[swift-users] introduction, and bugs/wishlist/features

ghostlands at hush.com ghostlands at hush.com
Sun Apr 20 00:32:27 CEST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi folks!

I'm a user of Swift for several months now. I found it after a long
drag through the internets for a secured XMPP client where the
developers seemed to spend their time on features related to actual
comm protocols and security, as opposed to, frankly, meaningless
and cludgy bling. I don't need a hundred different display options
and notification features, and tbh when I see a client full of
those features I have to assume that they aren't spending anywhere
near enough time on security or reliability. Swift was elegant and
simple and direct - perfect!

(TL:DR ALERT)

But now that I've been with it for some time there are several
features I feel it can use, and one in particular that I'd call a
serious bug. These issues have already been discussed with Remko
via IM but in lieu of a public/user-facing bug reporting system I'm
posting them here for general reference. They are:

 - OTRv3 (or whatever is the latest version by the time development
begins, of course). OTR is not a modification of XMPP, and can be
implemented alongside it? This post at the *literally, horrible
looking Tkabber* I think makes the point well:

http://tkabber.jabber.ru/node/515#comment-52579

OTR has been the standard in other chat clients seriously concerned
with security for several years now, and ChatSecure for Android
(and sometimes other clients) will often force it, leaving Swift
and other non-OTR clients unable to even get through to ask the
recipient to turn it off, so that communication can proceed (IMO at
a lesser level). I wish turning it off wasn't necessary in the
first place; as far as I can see, OTR is plainly a higher level of
security. I wish Swift had it because I'm pretty resolute that
until I build my own client at some point in the pie-in-the-sky
future, on the WIndows platform there isn't a better XMPP client
project than Swift.

 - The next issue, and of lesser but still significant importance I
think, is user-facing and transparent bug report forms. As a
security project (which isode claims is approved for use by the
D.O.D.), it seems pretty high priority to find bugs as early and as
often as possible. Having to travel through the dark forests of the
interwebs to publish a bug in a non-standard and poorly-
referenceable way seems crappy. I can think of several options for
a healthier bugtracking channel, and would be happy to discuss them
if desired.

 - This next issue is petty, and no other clients seem to concern
themselves with it, but why not? It seems relevant. It is this:
typically my volume on my computer is about 2/3 of the way up. At
this volume, the notification sound of Swift blares startlingly out
of the speakers. This sucks. It is alarming every time.

I can't be having my volume down so low that my media players are
inaudible, just so that I am not assaulted by beeps from my chat
client. Really, everything that plays sound on a computer should
have it's own volume control, especially on Windows where the
volume control is kind of crotchety and not really ergonomic.
System volume is easy to constantly alter per-app on Android, where
the controls are always immediate to the user's fingertips; not so
on the PC.

 - Lastly, account creation. While I'm decidedly uncomfortable with
creating accounts via proxy for "security reasons", the truth is
that many reputable and high quality, feature-rich servers *only
allow creation by way of a client*. For this reason alone it seems
like a necessity, for better or worse. Remko has explained to me
that it has been under consideration for some time, I merely list
it here for completeness.

- ----And that's it!----

Thanks for putting up with my sprawling expanse of text, and thanks
for a great client which has a direction and quality that is unique
- - unfortunately so because more of them should have had these
priorities all along!
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wsBcBAEBAgAGBQJTUvl7AAoJEJRqj8F0y8k51jYIAMB+SmaPWx7kGVEkLRviiXjo8fDX
JbM/5/3LSmNhZ0K8M+/7eckZ/naq4LYlYbUP59abo1fLjuuiCwDYFsesgaqK+m4PADQd
zLpOtIRO6HONGjznoftb36Y3zyYkguO5jAylQoFumPUU5ttuyWWp+G+Z2NhLCUDk7xm9
MHXcMr0XvsCKSd2YMiNYIjXQbtXP/bP2GMUUifoKdehUmbVut48kkTKRFQhVksCaNYqQ
8D57xk5JNfenF5rb0X7AV2A/ZufAJ1YBBAueOqnIPrMQ56wNMvOKOorKhJ3MPTCw4V5/
roejEL+a/5Znj6Mqi9FnVz0Enb7hx6BHlnWE+ExQbAk=
=cT7u
-----END PGP SIGNATURE-----

More information about the swift-users mailing list