[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

dino-im messenger

Dino IM

Pros:
Available in Debian, clean modern interface, supports OMEMO

Cons:
It cannot connect to any xmpp server I threw at it. No error useful error message.


Psi-Plus
Pros:
OMEMO, in Debian, around for a long time, cross platform

Cons:
Trying to connect to an account I successfully registered in-band spits out some strange stuff:

There was an error communicating with the server.

Details: Authentication error: No appropriate mechanism available for given security settings (e.g. SASL library too weak, or plaintext authentication not enabled)

Offered mechanisms: DIGEST-MD5, SCRAM-SHA-1, SCRAM-SHA-1-PLUS

Offered mechanisms: DIGEST-MD5, SCRAM-SHA-1, SCRAM-SHA-1-PLUS

The interface is not the best looking.


All I wanted to do is just send encrypted messages offline from my libre desktop…

1 Like

Can anyone please test Dino on plain Debian Buster and report if it connects?

1 Like
1 Like

Tested in Debian 10 StandaloneVM and was not able to connect. I tried setting up debug mode but was not able to get anything helpful.

dino-im --print-xmpp=all

CONNECTION LOST?

Will wait until a response is given to HulaHoop on log output.

2 Likes

@0brand that’s great news.

What did you do to get it working? Is it the version in Debian?

1 Like

Specifically for yax.im I had to create a rule that allowed out to tcp 212.21.75.16:5222 Plus change around rule order.

Otherwise i kept getting Connection Lost?

I created a Debian 10 StandaloneVM in Qubes and installed https://packages.debian.org/buster/dino-im

I’m going to try experimenting with dino-im in Whonix 15. Maybe I’ll get lucky.

2 Likes

Installed dino-im in Whonix-ws-15 and not able to connect. There are no logs showing my firewall is blocking dino. I set deb-10-standalone netvm to my whonix-gw-15-standalone and still no connection. (deb-10-standalone was the VM that i got dino working in). So it has to be either whoinx-gw or Tor causing the issue.

Whonix-ws-15-standalone

user@host:~$ env G_MESSAGES_DEBUG=all dino-im

(process:8379): Gtk-WARNING **: 01:20:46.324: Locale not supported by C library.
        Using the fallback 'C' locale.

(dino-im:8379): dbind-WARNING **: 01:20:46.332: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files
(dino-im:8379): GLib-GIO-DEBUG: 01:20:46.334: Failed to initialize portal (GNetworkMonitorPortal) for gio-network-monitor: Not using portals
(dino-im:8379): GLib-GIO-DEBUG: 01:20:46.336: Failed to initialize networkmanager (GNetworkMonitorNM) for gio-network-monitor: 
(dino-im:8379): Gtk-DEBUG: 01:20:46.371: Connecting to session manager
(dino-im:8379): Gtk-DEBUG: 01:20:46.372: Failed to get the GNOME session proxy: The name org.gnome.SessionManager is not owned
(dino-im:8379): Gtk-DEBUG: 01:20:46.372: Failed to get the Xfce session proxy: The name org.xfce.SessionManager is not owned
(dino-im:8379): Gtk-DEBUG: 01:20:46.373: Failed to get an inhibit portal proxy: The name org.freedesktop.portal.Desktop is not owned
CONNECTION LOST?

Debina-10-standalone with Whonix-Gateway as netvm.

user@deb-10-clone:~$ dino-im
(dino-im:1106): GLib-GIO-DEBUG: 21:35:24.174: Failed to initialize portal (GNetworkMonitorPortal) for gio-network-monitor: Not using portals
(dino-im:1106): GLib-GIO-DEBUG: 21:35:24.176: Failed to initialize networkmanager (GNetworkMonitorNM) for gio-network-monitor: 
(dino-im:1106): Gtk-DEBUG: 21:35:24.229: Connecting to session manager
(dino-im:1106): Gtk-DEBUG: 21:35:24.230: Failed to get the GNOME session proxy: The name org.gnome.SessionManager is not owned
(dino-im:1106): Gtk-DEBUG: 21:35:24.230: Failed to get the Xfce session proxy: The name org.xfce.SessionManager is not owned
(dino-im:1106): Gtk-DEBUG: 21:35:24.231: Failed to get an inhibit portal proxy: The name org.freedesktop.portal.Desktop is not owned
[account-creation@yax.im] New connection with resource dino.7932b5cf: 0x5ac5bec724f0
CONNECTION LOST?
[account-creation@yax.im] Error: Temporarily unable to resolve “_xmpp-client._tcp.yax.im”
[account-creation@yax.im] Check reconnect in 3 sec
[account-creation@yax.im] New connection with resource dino.7932b5cf: 0x5ac5beec0bd0
CONNECTION LOST?
[account-creation@yax.im] Error: Temporarily unable to resolve “_xmpp-client._tcp.yax.im”
[account-creation@yax.im] Check reconnect in 3 sec
[account-creation@yax.im] New connection with resource dino.7932b5cf: 0x5ac5bee24d10
CONNECTION LOST?
[account-creation@yax.im] Error: Temporarily unable to resolve “_xmpp-client._tcp.yax.im”
[account-creation@yax.im] Check reconnect in 3 sec
2 Likes

