telephone line with NextGenTel, then you are out of luck because telephone is served by the Inteno router which also includes a SIP service via built in Asterisk server pre-configured by the provioder. The only solution is then to torture NextGenTel with service requests and replacing the router. (But, of course, a better alternative is to set up your own asterisk-based SIP VoIP server with trunks from any of the many available SIP providers; this will be much more flexible and cost-effective solution).

Dec 31, 2023

Shit happens: det kommer garantert til å skje hvis dumhet gjentas

Shit happens. Det er en triviell visdom. Ofte er det en direkte konsekvens av en enkelt stupid ting. I mange tilfeller kan lite gjøres for å forhindre det skal skje. Uansett, sannsynligheten antas veldig lav. Katastrofen er uforutsigbar. Det er en ulykke, helt tilfeldig. Ikke sant?

Den bærbare datamaskinens tastatur er dekket av kaffe (eller brus). Å shit...

Det gjelder for en enkelt hendelse. Kanskje en enkelt hendelse av dumhet eller klønete... Men hvis toskeskap gjentas (f.eks. hvis det er en vane) er situasjonen en helt forskjellige. Sannsynligheten av shit som skal skje er nå

P(1|n)=1-(1-p)^n

her er P(1|n) sannsynligheten for at shit skjer minst én gang i en gruppe av n hendelser; hver hendelse har sjansen p (veldig lav!) til å skje, og n er antall hendelser.

For eksempel, hvis sjansen for en singel ulykke er så lavt som 0.01 og antallet dumme handlinger er 365 (bare en gang om dagen i løpet av et år), blir sjansen for at shit skjer i løpet av denne tiden

1-(1-0.01)^365=0.97

Det er nesten sikkert at shit skjer minst én gang i løpet av et år.

  • Drikker du kaffe/brus/smoothie/vin på den bærbare datamaskinen til vanlig? Forberede for å erstatte tastaturet. Det vil skje.

  • Vant til å sende sms mens du kjører? Har du en god forsikring?

  • Løper ofte over veien foran lastebil/buss/bil? Det er på tide å bestille krykker (eller enda kiste) på forhånd.

posted at 10:00  ·   ·  Blog  Wisdom  Q&A

Oct 10, 2023

XMPP server on 1-2-3

Messaging continues to be of rise. The new generation is more willing to send texts than to call. Communicating with an instant messenger has an unique advantage over the old good email: you can easily send replies over replies quickly, resulting in a dialogue. But there is a serious problem: many of the instant messengers are commercial products that work such that their "users" are in fact the exploitable resource having no control or choice.

Most corporations are fair providers of various products and services we can buy. But not these "Big Tech" that offer "free applications," including instant messengers. There is, obviously, nothing free on the Earth. Then, if you do not pay, then you are the product not the customer. The Big Tech corporations exploit the "end-users" to suck out private data, often for further resale. Nearly all of these messengers have centralised architecture and the user's account is linked to the telephone number, completely destroying privacy. The link to the telephone number is also very inconvenient because you cannot get several accounts easily, this requires obtaining several mobile subscriptions. It's just illogical, expensive and silly. Centralized architecture dictates that the communication is kept on the corporate servers so theoretically many employees can read messages by abuse.

Some of the products are advertised as end-to-end encrypted. But nearly all of them are closed source so there is no way to check how this is implemented and if and when the service owner can have access to private messages content. Moreover, we have evidence for the opposite. Many so called "end-to-end encrypted" messages are actually read by AI and human contractors. Even if communication is technically end-to-end encrypted, the company owns and fully controls the server, the client application and network traffic, so a man-in-the-middle attack by silently changing certificates is possible (e.g. in the context of lawful intercept, or unlawful abuse). Metadata (technical information information about all aspects of communication, including the addressees, their locations, IP addresses, telephone number etc.) is always accessible to the service. But metadata is often even more informative than the message content. How such metadata is used is typically unclear. The user has no authority here at all.

