XMPP Service Operators - 2023-10-26

Is the operator of jabber.sytes24.pl in this room? Does anyone else have trouble accepting a s2s from them? They appear to be using a certificate that we don't trust, and dialback seems to succeed, only for the connection to be closed with an TLS error immediately after.

They run Openfire 4.2.1😱

ohboy - but it appears that you _can_ federate with them?

HAL can

The prosody bot

is that a c2s or s2s connection?

s2s

(i think 🤔)

At least s2s works too from HAL

Hmm, my browser also allows their certificate

so why doesn't my server?

Testssl fails also the handshake

Wasn't openfire the one with the huge cve, and we can assume their whole sever is taken over by now?

Or you can use the exploit to update it's certs and setup :)

Yes / yes.

It'd not be quite legal though.

(also, they've exposed they admin console to the public internet, on a non-encrypted port :S

Was joking but yeah ¯\_(ツ)_/¯

Well, I'm guessing that this server is now a crypto-mine - so there's an argument that you'd do the hoster a favour...

Unasked favors don't go unpunished

There are to any negations in that sentence to parse without more coffee :D

:)

eep?

https://notes.valdikss.org.ru/jabber.ru-mitm/ you guys know about this right? Does this make Hetzner and Linode providers to avoid, or just Germany is a country you should avoid hosting at?

I wanted to maybe get Hetzner due to it being so cheap but if they're going to intercept traffic maybe it's not a smart idea

Perhaps homehosting is not so bad after all

Except then the police will raid your home

Practically all reputable providers will obey court orders

Or otherwise wiretap you

> Practically all reputable providers will obey court orders Fair enough. But why? Just because they're Russian? ↺

Sounds pretty racist to me

because they follow the law obviously

What I don't understand though, is why they made a TLS MITM when they could literally log into the VPS and steal the certificates

Nobody knows (if this even was a court order, though it seems likely). But there is a bunch of criminal activity associated with jabber.ru users, so it's not unlikely that they were targeting some individual or group that were using the service.

Maybe they (ironically) wanted to avoid detection. Also the laws between wiretapping and "stealing the certificates" are also very likely to differ.

Maybe they just wanted to highlight this kind of attack so we could prevent it in the future

Why was STARTTLS even used?

Do XMPP clients and servers still use STARTTLS?

No, right?

Yes, and that's not a problem

Why use STARTTLS when you can use TLS immediately instead?

At this point, it's just a case of moving the ecosystem as usual. Direct TLS is gradually gaining adoption.

Is it not used often?

I don't have stats

XMPP had mandatory TLS since 2014 right?

Yes

Direct TLS stats from yax.im, a server without a respective SRV record: 974 STARTTLS connections, 1 Direct TLS connection

:D

https://compliance.conversations.im/test/xep0368/ has some numbers, but many of the servers that don't have it are smaller/private ones

STARTTLS is called STARTTLS, because it stands for START using direct TLS

Oh sorry, I have to corect that. 0 active Direct TLS connections, the one I accidentally counted was an outgoing one from port 52236

inb4 it was just a command to tell the server to start using TLS (opportunistic TLS)

> Squeaky Latex Folf a écrit : > https://notes.valdikss.org.ru/jabber.ru-mitm/ you guys know about this right? Does this make Hetzner and Linode providers to avoid, or just Germany is a country you should avoid hosting at? No, it means you have to adopt better practices in social networking for illegal purposes (e.g. tor)

At JabberFR, we have 486 connections using STARTTLS on port 5222, and 254 using direct TLS on port 5223.

Or just for all purposes.

Fair enough, but Tor XMPP federation doesn't have an XEP afaik and I heard people had to make a manual table of Tor servers to federate with or otherwise it'd refuse due to incorrect certs ✏

https://en.wikipedia.org/wiki/Opportunistic_TLS#Weaknesses_and_mitigations

Why do so many use STARTTLS? I don't get it

yup, as i expected from opportunistic TLS

i thought "could you just strip the STARTTLS command?"

apparently that works

techmetx11, that article is about "opportunistic TLS" which is not what XMPP does these days

Squeaky Latex Folf, it doesn’t have any downside compared to direct TLS.

If you strip starttls, clients will refuse to connect, and even the older ones will shout at you about it

MattJ: so clients can't connect in plain text?

No, they refuse to

oh

Hi

Obviously that is up to the client. But if the client wants it can also POST your credentials to a pastebin. We can't control everything :)

They are all a lie https://news.ycombinator.com/item?id=21412052

Don't trust them

If you find any maintained client that would connect without TLS, it's a security issue and you should report it as such

Well there are a few reasons why one might want to connect without TLS

For example if you have a lower layer in the OSI stack that already does encryption

Like Tor

Sure. That's why I can't use Dino for Prosody development, because I test on localhost with self-signed certs and it won't let me continue.

Others complain, but usually there is an override somewhere

What is the proper way of federating over Tor anyway?

I heard it's not really supported

MattJ: Dino seems to be a overly simplistic client

Theoretically, the same as in clearnet, except that you connect out over Tor, and to a .onion.

techmetx11, I don't know... it supports a bunch of features others don't. It's still the only client with group audio/video calls?

techmetx11: has group video calls, hard te say

i meant as in user configuration

You're missing the XML console and Disco listing? Yeah, no. ✏

most of the important settings (like time until sending a "<user> has left" message, and stuff)

are hardcoded

What is that?

I don't see that in Monal, sorry, Siskin, sorry....

Licaon_Kter: it's the little notification that tells you if a user has left your conversation

Dino has it hardcoded to 10 minutes

Who cares, I'll message them anyway, they'll see it later...

> Hmm, my browser also allows their certificate Guus: sounds like a classic case of missing intermediate cert, browsers "helpfully" find and include them for you so you don't know your site is broken ↺

> HAL can > > The prosody bot What is this? I've not heard of this

The last days so many people complained about starttls, I wonder what Blog started that, because it has nothing at all to do with these kinds of attacks, and no direct tls could've prevented it. Theres yet an issue with it to be found in the xmpp context..

I've 34 incoming direct tls s2s and 10 starttls

Menel: certainly the attack had nothing to do with starttls. But it does raise a tangential question: if the attacker had instead reported starttls as unsupported during the c2s MiTM, do all clients _refuse_ to connect without TLS? :)

That's up to the client devs, not the sever devs. All modern clients, all I've used, would refuse always or complain very loudly

Also if all servers disable starttls, even then you could insert your attack the same way, as long as people use too old clients that are happy with plaintext ✏

RTG: they had TLS, right?

(Funny that I had to force reconnection now, because using my own wifi, error says "sasl degraded")

> That's up to the client devs, not the sever devs. > All modern clients, all I've used, would refuse always or complain very loudly I'd certainly have this _feeling_ as well, but has it ever been evaluated and documented how various clients react with "bad" TLS? TLS 1.0 and 1.1 have largely been deprecated and are no longer recommended. Do any clients still support TLS under 1.2? The attack raises these tangential questions, and while the answers may be within a collective few who are XMPP experts, the community at large can benefit by knowing the client they use either has or doesn't have various protections. :) ↺

thats why we have https://joinjabber.org/ and https://providers.xmpp.net/apps/

to promote good apps to people :)

for the technically inclined you can see what each app supports at xmpp.org directly here -> https://xmpp.org/software/

Ge0rG: > Oh sorry, I have to corect that. 0 active Direct TLS connections, the one I accidentally counted was an outgoing one from port 52236 I'm connected to yax.im with direct TLS and "bidi" maybe you didn't count the bidi connection ?

https://fosstodon.org/@xmpp/111303395297803949