Tested: Doesn’t work with WS firewall completely disabled nor with a VPN enabled (in case it needed UDP DNS for some reason?)

2 Likes

Now that any type of DNS can be resolved over Tor as per SRV DNS requests over Tor you could continue testing and working with upstream.

However, since dino-im does not even work over clearnet (as tested by @0brand), it looks that could be a lost cause.

Perhaps report a separate bug for the clearnet related connectivity issues? Metnion no Tor is involved to avoid confusion (by just using the same user name and being mentally labeld as “ah Tor issue”). Don’t do it for me though. Only if you’d like to use dino-im (inside Whonix). I haven’t made friends with dino-im just yet. Just solving some generally interesting issues (which was DNSCrypt over Tor).

1 Like

I thought it didn’t work on Debian templates behind NetVM without some config changes? Technically it hasn’t been tested on a plain Debian system.

Nonetheless things are defintely more interesting now with the options for DNS over Tor. Perhaps libresolv can be used with Gajim to avoid it going through TransPort.

1 Like

Doesn’t help with that. libresolv is more for use cases like "no Tor DnsPort but custom DNS resolver and TransPort".

That is rather Managing programs without Tor DNS Support / orjail / https://github.com/orjail/orjail.

1 Like

Dino was working in a Debian 10 StandaloneVM behind sys-firewall posted here in the dino forum. All tests in Whonix failed .

2 Likes

Just tested dino-im in qubes-whonix and here is the result of the test:

  • Install it from debian buster-backport in order to make it work. Stable repo installation will lead to connection failure over Tor.

  • Do Not install it using apt install dino-im because it will show you a hell of dependencies , use instead apt install --no-install-recommends dino-im

  • It doesnt support connection for hidden services addresses #666.

  • It doesnt support for modifying/steric the connection to specific IP and Port #115.

  • It logs the chat history in plain text and cant be deleted/disabled #742 , #651.

  • Not aware of supporting Tor or proxies by default since the start of the app this give indication of not very good experience/care on privacy/anonymity level from their devs.

  • Their development speed some what medium-slow 246 opened tickets , 339 closed.

Maybe Further testing needed for e.g:

  • Check OMEMO/PGP if it were implemented correctly #736.
  • Check TLS connection if it went well #711.

cc @HulaHoop @tempest

2 Likes

That’s great news! The other stuff you point out are relatively minor nitpicks that can be solved with time. This is the only modern looking and viable desktop client at the moment.

Can you please open a ticket for socks5 support?

1 Like

@Patrick is there any hope of getting this in our package collection before Bullseye?

they suggested many stuff related , lets see how they are advancing.

Its better to avoid these security garbage apps, just because its working doesnt mean its secure (as shown from some tickets). Until their devs learn some security practices this app is garbage and bad security app for whonix users.

Note: another bug discovered that one you login over Tor for the first time (first time creating account) then you cant login again due to drop connection. (Reported through IRC)

Please don’t demean anybody’s work without an informed opinion by an expert security auditor.

I’m confused. Is this about the backports version?

1 Like

It clear like the sun in the middle of the day, doesnt need security consultation on obvious things.

i will simplify:

  • from stable debian repository: dino wont connect at all to Tor.
  • from debian-backports: dino will connect at the first time and you create account …etc then close and reopen it again and it wont connect.

OK so I wouldn’t count that as working.

Can you try registering a new account with a different service server to the ones they bundle and see if they block connections?

Doesnt matter same thing.

HulaHoop via Whonix Forum:

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]