Nearly all of these messengering systems have closed proprietary protocol. This means that how you use the product is completely controlled by the owner company. The only way to use the product is with the official application. You cannot just choose for yourself which application program to use. This is cardinally different from the email, for example, where you can use the provider's web interface, its mobile app or any of the many available email applications such as Thunderbird or K-9 Mail. With such a third-party application you can easily consolidate several email accounts in one place and easily make use of the functionality the provider does not offer, such as end-to-end encryption. Another major problem is monopoly and lack of interoperability. The "users" (in reality, the exploited resource) are completely restricted to the owner's platform and are unable to communicate with the other (especially competing) platforms (e.g. Facebook to Snapchat) as a way to keep users within the silo. This is as if you were unable to call/send sms across different mobile operators. And this is silly. To break down monopoly, ensure fairer competition and interoperability across the services, the EU has developed the Digital Markets Act (DMA) regulation. This is a big step, but it does not solve many of the problems with centralization, privacy and regular security flaws.

Take back your freedom, privacy and security

So, why use the restricted, inconvenient, monopolistic, insecure and non-private platforms for the trivial task of sending instant messages? There are several ways to configure one's own privately controlled instant messaging system: XMPP and Matrix. XMPP is lightweight, easy to install, and more private and secure, yet covers all the typical instant communication purposes: text, file share and voice. Moreover, XMPP servers are by default federated: it is easy to send messages across the different servers like in the email. There are many different applications for all operating systems and platforms the user can choose. Update: XMPP can communicate with federated Matrix network because ejabberd now implements a Matrix gateway.

It is very easy to set up one's own XMPP server for a small group, company, the family or just an individual. You will need two things:

  • Server that will be the central hub for the communication network running 24x7. This can be anything, from a Rasberry PI in a cupboard to a Virtual Private Server (VPS) somewhere in a data centre or just an old PC running in your basement. A small scale VPS useful for an XMPP server can be very cheap, up to a three Euro per month. There exist even cheaper options, such as EUR 6 per year. There are also dedicated search engines to help locate cheap VPS, e.g. LowendBox and ServerHunter. A typical operating system running on the server is Linux (very secure, highly configurable, free and open source).

  • Domain name that needs to be used to connect to the XMPP server. Domain can be registered to the user (e.g. myname.no), which costs about 30 Euro yearly. But a sub-domain can be obtained for free using the https://freedns.afraid.org or similar "free DNS" services. In the later case you might have something like myownchat.mooo.com or myownchat.ptchat.net. Freenom offers free domains ending .tk, .ml .ga, .cf, .gq. It is possible to run the XMPP server purely on IP address even without domain name, but it is much less convenient (e.g. then federation with other servers is lost).

Given you have got a server (VPS or dedicated machine) and the domain, configuring an XMPP server can be done on 1-2-3. There exist several Linux variants (distributives) with different management commands (usually for installing software). I assume Debian Linux is used below (the same commands also work for Ubuntu and other Debian-based Linux systems).

1. Install XMPP server software

Login. When you have got a server of any kind, you need tologin to it, typically with ssh:

ssh debian@1.2.3.4

here the user name on the server is debian and the server ip is 1.2.3.4. Typically, you may need to create the ssh key and upload it to the server to authenticate (refer the server documentation, e.g. this). I assume logging-in is not a problem.

Prepare server. First of all, update the software on the new server

sudo apt update -y && sudo apt-get upgrade -y

Install some useful monitoring and security-enhancing utilities

sudo apt install -y mc htop atop nload nmon tree zip pwgen fail2ban dnsutils iptables-persistent locate unattended-upgrades

Install certbot, a system that manages the TLS certificates for secure connection

sudo apt -y install certbot

Install the ejabberd server, which is is very reliable and light on resources

sudo apt install ejabberd

Firewall. To allow incoming network access to this server by the XMPP clients and also third-party servers, the server needs to configure the firewall rules. This can be done differently in different installations. For example, some VPS may do this using a friendly web interface. The standard Linux firewall is done via iptables.

