XMPP Service Operators - 2021-05-05


  1. Martin

    I think Ge0rg is busy enough these days with the vaxbot load. What's the issue with TLS1.2?

  2. Licaon_Kter

    Martin: #security

  3. jonas’

    https://crypto.stackexchange.com/a/81967 FWIW

  4. tom

    Martin: TLS1.2 is a absolute pain in the ass to maintain

  5. tom

    It would be a lot simpler and easier to configure not mess up if we could switch over to tlsv1.3

  6. tom

    I for one would very much like to drop tlsv1.2, and according to my statistics only about 5 or so instances still require it

  7. tom

    The rest of them are fully 1.3 compliant

  8. Licaon_Kter

    tom: how do you check? openssl to each s2s ?

  9. Licaon_Kter

    Clients?

  10. tom

    Licaon_Kter: log files and also s2s:show_tls(domain) in prosody's shell

  11. tom

    All my clients are tlsv1.3

  12. tom

    In prosody you can check via the c2s:show_tls()

  13. tom

    Command

  14. Licaon_Kter

    👍

  15. tom

    For the people using old versions of openssl that don't support tlsv1.3, you also get forward secrecy if you upgrade

  16. tom

    Which is very important for an IM server

  17. Link Mauve

    tom, fyi, we still got 15 s2s connections open in TLSv1 and 637 with TLSv1.2, vs. 1404 with TLSv1.3.

  18. Link Mauve

    None in TLSv1.1 thankfully.

  19. tom

    Who's using tlsv1?

  20. Link Mauve

    So your view of the network definitely doesn’t match ours. :)

  21. tom

    And what ciphersuite

  22. Link Mauve

    From our s2s, bunin.im ceplovi.cz dolka.fr hotsecure.biz jabber.mk.ua jabber.no-sense.net jabber.pw jabber.tuxfamily.org lcp.cc onex.mandalpipe.com the-compiler.org yukon.to

  23. tom

    I haven't used tlsv1 since i telneted into a muc with trebuchet

  24. Link Mauve

    Using AES256-SHA DHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA.

  25. tom

    Oh wel, that's not as bad as I thought it was going to be

  26. Link Mauve

    Prosody probably disallows some worse ones by default.

  27. Holger

    > Which is very important for an IM server tom, the attack vector is that someone transfers sensitive information without using any form of end-to-end encryption, the attacker sniffs and stores the traffic but has no access to either end of the communication nor to the server, later gets access to one of the server's and therefore the private key, and because the clear-text messages aren't stored in MAM, uses the private key to decrypt the traffic that was sniffed earlier. Right?

  28. Holger

    > Which is very important for an IM server tom, the attack vector is that someone transfers sensitive information without using any form of end-to-end encryption, the attacker sniffs and stores the traffic but has no access to either end of the communication nor to the server, later gets access to the server and therefore the private key, and because the clear-text messages aren't stored in MAM for some reason, uses the private key to decrypt the traffic that was sniffed earlier. Right?

  29. tom

    Yes

  30. tom

    If your keys get stoled them being used to decrypt past stored-to-disk coms

  31. Holger

    Right, but being able to do that only makes a effective difference in highly specific scenarios like the one I outlined above. (People might want to take that into account when judging themselves on the realtive importance of protecting against such attacks vs. interop, for example.)

  32. Holger

    Right, but being able to do that only makes an effective difference in highly specific scenarios like the one I outlined above. (People might want to take that into account when judging themselves on the realtive importance of protecting against such attacks vs. interop, for example.)

  33. Holger

    Right, but being able to do that only makes an effective difference in highly specific scenarios like the one I outlined above. (People might want to take that into account when judging themselves on the relative importance of protecting against such attacks vs. interop, for example.)

  34. croax

    Holger: Attack vector is not only cleartext exchanges with MAM disabled, but all meta-data, including E2E exchanges. This is basically SSL stripping for past recorded exchanges.

  35. croax

    Holger: Attack vector is not only cleartext exchanges with MAM disabled, but all meta-data, including ones coming with E2E exchanges. This is basically SSL stripping for past recorded exchanges.

