Move project IRC chat from freenode to libera

Given the recent hostile takeover of Freenode by a party with commercial interests and subsequent management indiscretions, I do not think it is an appropriate home for this (or any) project's endorsed IRC channel.

I hereby propose Libera as the most suitable replacement.

restored source branch fleenode

I've temporarily registered the #prism-break channel on Libera.chat, but if we do make this official I think we'll want to register it as a project rather than just squatting on the channel.

Also the Matrix room is plumbed to Freenode, I don't know who has access to fix that up and bridge it to Libera instead.

added operations waiting for objections labels

requested review from @yegortimoshenko and @strugee

Yep, I agree. Another project that I maintain, pump.io (which is on PRISM Break), moved too: http://pump.io/blog/2021/06/pump.io-irc

I had a great experience talking with the Libera folks to get the project registered. They're super friendly and helpful.

I don't know anything about the Matrix bridge or moving it but I know some folks who've done that procedure; I asked if there's anything for us to keep in mind.

Agree that we should evacuate Freenode. Seems this is a unanimous take so far, so I'm not going to bother providing citations/details to back this up unless someone dissents.

I am not convinced that Libera is the optimal replacement. My vote would be for Hackint. Hackint's privacy is substantially better than Libera's:

1. Hackint allows both unauthenticated and SASL-authenticated connections over Tor onion service, while connecting to Libera via onion service requires SASL authentication. Lots of users with a quick question do not want to register an account; requiring those users to forego Tor is inconsistent with PRISM Break's ideology. Hackint gives different host cloaks for authenticated and unauthenticated onion users, so in the unlikely event of a spam attack over the unauthenticated onion, you can ban or quiet the unauthenticated onion without affecting authenticated users.

2. Hackint allows registering an account via Hashcash, which does not require an email address, does not require a CAPTCHA, and works fine in Tor Browser. The registered account can then be used via the SASL-authenticated onion. This is straightforward and easy. The only way to register a Libera account over Tor right now is:

   1. Register a Matrix account. If you're using Matrix.org, which is the default in most Matrix clients, this means exposing your data to Cloudflare, and passing a Google reCAPTCHA.
   2. Use your Matrix account to connect to the Matrix/Libera bridge.
   3. Message NickServ via the Matrix/Libera bridge to register an account. This means providing your email address to Libera, the Matrix/Libera bridge, your Matrix server provider, and probably Cloudflare. It also exposes your NickServ password to the Matrix/Libera bridge, your Matrix server provider, and probably Cloudflare.
   4. Create a TLS client certificate in your IRC client.
   5. Message NickServ via Matrix to add your TLS client certificate fingerprint to your account.
   6. Log into the SASL-authenticated onion with your IRC client, using your TLS client certificate.
   7. Change your NickServ password so that the Matrix/Libera bridge, your Matrix server provider, and Cloudflare no longer have your password.
   8. When you eventually forget to renew your TLS client certificate before it expires, you'll have to login via Matrix, re-exposing your password, set a new fingerprint, and then change your password again. During the brief period where your password is exposed, the Matrix/Libera bridge, your Matrix server provider, and probably Cloudflare can all log in as you, mess with any channels you op, send PM's as you, etc.

   So yeah, not a good user experience.

In summary, given that Hackint's metadata privacy is much better than Libera's (e.g. better Tor support, not mandating registration, not demanding an email address), I think Hackint is much better-aligned with PRISM Break's mission.

The one downside I see is that Hackint does not support Matrix puppeting like Libera and OFTC do. I am not convinced that this is a problem; bridge software like Matterbridge works fine (though is slightly less pretty). I personally run a Matterbridge instance for Namecoin (and some other channels); I would be fine with adding PRISM Break channels to my Matterbridge instance if you want (though I can't guarantee datacenter-level uptime; it runs on my home workstation, so any extended power outage that might occur would result in downtime, and occasionally my workstation goes offline for a couple hours to swap in new RAM or something similar). Or, if one of you has a server you'd like to use, it should be easy to install Matterbridge there.

EDIT: Forgot to mention: I just registered #prism-break on Hackint so that you don't have to worry about a squatter grabbing it. I'm happy to transfer ownership of the channel to @yegortimoshenko or anyone she nominates.

@JeremyRand I hear what you are saying, but I have a couple concerns.

1. One is that the primary use for IRC as I see it is it's a place where everybody is hanging out anyway. As such Libera is the de facto network to be on now, as opposed to one even I had never heard of.

2. I really don't like the idea on loosing Matrix or of splitting up the community (such as it is).

I propose making Libera channel the primary one we maintain and bridge to Matrix, but I would be totally okay if you wanted to run a Matterbridge setup to bridge to Hackint (via either Libera or Matrix) make that an option. We could endorse the existence of such a bridged channel without loosing either of the drawbacks I see if it was our primary IRC presence.

How does that sit with you?

@alerque That sounds reasonable; works for me.

removed waiting for objections label

Thanks Jeremy.

I think I'm going to merge this early even before we add any details about a bridged Hackint channel. The Freenode channel is defunct and hijacked anyway and they dropped all user registrations so the sooner we stop linking or mentioning a defunct channel there the better. The Libera room is active and registered, but not as a project yet. I'll work an that, but it will be easier to point to this decision as official if this PR is merged.

After that we have a logistics problem because our Matrix admin is MIA.

mentioned in commit af3efb48

merged

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Project registration request sent to Libera:

    Message-ID: <f5eb0337d966f3a8aa010cca3956ced6@alerque.com>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEnzd9220xU6SOs+seY8xJZHUmdpMFAmDW9j0ACgkQY8xJZHUm
dpNGwxAAmlmFAeQDp7RxSFMyxVsaTxs+wl22Y/AiFtAOPcvHk1vukazwDsYkcpAT
WZvCR3AV7eO5VfLy3Tv9XfakHMugml5A8Wlbb8oC6/eJ24XgDL1lym5T0qmne+l7
rOvAUZKitkQIkOcvYL52fs08HXLrbwYncGGNNM+pFC47tFoKPcubde6nqYPHBDLE
2zb07SeMJhm28vNOk58evSIUOpQabzLzsQZgZpZqv9p/D8OgDO25qhg6a0qEPrOQ
r4CbNgGN0LkQrT+S/t/QEmKQG7jdja0+f8zyuNOdYDSqjgfd+5hyOXoUTQKfdj/z
96znZ3Q1t+2Jr4qYUIEF/mDLQ9GQewTCnCuXUKnAQg3WNrZMPnculxe/WQ5WJnc9
5F1bZWsUaT83S288XawtxKjQIx2KVqrZMcCMrSn+k2zvM/KCPuaUkIHkA9BAWh+/
YbuQTUMf9Zu+rPfYpCWyx9vHzb6RZL6TSjzmH31CLE+ziJX9X4HfWXUuiUBj3ayN
0PmRpeL61wHN+L90exT4Nr8L2HZqPJPtKPz1GZpRisyaLdQfU0rUd6UErfqh+SKg
qvzRIzc5PR3usMX0G9cZblNte+qYuhjLQkC3pDgo/DfLpWkgCeLcfaDdTC1MfQEX
4INiKtfMicfzzIWFEHIlpeLOtrBeAFIq1KAtc1IAsyR0YGaeeV4=
=7beD
-----END PGP SIGNATURE-----

mentioned in merge request !2115 (merged)