Agregador de noticias

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News: 2014.03.18

Planet Jabber - 28 May, 2014 - 12:39

Jitsi News

Planet Jabber - 28 May, 2014 - 12:39

Ignite Realtime Blog: (a)Smack 4.0.0-rc2 released

Planet Jabber - 25 May, 2014 - 08:57

Six weeks after the release of the first Release Candidate (-rc1) of Smack 4, the Ignite Realtime Community is proud to announce the release of the second and likely final Release Candidate.


Smack 4.0.0-rc2 contains many improvements and bug fixes. The API underwent some major changes and is considered stable. Now is the perfect time to test (a)Smack 4.0 if you haven't already. Smack is available from Maven Central (direct link). aSmack can be obtained from


Make sure to read the upgrade guide and the previous blog post about Smack 4.

Peter Saint-Andre: RFCs 7247 and 7248

Planet Jabber - 21 May, 2014 - 00:00
A long time ago in an Internet far, far away, there happened a series of skirmishes known as the Instant Messaging Protocol Wars, involving brave warriors from the SIP and XMPP communities. Words were exchanged, epithets were hurled, swords were drawn, hand-to-hand combat ensued at IETF meetings, and much blood was shed. All for naught - as with most wars - because the real enemy (proprietary systems) invaded vast swaths of territory in the meantime.

The XMPP Standards Foundation: Happy Encrypted Network!

Planet Jabber - 19 May, 2014 - 17:18

Today, a large number of services on the public XMPP network permanently turned on mandatory encryption for client-to-server and server-to-server connections (there’s a fine summary here). This is the first step toward making the XMPP network more secure for all users. Stay tuned for more updates as we work on ubiquitous authentication, secure DNS, end-to-end encryption, and other improvements.

ProcessOne: Boxcar Large Scale Developer Push Service Available to All Developers

Planet Jabber - 19 May, 2014 - 15:19

ProcessOne and Boxcar have been building push services for real-time notifications since the launch of the push feature on iOS. Our core business has been since that time to deploy large scale notification services for carriers, broadcasters, ensuring very high availability, very fast delivery in a cost-effective way.

A massive scale push service now available for everyone

This service has only been available for select large scale customers until now.

We are opening it today to everyone, including smaller developers. It offers many benefits that can attract startups and smaller brands:

  • Our SDK is tailored to be very small and lightweight. We do not want you to build a huge stack of services you will likely not use to plug on our platform.
  • Our platform is cost-effective and offers fixed priced plan for unlimited number of messages. Our technology allow us to control the numbers of workers, redundancy, speed, message priority in realtime. Thus, you pay a fixed price for an unlimited number of messages and can select which delivery speed you need considering your number of devices and the criticity of your typical notifications.
  • We can grow and scale with you. The same platform works for small companies to huge broadcasters.
  • Our platform offers unique realtime analytics feature to see how people are reacting to a given notification in realtime.
  • Our platform goes beyond standard phone push notification with an in-app notification channel. You can receive notifications from within your app that do not need to go through Apple or Google services.
  • Our platform supports iOS and all flavour of Android push services (Google GCM, Amazon ADM, Nokia Push Messaging).
What’s the deal ? What’s the plan ?

We have refactored a large portion of our large scale service and added self-service configuration and credit card payment. You can freely create an account and setup your project. Once everything is working as expected in your mobile app, setup your credit card information (Using Recurly Payment system) and you are ready to go live.

At the moment pricing is very simple:

  • Development plan is free (up to 200 devices).
  • Startup / independant developers plans are as follow:

    • 500 pushes per minute, unlimited monthly pushes and devices: 7 euros per month
    • 750 pushes per minute, unlimited monthly pushes and devices: 30 euros per month
    • 1000 pushes per minute, unlimited monthly pushes and devices: 100 euros per month
    • 1500 pushes per minute, unlimited monthly pushes and devices: 200 euros per month

We can of course handle much larger scale to suit the needs of larger corporations, broadcasters and carriers, with delivery speed up to 3 million pushes per minute.

However, the higher plans need to go through setting invoice / payment system as monthly price goes higher than usual charges on credit card. Contact us and we can make that happen.

We did not yet made available all our features, like customer segmentation or geotarget push, but those features are coming in due time.

You can expect the team to be helping on a daily basis to improve FAQ, documentation and the console itself to help you understand push notifications and make sure you make the best of it to grow your business.

If you are developer of an iOS and / or an Android application, please, go ahead and create your free developer account on Boxcar Developer Console.

We are here to assist you !

ProcessOne: ejabberd Community 14.05

Planet Jabber - 19 May, 2014 - 13:28

ejabberd Community 14.05: the culmination of a year of change

Before getting into technical details of version 14.05 changes, let’s summarize an amazing year of ejabberd development.

Last year we made major changes in our development, release and support process.

ejabberd now has two faces:

  • ejabberd community is now improving at a very fast pace with changes coming from the community. That version improved a lot over the year. It has a lower memory footprint, gained many new features and several XEP support. We switched to modular rebar build system. Documentation has been improved. Overall, it is a great basis to build innovative solutions.

  • ejabberd commercial is more stable and scalable than ever and we have pushed its scalability both in term of number of supported nodes than in term of users supported on a single machine. ProcessOne is managing more and more deployments for our customers with it, and that kind of partnership with our customer just works, making every one happier. Rock solid platform managed by a team of experts.