The XMPP system requires incoming acces via ports 5222, 5223, 5269, 5443, 5280, 3478. To determine the ports refer to the listen section of the XMPP configuration file below.

 sudo iptables -A INPUT -p tcp --dport 5222 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
 sudo iptables -A INPUT -p tcp --dport 5223 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
 sudo iptables -A INPUT -p tcp --dport 5269 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
 sudo iptables -A INPUT -p tcp --dport 5443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
 sudo iptables -A INPUT -p tcp --dport 5280 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

 # STUN is over udp
 sudo iptables -A INPUT -p udp --dport 3478 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

The port 7777 is used for a proxy for peer-to-peer (bytestream) file transfer. If peer-to-peer file sharing is intended for use, an additional rule should be set allowing incoming connections:

sudo iptables -A INPUT -p tcp --dport 7777 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

To see what firewall rules are in effect issue this:

 iptables -L --line-numbers

It makes sense to save the iptables rules so they are automatically get in effect after reboot

 iptables-save > /etc/iptables/rules.v4

2. Configure your XMPP server

Secure connection certificate. Get a free Let's Encrypt TLS certificate. I assume you have got a free domain myownchat.ptchat.net from https://freedns.afraid.org.

Note that ejabberd can manage (issue and update) TLS certificates on its own, but this needs some configuration as described in the acme configuration option: https://docs.ejabberd.im/admin/configuration/basic/#acme. An advantage of the standalone certificate management system (as here) is that it is slightly less tricky and can easily be used with a web server on the same machine. Why not also configure a web server for a small static web site here? Ejabberd is very lightweight and will happily coexist with many other servers running on the same machine.

 sudo certbot --standalone certonly -d myownchat.ptchat.net

This command will ask a few questions and issue a TLS certificate. This process is done over http so http port 80 must allow incoming connections. If this is not so, use the following command:

 sudo iptables -A INPUT -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

Do not forget to save iptables rules with the iptables-save as above.

The certificate files are located in /etc/letsencrypt/live/myownchat.ptchat.net/fullchain.pem directory.

For the sake of security, the certificate directories have by default no access to anyone except the admin (root) user. But this precludes the XMPP server ejabberd to access the certificate. This can be easily fixed with the following commands

First, add ejabberd to the root group

sudo adduser ejabberd root

Second, allow access to the certificate directories to the group

sudo chmod g+rx /etc/letsencrypt/live/myownchat.ptchat.net
sudo chmod g+rx /etc/letsencrypt/live
sudo chmod g+rx /etc/letsencrypt/

Configure ejabberd. Once the preparations are done, it is time to configure the ejabberd messaging server. Edit the configuration file (assuming the mcedit text editor is used)

sudo mcedit /etc/ejabberd/ejabberd.yml

This is a long configuration file that may look scary. But in fact only a few changes are required to make the server running with the default options. But note that the indents are important, try to keep them as in the original file.

Any line starting with # is considered a comment, this can be easily used to disable specific options by "commenting them out."

First, set up the host name that is used for the server, it is the same as the domain:

 hosts:
  - myownchat.ptchat.net

Second, configure the location of the TLS certificates that are used by the server:

 certfiles:
  - "/etc/letsencrypt/live/myownchat.ptchat.net/fullchain.pem"
  - "/etc/letsencrypt/live/myownchat.ptchat.net/privkey.pem"

Configure the admin users who can manage the XMPP server:

 acl:
   admin:
      user:
       - ""
       - "myname": "myownchat.ptchat.net"

Then, add configuration for http-file-upload module that will allow file sharing (sending files):

 mod_http_upload:
    put_url: https://@HOST@:5443/upload
    custom_headers:
      "Access-Control-Allow-Origin": "https://@HOST@"
      "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
      "Access-Control-Allow-Headers": "Content-Type"

It is convenient to keep the latest messages on the server, it is done with the "mam" module:

 mod_mam:
   assume_mam_usage: true
   default: always

Ejabberd supports several other communication protocols in addition to XMPP. For example, it also works with MQTT that is typically used for IoT devices. If this functionality is not used, just comment out the MQTT module to disable it.

