Six weeks after the release of the first Release Candidate (-rc1) of Smack 4, the Ignite Realtime Community is proud to announce the release of the second and likely final Release Candidate.
Smack 4.0.0-rc2 contains many improvements and bug fixes. The API underwent some major changes and is considered stable. Now is the perfect time to test (a)Smack 4.0 if you haven't already. Smack is available from Maven Central (direct link). aSmack can be obtained from http://asmack.freakempire.de/4.0.0-rc2/
Today, a large number of services on the public XMPP network permanently turned on mandatory encryption for client-to-server and server-to-server connections (there’s a fine summary here). This is the first step toward making the XMPP network more secure for all users. Stay tuned for more updates as we work on ubiquitous authentication, secure DNS, end-to-end encryption, and other improvements.
ProcessOne and Boxcar have been building push services for real-time notifications since the launch of the push feature on iOS. Our core business has been since that time to deploy large scale notification services for carriers, broadcasters, ensuring very high availability, very fast delivery in a cost-effective way.A massive scale push service now available for everyone
This service has only been available for select large scale customers until now.
We are opening it today to everyone, including smaller developers. It offers many benefits that can attract startups and smaller brands:
We have refactored a large portion of our large scale service and added self-service configuration and credit card payment. You can freely create an account and setup your project. Once everything is working as expected in your mobile app, setup your credit card information (Using Recurly Payment system) and you are ready to go live.
At the moment pricing is very simple:
Startup / independant developers plans are as follow:
We can of course handle much larger scale to suit the needs of larger corporations, broadcasters and carriers, with delivery speed up to 3 million pushes per minute.
However, the higher plans need to go through setting invoice / payment system as monthly price goes higher than usual charges on credit card. Contact us and we can make that happen.
We did not yet made available all our features, like customer segmentation or geotarget push, but those features are coming in due time.
You can expect the team to be helping on a daily basis to improve FAQ, documentation and the console itself to help you understand push notifications and make sure you make the best of it to grow your business.
If you are developer of an iOS and / or an Android application, please, go ahead and create your free developer account on Boxcar Developer Console.
We are here to assist you !
ejabberd Community 14.05: the culmination of a year of change
Before getting into technical details of version 14.05 changes, let’s summarize an amazing year of ejabberd development.
Last year we made major changes in our development, release and support process.
ejabberd now has two faces:
ejabberd community is now improving at a very fast pace with changes coming from the community. That version improved a lot over the year. It has a lower memory footprint, gained many new features and several XEP support. We switched to modular rebar build system. Documentation has been improved. Overall, it is a great basis to build innovative solutions.
ejabberd commercial is more stable and scalable than ever and we have pushed its scalability both in term of number of supported nodes than in term of users supported on a single machine. ProcessOne is managing more and more deployments for our customers with it, and that kind of partnership with our customer just works, making every one happier. Rock solid platform managed by a team of experts.
For this latest release, we are very happy to see two new major contributors, Holger Weiß and Tsukasa Hamano. Congratulations!
Now, we are going further, exploring the realm of Voice Over IP and SIP. ejabberd was the reference on messaging and now if can help you place calls over SIP. Please, read that again :)
We have integrated a SIP proxy / Registrar in ejabberd that makes possible, using the same credentials, to pass SIP calls with a SIP client as well (for example your Android phone). We had a STUN service and integrated TURN to make VoIP easier in most contexts. This is just the beginning and we are waiting for your feedback to make things even simpler.
Note: ejabberd is also still compliant with Jingle pure-XMPP VoIP. It is just a matter of choice. We let you use the protocol you prefer in to pass your call. However, we do not bridge SIP and Jingle. This is a pain and in most deployments only one protocol will be used.
And finally, in a world where security is critical, we tightened our security to increase the default level of robustness of crypto algorithm used.
ejabberd Community 14.05 has great new features, several improvements and many bugfixes over the previous 13.12 release:
ejabberd now includes support for:
- XEP-0198: Stream Management (EJAB-532)
- XEP-0321: Remote Roster Management (EJAB-1381)
- RFC-3261: SIP proxy/registrar
- RFC-5766: TURN: Traversal Using Relays around NAT (EJAB-1017)
There are several improvements regarding encryption:
- Add option to specify openssl options
- Fix extraction of host names from certificates
- Fix certificate authentication for incoming s2s connections
- Fix handling of certificate verification errors for incoming s2s
- Handle “s2s_use_starttls: required_trusted” the same way for outgoing
- Support certificate verification for outgoing s2s connections
- Check TLS state before requesting SASL EXTERNAL
- Log TLS status for outgoing s2s with SASL EXTERNAL
- Verify host name before offering SASL EXTERNAL
Just to mention other improvements:
- New ejabberd command: disconnect_user/2
- New Bash completion script for ejabberdctl, experimental (EJAB-1042)
- Don’t provide current password in webinterface
- mod_register_web: check same acl as mod_register.
- Document and enable mod_carboncopy (XEP-0280) by default
- Make it possible to get/set vCards for MUC rooms
- Add Travis CI configuration file
And many many bugfixes all over the source code, most of them were introduced when ejabberd was updated to use binaries.
This release requires at least Erlang/OTP R15, and works perfectly with R16B03. It should work correctly also with the new R17.
As usual, the release is tagged in the Git source code repository on:
The source package and binary installers are available at ProcessOne:
If you suspect you found a bug, search or fill a bug report in Jira:
Last year Peter Saint-Andre laid out a plan for strengthening the security of the XMPP network. The manifesto, to date signed by over 70 XMPP service operators and software developers, offered a rallying point for those interested in ensuring the security of XMPP for its users.
Today is the date that the manifesto gave for the final 'flip of the switch': as of today many XMPP services will begin refusing unencrypted connections. If you run an XMPP service, we encourage you to do the same. On the xmpp.org wiki you can find instructions for all the popular XMPP server software. While XMPP is an open distributed network, obviously no single entity can "mandate" encryption for the whole network - but as a group we are moving in the right direction.
If you use an XMPP service provided by someone else and you encounter problems contacting family, friends or colleagues starting from today, it may be a sign that either your XMPP service or theirs is not properly supporting encryption. Contact the administrator of your service and let them know about this change. You can also use xmpp.net to test any server.
We still have some way to go, for example today's change only ensures encryption (enough to beat passive capturing of traffic), it does not require you to have a valid certificate issued by a certificate authority (though some services do already choose to require this).
There is a whole lot of work being done to pave the way for a future without CAs, as they are a sticking point for many people - whether for financial, trust, privacy or philosophical reasons. Some current initiatives include DNSSEC, Monkeysphere, and some folks prefer to trust nothing less than hand-verified fingerprints! We already have experimental plugins available in prosody-modules for these things (mod_s2s_auth_dane, mod_s2s_auth_monkeysphere, mod_s2s_auth_fingerprint, etc.). If this is something you are interested in, take a look, help us test, and perhaps contribute code even!