Service Notices

To learn about major updates related to the jabber.org IM service, please follow us on Twitter or Mastodon, or subscribe to the JUser email list.

2023-01-17: Major Software UpgradeWe recently completed a major upgrade of the Jabber.org service, which is now running the Prosody open-source server software. Expect further updates in the coming weeks and months.2021-09-22: IPv6 OutageWe are aware that there are currently issues accessing the jabber.org service using IPv6. This appears to be a routing problem that we are investigating.2020-09-25: Migration UpdateThis morning's migration of the conference.jabber.org groupchat service was a success. We are now planning the migration of end-user accounts and we will post again when we are ready to complete that task.2020-09-22: Groupchat MigrationThis Friday, 2020-09-25, starting around 14:30 UTC, your admin team plans to migrate the conference.jabber.org groupchat service to a new machine and server software. If all goes well the downtime will be limited to ~30 minutes or less. