Hey,
Due to the numerous people who are interested in an online meetup, I
have created a poll to vote on it. Please bare in mind I am based in
the UK, so bare in mind if you are European you are a hour or two
ahead, and if you are in the US/CA you are 5-8 hours behind.
I am not currently sure what to do about the timezone situation, but
seen as I am hosting this one we will centre on UK time (BST/GMT).
Please vote: https://nuudel.digitalcourage.de/1IMTCkRid7Vgbmut
Unfortunately due to conferences in September, I will not be available,
so its either August or October.
Sooner we can get a good number of votes, the better!
Thanks,
--
Polarian
Jabber/XMPP: polarian(a)icebound.dev
Hey,
Find the details below:
Date: 16th October to 18th October 2026
Location: Bucharest, Romania
Venue: Politehnica University
The organiser of the conference responded back to me today offering a
stand for XMPP. My plan is to bring a few phones and laptops, and show
the XMPP experience. Along with stealing ralph's idea from FOSDEM and
have a SBC on the table running a proof of concept chat service.
Then have stickers and potentially leaflets like usual, will liason
with commteams to see if they have anything we could print and handout.
I have one person who has contacted me willing to help out, this email
is a call for involvement, if you are able to attend the conference and
give a hand, please let me know either on list, off list or on XMPP
(my JID is within the email signature).
I have yet to confirm the stand, however I am more than happy to run
this one just 2 people. The more the merrier though, Bucharest for
Westerners is cheap, and its a nice city to visit.
Thanks,
--
Polarian
Jabber/XMPP: polarian(a)icebound.dev
Hi!
Could someone please add me to the operators(a)muc.xmpp.org group? I'm the admin for openim.nl and my JID is ilias(a)openim.nl.
Thanks so much!
-
Ilias
admin at OpenIM
Good morning,
I discussed the idea of having an online meetup between XMPP operators
within the operators MUC a few days ago. Due to email migrations I
didn't find the time to draft the email, so I apologise for the delay.
So presenting the idea and name of "XMPP Op(erator)Meet(up)" or "XMPP
OpMeet" for short, and yes I did spend a while trying to find a name
for it, and no it doesn't actually matter :p
this email is to merely gauge interest in the idea. I would like to
take lead on providing the infrastructure, I feel the best bet for this
would be a jitsi instance as its fully featured and stable.
The idea follows:
* Run a Jitsi meeting for the period of a day for operators.
* Have a small CfP for any operator who wants to talk or discuss their
setup.
* Make the meeting accessible for non-operators too, what better way to
get people interested in being an operator than let them join a
meeting and hear the discussions on the topic.
* Jitsi supports breakout rooms (like zoom, but never tried using them)
so we could breakout into smaller groups to discuss or deal with
specific projects or ideas, in a sprint-style manner, then come
together at the end to present what each breakout room got up to over
the time?
* Maybe if someone is up for it, we can run a workshop in a breakout
room for non-operators to learn to setup their first XMPP server
using prosody or ejabberd?
Anyways to gauge interest please reply with a + if you think this would
be a good idea to organise, and a - if you believe this would be a bad
idea or wouldn't be interested. You are free to vote on each individual
idea bulletpointed above, I will take any - on the individual ideas into
account, and drop unpopular ones.
If we get enough +'s I will start a poll to vote on the first XMPP
OpMeet.
Some questions which others might be able to sole:
* Timezones? operators are distributed across the globe, how should we
account for this?
* Any alternative software suggestions?
* Any other ideas of what to do during the online meetup?
* Does XMPP OpConf sound better/make more sense? Calling it an "online
conference" feels wrong as it feels more like an informal meetup, but
I don't know, let me know your thoughts!
Thanks,
--
Polarian
Jabber/XMPP: polarian(a)icebound.dev
Hi,
Since 2 days, i ve some problems to use ejabberd with postgresql.
Usually i use mnesia or SQLite, and i ve no problem
Here i d want to use postgresql. I import the SQL file on the db server, all tables are OK.
But when i start the ejabberctl, it indicates errors, something like :
Failed RPC connections to the node ejabberd@localhost: timeout
I use debian 12 with the version 23.01.1 installed with apt.
Regards
T
Hi all,
The XSF infrastructure team is planning to move our mailman installation
from a dedicated machine to a cloud service. When doing so, we also plan
to delete some lists that are no longer in use or that could be replaced
with chatrooms. Do we feel the need to keep this list for coordination
among server operators, or could we use the operators@ chatroom instead?
Peter
Hello Operators,
Notes:
- I am aware a lot of this will be IANAL, however I wanted to ask
anyways to see others views on this.
- As the subject states, this is mainly concerning UK GDPR, however EU
GDPR is pretty similar and therefore I am sure advice will carry over.
- One of the reasons I wanted to mailing list this, is that I feel it
could be a pretty good reference for others which are planning to run
XMPP servers within UK/EU, for personal use or for educational use,
information on this doesn't seem to be widespread, and many people
(including me) can't simply ask a lawyer for their interpretation.
- I self host my own server, and I run my own XMPP server on it for me
and my friends. My server is closed registration.
The issue:
Under UK GDPR (not sure about the EU one) the only grounds for
exemption is "Residential use" (other than police and national
security, which are also exempt), quoting from the ICO:
"Domestic purposes – personal data processed in the course of a purely
personal or household activity, with no connection to a professional or
commercial activity, is outside the UK GDPR’s scope. This means that if
you only use personal data for such things as writing to friends and
family or taking pictures for your own enjoyment, you are not subject
to the UK GDPR." [1]
(For those who don't know who the ICO is, they are the British data
protection authority, see [2])
At first, at least in my case, this seems pretty easy. The data is
stored domestically, it is used with me and my friends for
communication, there shouldn't be any more to it... right?
But there is. I regularly connect and talk in many MUCs for open source
projects, such as Ignite Realtime (which this was initially discussed
until Guus suggested moving it to operators, thanks Guus :) ).
IP addresses, are considered identifiable information, logs will store
said information, this therefore means my server is storing
identifiable information on other servers, in this case, servers which
could be considered for commercial purposes.
It needs to be noticed commercial purposes doesn't necessarily mean
paid services, charities and non-profits are included within the
definition. Open source projects COULD be considered commercial
purposes because, although contributions are provided free of charge,
it is still a "donation" of sorts in the way of code.
The definition of "professional" does not seem to be clarified anywhere
on the ICO page, nor in their legal definitions [3]. It doesn't seem to
be within the UK GDPR legislation [4] (I will admit I did not read all
of this, I tried searching for keywords and found nothing, if someone
read it all and knows where this exception is clarified, please let me
know). Professional could mean a lot, but I will assume it is to do
with some sort of "work", which therefore would include open source
contributions.
This therefore could break the "no connection to professional or
commercial activity", to be honest the easiest thing to draw from this
is if it involves someone who is not family or friend (or yourself),
you are very likely to not be exempt.
For those who will suggest a zero storage solution, where the XMPP
server doesn't store any data, it still comes under GDPR due to
PROCESSING of data, simply processing it, even if you don't store it,
will have GDPR requirements.
Failure to pay when you are required to results in fines.
This is really cracking open a huge can of worms, it isn't so much of
"ah £45/yr is no big deal", once you are exempt you must follow all the
legal requirements of GDPR, and for a hobby? Is it worth it?
I am 100% sure, an XMPP server which does not federate, which is used
to communicate with friends would be exempt. But I have my doubts
whether a federated server can still use the same exemption clause.
Whether it is IANAL or not, what are your opinions on this?
(Note: This is also a big drawback to why, even though I have resources
to contribute, I can't simply setup a public instance to help out the
XMPP community... doing so has legal requirements)
Oh and this ignores the Communications Act, which your legal status
must be declared to your ISP (Subscriber, Communications Provider, or
Internet Service Provider), which definitions of each, are obscure. My
ISP leaves it up to me to decide which I fall under, and if they get
fined for it, I am expected to pay the fine.
This is a can of worms I have avoided for years now, on the hope that
my hobby is too small for anyone to care about. This is a separate
issue, GDPR is the topic of this thread :)
Take care,
--
Polarian
GPG signature: 0770E5312238C760
Jabber/XMPP: polarian(a)icebound.dev
[1]
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/exempti…
[2] https://en.wikipedia.org/wiki/Information_Commissioner's_Office
[3]
https://ico.org.uk/for-organisations/data-protection-fee/legal-definitions-…
[4] https://www.legislation.gov.uk/ukpga/2018/12/contents
Hi all,
This topic is all over the internet at that point, and I doubt most operators here
would be affected, but it is worth a heads-up for people who do not stay on to
of the news:
The current maintainer (and also for the past two years) of xz-utils, which is
included in about every linux distribution in existence, has been backdooring
the release tarball of the package since at least February 2024 and the 5.6.0 release.
The backdoor is specifically targeted at debian and rpm-based systems, which
one known effect providing a remote unauthorized access to the SSH server
(due to those distributions patching sshd to link to systemd which itself uses
liblzma from xz-utils).
The version is recent, and only included in debian sid/testing as well as
Fedora 40/41, which have since yesterday published new packages removing
the backdoor. Other distributions like Gentoo or Archlinux and derivatives were
also including the vulnerable versions, though it seems like no backdoored code
was built in there (the exploit was targeted during the build, and neither distribution
used a process that would include it).
The investigation is ongoing, but here [1] is the link to the oss-security mail which
was the first publication on that topic, and here [2] is a more detailed writeup of
the events.
Stay safe,
Mathieu
[1] https://www.openwall.com/lists/oss-security/2024/03/29/4
[2] https://boehs.org/node/everything-i-know-about-the-xz-backdoor