  36. Holger

    With MAM enabled I see no difference w.r.t. the metadata either.

  37. Holger

    But yes if we're talking metadata we can ignore E2EE of course.

  38. Holger

    FWIW I'm not trying to downplay security questions. Quite the opposite, I think that's the one most important topic admins must be able to handle. I just try to insist on properly judging on trade-offs, rather than doing blind MOAH STRICT MOAH BETTA decisions.

  39. croax

    Holger: you're perfectly right. Make people think and understand what they do. So PFS + MAM is kind of contradiction but not incompatible.

  40. Holger

    Right. And if there's no significant downside in enforcing PFS then the decision is obvious of course.

  41. BaBa

    > I also think that with keeping in mind the reality that many governments do in fact record ALL internet traffic to disk.. now you might think that's crazy but egypt actually did that and the utah datacenter and ESPECIALLY google have the ability to do that I, 2nd you. But what the remedy to this shit??

  42. Menel

    What they wrote.. Encrypt it with a security margin... That it can hold 30 years to come..

  43. xorman

    MAM can be disabled on the client side

  44. Araucaria

    What is wrong with tls1.2?

  45. croax

    xorman: > MAM can be disabled on the client side But you have no control on your correspondants MAM settings, right?

  46. moparisthebest

    you also don't know if your correspondant is a spy shuffling all your e2e messages directly to the NSA so what's the point? :P

  47. croax

    moparisthebest: you may at least have the right to have trustful contacts :-)

  48. croax

    > What is wrong with tls1.2? Not an expert but, security speaking, seems like TLS 1.3 enforces what can be configured in 1.2. So 1.2 MAY be misconfigured. (Eg mandating PFS).

  49. BaBa

    > you also don't know if your correspondant is a spy shuffling all your e2e messages directly to the NSA so what's the point? :P If encrypted.... What can NSA do with that

  50. rob

    They wouldn't be encrypted if your contact was sending the messages to them

  51. rob

    So verify your contacts and their keys

  52. BaBa

    Oh i c in thts case

  53. BaBa

    xmpp:privacyandsecurity@conference.nixnet.xyz?join

  54. BaBa

    Problem with server or something??

  55. BaBa

    Privacy and security room not working today

  56. rob

    I don't know about not working, I tried to join and was banned so it's kinda working

  57. rob

    Is it a private group?

  58. Licaon_Kter

    Was mentined above that nixnet is down. Can someone ping Amolith ?

  59. neox

    Licaon_Kter, Amolith server is down, so is his xmpp account too 😉

  60. Licaon_Kter

    Well, don't you all have Keyoxide and Fedi accounts? :)

  61. rob

    Keyoxide is great

  62. BaBa

    > Is it a private group? No. I had joined the group but banned today

  63. rob

    Weird, wonder what's up

  64. Araucaria

    BaBa, sometimes when a group is unavailable you can see that banned message, you likely were not actually banned

  65. rob

    Probably then because the server is down?

  66. BaBa

    Araucaria: all right. Thank you

  67. Menel

    Its not the same error message if there is no host at all.. That would be _remote server not found_ but I don't know what this one is.. Maybe its the muc component that's down?

  68. Menel

    Hm, no my server does get a s2s to that..

  69. Menel

    Got it now. Its the ejabberd server error, if you want to create a muc and are not allowed to do it from remote.. Prosody would say something like "you are no longer in this muc" So it seems this mic was deleted.

  70. Menel

    Got it now. Its the ejabberd server error, if you want to create a muc and are not allowed to do it from remote.. Prosody would say something like "you are no longer in this muc" So it seems this muc was deleted.

  71. qrpnxz

    anyone have a regex on hand for JIDs?

  72. moparisthebest

    famous last words :)

  73. Sam

    Same as in the other room: there is no such thing. You could use *several* regular expressions to split (but not validate) a JID, but at that point you might as well just do the splitting in the language you're using and skip the regexp part

  74. mjk

    Sam: are jids non-regular? O_O (I know email addresses are)

  75. mjk

    Sam: are jids not regular? O_O (I know email addresses are)

  76. moparisthebest

    no, you can't validate email addresses with a regex either

  77. Sam

    Yah, all those various email regexs are wrong too and will eventually bite you.