 # mod_mqtt: {}

The STUN and TURN protocol is mainly used for voice calls and needs the actual IP address of the server (replace with your server IP addfress)

 -
   port: 3478
   ip: "::"
   transport: udp
   module: ejabberd_stun
   use_turn: true
   ## The server's public IPv4 address:
   turn_ipv4_address: "1.2.3.4"

An important issue is wether to allow anonymous registrations of new users. I strongly recommend not allowing this for security reasons. For a small private server, you will normally add users manually and set them initial passwords. Every user can then change password within the client program. So, you need to disable the mod_register by commenting it out:

 # mod_register:
 #   ## Only accept registration requests from the "trusted"
 #   ## network (see access_rules section above).
 #   ## Think twice before enabling registration from any
 #   ## address. See the Jabber SPAM Manifesto for details:
 #   ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
 #   ip_access: trusted_network

Start server! And that's all minimal configuration. Now it's time to start the server:

sudo systemctl start ejabberd

If there are any errors and the server fails to start, Linux logs can be inspected with this command:

sudo journalctl -xe

or logs for only ejabberd:

sudo journalctl -xe --unit ejabberd

Additional stuff. The above is enough to make the XMPP server running for text. If voice is required, you need to configure the DNS as described here: https://www.process-one.net/blog/how-to-set-up-ejabberd-video-voice-calling/. DNS is normally configured using the control panel of the domain registrar.

The TLS certificate that is managed by certbot is updated each 90 days. This is an automatic process, but the ejabberd server must know when certificate is changed. This can be done using the deploy hook. Just create the hook file reloadxmpp.sh (the file name can be anything):

 sudo mcedit /etc/letsencrypt/renewal-hooks/deploy/reloadxmpp.sh

and add the following commands:

 #!/bin/sh
 ejabberdctl reload_config

This file must be executable, so issue this command:

 sudo chmod ugo+x /etc/letsencrypt/renewal-hooks/deploy/reloadxmpp.sh

The last note on the server is that it should be regularly updated for bug fixes and security updates. This is done automatically by installing unattended-upgrades above. Yet, it is a good practice to log in regularly over the ssh, check logs and update the system:

sudo apt update -y && sudo apt-get upgrade -y

3. Configure the XMPP users and client application

Register new users. First, you need to register the XMPP users. The quickest method is to use the command line on the server, the command ejabberdctl has advanced functions.

A secure random password can be generated withy pwgen, e.g. the following generates passwords with 18 symbols:

pwgen 18

It normally generates an array of possible passwords to choose from.

Now, to register the user myname, It is the admin user configured in the main configuration file /etc/ejabberd/ejabberd.yml above.

#                         user   domain               password
sudo ejabberdctl register myname myownchat.ptchat.net pee8chogh9Heel6hei

Other users can be configured similarly. Note that the full user name for XMPP has the same format se email: myname@myownchat.ptchat.net. This is due to the federated nature of both systems: you need to know both the user and the server with whom to communicate.

For this example let's register two additional users:

sudo ejabberdctl register john.dow myownchat.ptchat.net ohyeeLeefo9yief4gu
sudo ejabberdctl register anna.karenina myownchat.ptchat.net hejo7phiy2iFeW9She

Use! The final step is configure the client program on the user's device. The biggest difficulty at this step is the plenty of choice. For any major platform, one can choose any of the many available XMPP client programs. Some email programs, e.g. Thunderbird also support XMPP (although only a limited subset of features). Check out the https://xmpp.org. The configuration for the client is simple:

  • Server: your server, in the example above it is myownchat.ptchat.net

  • User name: your user name. In the example we used above, it can be myname

Note that the option to create new account must NOT be enabled as long as the account has already been created on the sever and the in-band registration (mod_register, see above) is disabled for security.

Pidgin configuration Thunderbird configuration Conversations configuration

Some programs accept the full user name without specifying user and domain separately. Then the user is just myname@myownchat.ptchat.net. If you plan to use the peer-to-peer (bytestream) file transfer (but this is not mandatory), you should also find where the file transfer proxy is configured and set it with the proxy subdomain, for our example it should be proxy.myownchat.ptchat.net. And that is all for basic client configuration.

I recommend the Blabber XMPP application for devices running Android. Yaxim is the best option for minimalists, it is notoriously miniature (only a few megabytes) and works great even on the oldest and weakest devices. Miranda NG is a powerful XMPP client program for Windows. There are also a few web-based clients: https://conversejs.org/ and https://web.xabber.com/ that you can try right away without installing anything.

The final step is to fill the contact list (called roster) with the addresses of the people (or maybe devices, because XMPP can be easily configured for bots accepting commands). Just remember that the address is full name as in email: user@server.domain. One useful option is so called Shared roster groups: then you can configure a group of contacts without the need to add them manually.