For this latest release, we are very happy to see two new major contributors, Holger Weiß and Tsukasa Hamano. Congratulations!

Now, we are going further, exploring the realm of Voice Over IP and SIP. ejabberd was the reference on messaging and now if can help you place calls over SIP. Please, read that again :)

We have integrated a SIP proxy / Registrar in ejabberd that makes possible, using the same credentials, to pass SIP calls with a SIP client as well (for example your Android phone). We had a STUN service and integrated TURN to make VoIP easier in most contexts. This is just the beginning and we are waiting for your feedback to make things even simpler.

Note: ejabberd is also still compliant with Jingle pure-XMPP VoIP. It is just a matter of choice. We let you use the protocol you prefer in to pass your call. However, we do not bridge SIP and Jingle. This is a pain and in most deployments only one protocol will be used.

And finally, in a world where security is critical, we tightened our security to increase the default level of robustness of crypto algorithm used.


ejabberd Community 14.05 has great new features, several improvements and many bugfixes over the previous 13.12 release:

ejabberd now includes support for:
- XEP-0198: Stream Management (EJAB-532)
- XEP-0321: Remote Roster Management (EJAB-1381)
- RFC-3261: SIP proxy/registrar
- RFC-5766: TURN: Traversal Using Relays around NAT (EJAB-1017)

There are several improvements regarding encryption:
- Add option to specify openssl options
- Fix extraction of host names from certificates
- Fix certificate authentication for incoming s2s connections
- Fix handling of certificate verification errors for incoming s2s
- Handle “s2s_use_starttls: required_trusted” the same way for outgoing
- Support certificate verification for outgoing s2s connections
- Check TLS state before requesting SASL EXTERNAL
- Log TLS status for outgoing s2s with SASL EXTERNAL
- Verify host name before offering SASL EXTERNAL

Just to mention other improvements:
- New ejabberd command: disconnect_user/2
- New Bash completion script for ejabberdctl, experimental (EJAB-1042)
- Don’t provide current password in webinterface
- mod_register_web: check same acl as mod_register.
- Document and enable mod_carboncopy (XEP-0280) by default
- Make it possible to get/set vCards for MUC rooms
- Add Travis CI configuration file

And many many bugfixes all over the source code, most of them were introduced when ejabberd was updated to use binaries.

We would like to thank specially Holger Weiß for his XEP-0198 feature and varied bugfixing, and Tsukasa Hamano for his bugfixes.

This release requires at least Erlang/OTP R15, and works perfectly with R16B03. It should work correctly also with the new R17.

As usual, the release is tagged in the Git source code repository on:

The source package and binary installers are available at ProcessOne:

If you suspect you found a bug, search or fill a bug report in Jira:

Prosodical Thoughts: Mandatory encryption on XMPP starts today

Planet Jabber - 19 May, 2014 - 10:31

Last year Peter Saint-Andre laid out a plan for strengthening the security of the XMPP network. The manifesto, to date signed by over 70 XMPP service operators and software developers, offered a rallying point for those interested in ensuring the security of XMPP for its users.

Today is the date that the manifesto gave for the final 'flip of the switch': as of today many XMPP services will begin refusing unencrypted connections. If you run an XMPP service, we encourage you to do the same. On the wiki you can find instructions for all the popular XMPP server software. While XMPP is an open distributed network, obviously no single entity can "mandate" encryption for the whole network - but as a group we are moving in the right direction.

If you use an XMPP service provided by someone else and you encounter problems contacting family, friends or colleagues starting from today, it may be a sign that either your XMPP service or theirs is not properly supporting encryption. Contact the administrator of your service and let them know about this change. You can also use to test any server.

We still have some way to go, for example today's change only ensures encryption (enough to beat passive capturing of traffic), it does not require you to have a valid certificate issued by a certificate authority (though some services do already choose to require this).

There is a whole lot of work being done to pave the way for a future without CAs, as they are a sticking point for many people - whether for financial, trust, privacy or philosophical reasons. Some current initiatives include DNSSEC, Monkeysphere, and some folks prefer to trust nothing less than hand-verified fingerprints! We already have experimental plugins available in prosody-modules for these things (mod_s2s_auth_dane, mod_s2s_auth_monkeysphere, mod_s2s_auth_fingerprint, etc.). If this is something you are interested in, take a look, help us test, and perhaps contribute code even!

Further reading:

ProcessOne: Releasing Enhanced Security Debian AMI

Planet Jabber - 16 May, 2014 - 12:15

We have decided to share with AWS community our basic linux platform. It is based on Debian and includes some security enhancements, that comes from integrating grsecurity into kernel. Previously i have released only kernel builds known as ESK kernel, now we are presenting whole Debian that includes following changes:

  • ESK kernel 3.2.58
  • gradm 3.0
  • paxctl 0.8
  • TPE
  • special groups for TPE: untrusted, readproc, symlinkrestr
  • RBAC ready (disabled by default)
  • performance modifications, see sysctl.conf
  • default root filesystem is XFS
  • you can build your own kernel, see dirty script in /usr/src/

AMI named debian-7.5-amd64-grsec-enhanced-security is available in US-East (ami-64dc300c) and EU-West (ami-818747f6) regions. After starting instance you can login into root account. Uses who need to have root access need to belong to special group ‘admin‘. For more information on using grsecurity kernel see documentation. We will be providing updates to the AMI when it will be necessary. More information about ESK can be found here, also you can track us for updates on twitter: ProcessOne or me.

Distribuir contenido