XMPP Service Operators - 2021-12-17

  1. thndrbvr

    > Rob wrote: > So what's the ratio of Prosody vs. Ejabberd deployments among the operators in this group? ... Neither. Metronome IM. 8)

  2. kr1p

    Isn't that just a fork of Prosody though? It gets confusing with all the forkin' forks out there! 😋

  3. Licaon_Kter

    kr1p: that can't be named a fork 12 years later...c'mon...it was back in 2010, now it's just another LUA based server

  4. kr1p

    Haha, fair enough!

  5. pur

    I still like to reach admin of jabber.ccc.de. How can I do that?

  6. Martin

    > contact addresses for jabber.CCC.de are > - abuse-addresses : mailto:jabber@ccc.de > - admin-addresses : mailto:jabber@ccc.de > - security-addresses : mailto:jabber@ccc.de > - support-addresses : mailto:there-is-no-support@ccc.de

  7. pur

    thanks you :-)

  8. Licaon_Kter

    @version jabber.ccc.de

  9. MattJ

    Licaon_Kter: can't tell if that was intentional, but it's "Lua", not "LUA". It seems like you had a Lua Uppercase Accident ;)

  10. Ge0rG

    That acronym is so deep.

  11. Ge0rG

    It's worth doing it intentionally just to trigger the LUA police

  12. Martin

    lu(n)atic…

  13. Licaon_Kter

    MattJ: I like to trigger casenazies I do

  14. Ge0rG

    Licaon_Kter: so you are making fun of people with OCD and then pull a Godwin?

  15. Licaon_Kter

    Sounds bad when you frame it like that...

  16. mjk

    At least PERL shouldn't trigger anyone around here... right?

  17. mjk

    But TOR might

  18. Licaon_Kter says nothing

  19. jonas’

    second log4j CVE upgraded to CVSS 9.0: https://www.lunasec.io/docs/blog/log4j-zero-day-severity-of-cve-2021-45046-increased/

  20. ernst.on.tour

    Shit .... 😭

  21. TheCoffeMaker

    ernst.on.tour: http://log4jmemes.com/ here u have to have a little fun in this log4j nightmare

  22. jonas’

    unless you're running openfire ;)

  23. rozzin

    So..., aside from the "why would someone have even wanted that feature in the first place", the other thing I really don't get about this is that I'm seeing articles going "well, it's not surprising really, because as everyone knows Java has so much cleverness in it to make every programming task practically automated, which means that this sort of WTF-I-used-a-string-and-now-something-is-downloading-and-running-foreign-code-from-some-random-server thing is basically normal in Java". I mean..., "so full of clever power-tools that it's easy to hurt yourself" was *not* an impression I ever got from Java.... I know it evolves over time..., but I thought it was still more like "something good for keeping dev teams fungible because nobody's allowed to be clever or dangerous, because if you want *that* the only escape hatch is inventing a whole other language that can be compiled down to JVM".

  24. Licaon_Kter

    The best one I've read was _"it's a good thing, that Java lib feature actually worked as intended"_ :))