Happy chatting!

Further

There are many advanced options and possibilities in ejabberd. Just check the documentation at the official web site: https://www.ejabberd.im/ and documentation https://docs.ejabberd.im/.

There are also a few useful tutorials, e.g. https://www.process-one.net/blog/how-to-move-the-office-to-real-time-im-on-ejabberd/

Apr 22, 2022

Goodbye Gmail

The old good email remains the most critical digital communication tool. What makes the venerable email so useful and sustainable over the long time is its openness and standardization. Email is radically different from the modern "apps" which integrate all pieces of technology--the server, the client, and the protocol--by a single monopolist provider. With email, we are free to choose the server (provider) and client with any combination. It provides enormous flexibility, added privacy and security. Indeed, the provider does not control my client and cannot add backdoors; there is no monoculture of client software with all the related security risks (any security vulnerability is global). Email is one of the few pieces of technology that is very resistant against internet censorship. Repressive state can easily block a web site and even force an app store to remove an app (as the Navalny's "Smart Voting"). Also, an app store can delete it for any other bizarre reason. But it is much more difficult to block a mailing list: it is easy to redeploy and recreate it on a different server (without the users even noticing anything). Furthermore, The user can easily create several different email-based identities (e.g. a separate one for politically sensitive activity) which adds anonymity. And anonymity means physical security in some countries.

It is not surprising that many internet services use the email address to register users, authenticate, restore password and other similar purposes. Open, standardized and decentralized email is one of the most critical technology everything else depends on. After all, the flexibility offered by the email technology--the freedom to choose all pieces (provider, client etc.) is just very very handy, at least for an advanced user (you can add new features on top of what the provider realized, even against the provider's will--isn't it convenient?).

The whole email technology is build around open protocols rather than a centralized platform. This facilitates competition, makes for better and fairer service and reduce possible impacts of malicious monopolists (Masnick, 2019).

Google's Gmail has long been one of the main pillars of email, millions used to rely upon every day. We should praise Google for popularising email as the basic mainstream technology among the masses. I started using Gmail many years ago when it was in its "beta" and available only by invitation. At that time Gmail openness and unrestricted nature was just blazing. The web interface was lightweight and not really cluttered with ugly banners, unlike other email providers. There were ads but they were small and unobtrusive. Gmail had long supported all the basic protocols (POP, IMAP, SMTP) that allowed to use any standard compliant client software, and that was available for free (some other providers were more greedy and allowed this only on paid plans). Google's POP, IMAP and SMTP implementations have been (and still remain!) quite idiosyncratic, incomplete and not really standard-compliant which caused various glitches (e.g. message deletion and default sorting are weird, I always hated Gmail's labels). But this was bearable.

The serious privacy problems and threats of Gmail, such as user email scanning for context-specific advertising (until 2017) or AI tool which could provide access to some pieces of data to third-party developers. That is nearly a disaster that cannot be fixed because spying on the user's data is at the heart of Google's business model. But who cares as long as it is free! I have long been using and promoting PGP encryption which could fix many of the privacy (and security) problems. Yes, PGP is crucial for individuals and businesses and yes, a motivated user can encrypt.

Gmail still remained free and relatively open while an alternative of deploying private email server is time-consuming and tedious (e.g. ensuring that emails from a tiny private server don't end up in spam folders of intended recipients). I used to pay with some of my privacy to get the usability and stability of Gmail.

But over time I became increasingly concerned about the clear trend taken by Google to make the open email more and more difficult to use outside of the Google monopolistic ecosystem. There are signs of the famous embrace, extend, and extinguish strategy. Gmail API is featureful and powerful... but only if you really need the complexity and like to play with the Google rules. If you don't like to see ads, for example, and for this use a standard IMAP mail client of your choice, your must suffer. If you need full PGP support on a mobile client, never offered by Google, you are out of luck and have to use an IMAP-based mobile app like Android K-9 Mail that requires sacrificing some usability.

Google tends to draw its users by all means into its browser, its own apps and APIs to get more user's private data and show ads. For that matter, Google's security usability has become just terrible. The intrusive access-blocks when a mobile user with an IMAP client moves across IP addresses can drive anyone crazy... Access can be blocked even if the user switches just to the next IP address within the same provider's IP pool.