  78. moparisthebest

    at least not without many tears, and then you end up giving up

  79. Sam

    For JIDs among other things you'd need to split on the last "/" first, so you'd need backtracing which would require fancy Perl style not-regular-regular-expressions (maybe, I assume those could do it but I don't know all the things they support). However if you're doing that I can also create a JID that can lead to near infinite back tracing, so it's just not a good idea.

  80. Sam

    And that's just to split them into their component parts, you definitely can't do internationalization with a regexp.

  81. mjk

    Sounds exciting... Thanks guys

  82. moparisthebest

    the only acceptable "is the email/jid valid?" regex imho is ".*@.*\..*" for a quick smell test

  83. mjk

    Haha

  84. moparisthebest

    validate it the proper way further on if you need to be sure

  85. moparisthebest

    in english that's "has at least one @ and one . after the @"

  86. Sam

    Nope, that won't work for me@localhost :)

  87. Sam

    (but I know what you meant)

  88. mjk

    I guess PEGs should be powerful _and_ effient enough

  89. moparisthebest

    right but @localhost isn't valid for say, registering for a website or whatever, but yea :)

  90. mjk

    localhost.localdomain!!111

  91. ernst.on.tour

    Shouldn't something like [a-z0-9\.\\[0-90-9]+@ fetch the user part ?

  92. Licaon_Kter

    O hai, match this `@_xmpp_Nick=2fmucname=40conference.domain.tld:matrix.org`

  93. mjk

    Incoming code review... > `.*@.*\..*` This would match `@.` :p

  94. Sam

    My best initial guess (just for splitting, but almost certainly still wrong and it's probably easier to just do the splitting algorithm which is really easy to implement) would be `(?:(.*)@)?([^/]*)(?:/(.*))?`

  95. mjk

    Licaon_Kter: I- is that even a jid? suspicious@fry.jpeg

  96. Licaon_Kter

    mjk: it's how matrix users mention xmpp members over their broken bridge

  97. mjk

    Ah, so it's a mention, as I suspected

  98. Licaon_Kter

    Bad example actually, i dunno how it looks the other way :)

  99. Sam

    yah, that one is not actually a valid JID, just how matrix does things

  100. Sam

    oops, my random dumb stab at it is already broken by trivial JIDs. This is why you should just implement the splitting algorithm :)

  101. mathieui

    https://lab.louiz.org/poezio/slixmpp/-/blob/master/slixmpp/jid.py#L26 FWIW (but you need to validate it anyway, that’s just for splitting somewhat adequately, and you can’t validate it with a regex)

  102. mjk

    Now this chat has NaN problems

  103. Sam

    heh, my regexp library limits repeats to a max of 1000 for some reason, so even that wouldn't work

  104. mathieui

    Sam, so you are ignoring the last 23 bytes of each part??? That is a scandal!

  105. Sam

    mathieui: yup, can't parse all those 1023 byte localparts now!

  106. mathieui

    and resources!

  107. mathieui

    and domainparts!

  108. Sam

    Actually, even changing that it doesn't work for me, unsure why. I get no matches on even simple JIDs

  109. Sam

    huh, it's the bounding ^$ breaking it. No idea why though. Oh well.

  110. Sam

    Okay, I was totally wrong, this should work for splitting at least. I was being dumb, you don't have to match the last /, you obviously have to match the first one which is fine.

  111. Sam

    But still, don't do it. It's just a bad idea.

  112. moparisthebest

    A programmer has a problem, they think, I know I'll use a regex! Now they have 2 problems

  113. Sam

    This ^

  114. mjk

    Yeah, I mean.. ```lua print(([[A programmer has a problem, they think, I know I'll use a regex! Now they have 2 problems]]):match(' (.+) problems?')) ``` > programmer has a problem, they think, I know I'll use a regex! Now they have 2

  115. qrpnxz

    xD