Jabber Switching Hands

Be careful about new management

https://www.ccc.de/en/updates/2015/jabbercccde


Comments


[5 Points] sapiophile:

Your title is wildly misrepresenting the situation:

  1. This is only pertinent to one, single Jabber server, which is run by the Chaos Computer Club, a very awesome group of folks;

  2. Properly implemented Jabber chats are encrypted end-to-end and the server has very little capability for malicious activity or surveillance (use OTR)*;

  3. The damn server is still being run by volunteers within the CCC, it's just a new group that isn't burned out on that project;

  4. This has virtually nothing to do with any given implementations of the Jabber/XMPP protocol, or any software related to it, such as Pidgin, Jitsi, etc., and those tools and their code will not be affected in any way;

  5. and so on.

Please don't spread FUD where it isn't warranted.

* Note that a malicious Jabber server is indeed in a good position to perform a Man-In-The-Middle ("MITM") attack against secured chats, even those that should be encrypted end-to-end, *if the chat participants do not verify each other's Public Key/Identity Fingerprints through a separate means of communication*. With OTR, this can also be done using its integrated (and brilliant) implementation of the Socialist Millionaire Protocol, but the shared secret must still be communicated out-of-band.


[1 Points] None:

I wonder if this is a bad thing i have been using jabber for years i would hate to see it go down the toilet.