Google security alert

I have to use VPN with fixed IP address to avoid these stupid blocks!

To help keep your account secure, Google will no longer support the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password. Instead, you’ll need to sign in using Sign in with Google.

The Google's insistence on rather complicated and heavyweight OAuth2 mechanism for basic email client access (remember, most email programs do not require you to enter your password every time, diminishing the risk of phishing) is understandable only as a means to limit all uncontrollable third-party clients. Yes, OAuth2 is logical for complex workflows of data access delegation across multiple web-based services with different login/password combinations (the "Auth" stands for authorization, not authentication). Whenever I need access to my own emails I need to authenticate my identity granting full access. But isn't OAuth2 client secret kept on the device just as the username/password combination? Yet, limiting the (power) users access to their own data provides just an illusion of security at a large cost to usability and compatibility.

The Google's move to OAuth2 authorization seem to point that the Gmail-hosted emails do not belong to me any more. My emails are now owned by Google, who just "authorizes" (delegates) me access to some of the data without trusting me. This is not what I need from my private communication. Does Google pretend to "zero-trust" any third-party apps? Maybe it doesn't trust its users (the owners of their data), assuming they are all idiots?

If you think your users are idiots, only idiots will use it [your service]. --- Linus Torvalds

And there is another side effect: as Google increasingly deployed more and more heavyweight frameworks and technologies, Gmail became very sluggish and bloated. It is cluttered and confusing, especially to those who don't use it often enough to remember all the idiosyncrasies. And it's still poorly adaptable to the user's needs. How can I get a fixed-width font for my plain text message? Where is my favourite basic (and very fast) HTML web interface?

Enough is enough. I now go away from Gmail, and primarily not because of big privacy concerns (which is quite expectable) but because of deteriorating usability and growing incompatibility. It looks like the people at Google have forgotten their old motto "Don't be evil." While I have been paying Google with my privacy currency in the past to get functionality and usability, the benefits of Gmail continuously went lower and now reached an unprofitable level.

Migadu is my choice

There are many hosted email providers, some are focused on privacy and security. For example, Protonmail is a fantastic project that makes it nearly trivial to use PGP even for an uninitiated. But its drawbacks are that it is non-standard and has too high publicity making it quite undesirable in certain authoritarian countries. Simply said, if you use Protonmail in some countries you may be suspected; Protonmail can be blocked by the authorities, and worse still, blocked in quite idiosyncratic way. Some services may also reject registration using this service.

What I have finally chosen is Migadu. It is not yet another standard email hosting provider. It is a domain-based service. Once you have got your own domain name (domains are now cheap), you can make your own email service for your domain. That simple. This makes it super useful for companies, families, groups and NGOs without large budgets. For a reasonable price you get nearly your own mail server with many configurable features (any custom mailboxes, aliases, forwarding, regexp, webmail, etc.) but without the need to maintain all this complex system.

If you have a web site, you necessarily get a domain name for it. Now it's easy to get your own email identity. True that some hosting providers also do host email. But if you decide to switch to a different hosting it will create a trouble: you need to move also email and this fact strongly limits your next choice. Having a completely indpendent email system for your existing domain avoids such hoster lock-in and makes life much easier.

By the way, the Migadu standard webmail interface is sleek and very simple. Looks modern but lightweight and quite fast. No bloat whatsoever, only the most crucial functionality. I am not big fan of web-based email, but use it from time to time. And there is even some very basic support for PGP! (But remember that web-based PGP is not a very secure solution.)

I found the mail server configuration (including more esoteric stuff like DNS setup and DKIM signatures) very easy. In my view you do not need an IT degree to configure your email server with full functionality. I like the admin panel, it is minimalist and easy to use, no stupid and distracting visual effects. And Migadu is advertised as fully open standard compliant service without proprietary glitches and limitations. So any standard (open source or closed source) software is very likely to be fully usable. This freedom is very important. And they are also clear and honest about the limitations and drawbacks.

Finally, goodbye Gmail.


PS: Disclaimer: I have no links with Migadu.

This post is also published on Substack and Medium