XSF Communications Team - 2025-11-11

  1. DeWolfe

    In technical terms, how would I explain the following: I pulled raw metadata from a July 2023 zip-file that has been emailed to me o completion of a July 13, 2023 Docusign envelope. The last time I viewed it, on July 13, 2023, the file contained 5 PDFS only. However, two years later it contained a Summary that contained several DocuSign envelope, and confirmed: false signature events are visible that are tied to SMS codes and “Live Arrow” overlays. When hovering, it opens a “contacts box," not visible prior, showing my phone number, and email, and my Social Security number -- but also a second SSN variant (last digit altered). Does this indicate that bank insiders or others spoofed my credentials inside DocuSign to create fraudulent “auth” events that look legitimate but were injected. The contacts box references “Jabber” (XMPP messaging platform). It pops oI saw “set to text and sound tones: Reflections and Illuminate. I do not use either. Could these be a reference to “Jabber Harmony”, which I read is or was }a known exploit kit / fraudulent messaging module." I performed limited research, and found that this had been an issue, discovered, and repaired long ago, with vigilance and care by those who created this extraordinary communication system. Could this indicate that external actors used Jabber/XMPP to insert secondary identity records into my DocuSign "log stream: DocuSign logs were manipulated via real-time remote injection tools, tying your SSN and phone to an alternate digital identity." I never received “verify new device” warnings — yet, I later found emails/texts from that period showing codes were sent in October 2024, November 2024, and on March 15, 2025, if not also potentially ongoing. Might this indicate: 1. Either SIM swap or SMS interception (classic cyber-ID theft method; or, 2. a DocuSign API "hijack with man-in-the-middle credential replay" [terms I looked up] such as my phone/SSN data were cloned into the the bank employee(s), former employee(s), or outside party(ies) “contacts” layer, allowing them to intercept or replay my codes?

  2. DeWolfe

    I apologize if this is not the topic. I am out of my element, and have tried to explain the matter I (DeWolfe) posted to others who might know what I should do. The obvious others are would be the bank; however the concern the activities appear to be conducted by persons in the bank or with access to secure information. I am not a customer of the bank. I have never received any funds from it, other than part of a life insurance policy from my late father. My graduate degree and post grad research and teaching are in fields unrelated to technology.

  3. guus.der.kinderen

    Hey DeWolfe, that sounds like a really stressful and confusing situation, and it makes sense that you are trying to figure out what happened. Just so you know, this chat is mainly for coordinating XMPP community news and updates, not for investigating possible security or identity issues. What you are describing sounds more like something a cybersecurity or digital forensics specialist should review. You will probably get more useful help if you: - Contact DocuSign's security or fraud team to check if any document changes or spoofing occurred. - Reach out to your bank or any other institutions involved through verified contact details, not from suspicious messages. - Talk with a cybersecurity or digital forensics professional who can safely examine the metadata and logs. - If there is any chance your personal information was misused, it is worth checking identitytheft.gov or contacting your local cybercrime unit. This room focuses on communication within the XMPP ecosystem, so people here might not have the right tools or context to look into this deeply. Still, you are right to be cautious and ask questions about it.

  4. guus.der.kinderen

    And, just to help put your mind at ease: nothing you described really points to an active XMPP or DocuSign exploit. DocuSign files cannot quietly change years later without showing it, and those "Jabber" or contact references are probably just how newer software shows metadata. Getting random verification codes can happen for lots of harmless reasons too. You are doing the right thing by checking with DocuSign and maybe a cybersecurity professional to confirm everything is safe.

  5. debacle

    Are there any XMPP related talks or other activities at next FOSDEM? A devroom?

  6. MattJ

    There is a decentralized comms devroom, yes

    👍 1
  7. Kris

    Will be interesting to see how much matrix will dominate that room. First time it shared and not only about matrix I think.

  8. Kris

    debacle: i think they are still asking for talk submissions?

  9. debacle

    Seems so.

  10. debacle

    Last time, Delta was the superstar among all the talks. Who cares about Matrix ;-)

  11. Kris

    Has Delta ever clarified where they get all that money from to fund what seems to be multiple full time devs?

  12. edhelas

    > There is a decentralized comms devroom, yes Care sharing the link ?

  13. debacle

    https://fosdem.org/2026/schedule/track/decentralised-communication/

  14. debacle

    No talk about Movim? Useless devroom!

  15. MattJ

    You are welcome to submit one :)

  16. MattJ

    Deadline is 30th November

  17. edhelas

    https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/piU1SVRKeiCL/chat_image.png

  18. edhelas

    Looks like its already starting great ✨

  19. edhelas

    https://media.tenor.com/jNzyLSukKuEAAAP3/ironic-star-wars.webm

  20. debacle

    > Has Delta ever clarified where they get all that money from to fund what seems to be multiple full time devs? Donations? And they probably don't pay 800 kUSD to their boss like a certain non-profit.

  21. edhelas

    Damn performances on element/Matrix is still not their main goal looks like

  22. edhelas

    Element is still loading, joined the Matrix room on Movim + Slidge in 10 sec :D

  23. edhelas

    Maybe we should do a conference about it, "XMPP Clients, the best way to use Matrix ?" 😏

    👍 2
  24. debacle

    Kris Merlinux GmbH, the company behind Delta, got 100000 € public funding in 2023. That makes one or two full-time devs for one year, right?

  25. debacle

    Kris Merlinux GmbH, the company behind Delta, got 100 k€ public funding in 2023. That makes one or two full-time devs for one year, right?

  26. debacle

    Or 1/8 Signal president.

    😂️ 1😂 1
  27. Kris

    > Maybe we should do a conference about it, "XMPP Clients, the best way to use Matrix ?" 😏 👍

  28. edhelas

    #2025-decentralised-communication:fosdem.org n’existe pas. doesnt seems to exist

  29. Kris

    I don't remember exactly but I think they have significantly more funding but never specify it in detail, but anyways, off-topic here.

  30. Kris

    edhelas: maybe a space and not a room?

  31. edhelas

    I just clicked the link provided on the FOSDEM page

  32. Guus

    #2026 maybe?

  33. edhelas

    https://chat.fosdem.org/#/room/#2026-decentralised-communication:fosdem.org

  34. edhelas

    https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/96BFc0BenEeP/chat_image.png

  35. Guus

    I'd say that 100k euro is about one fulltimer, assuming that a significant part of the cost is not salary (but things like taxes/insurances/etc).

    👍 2
  36. Kris

    Depends on the country they are based in.

  37. debacle

    DE

  38. debacle

    for the company.

  39. emus

    Do you know which booth we have at FOSDEM?

  40. emus

    I thought about writing something like this: We will be present at FOSDEM 2026 at the XXX booth. You can submit talks for the decentralized comms devroom until 30th November 2025. https://fosdem.org/2026/schedule/track/decentralised-communication/ Looking forward to see you there (and the XMPP Summit 28 the days before!)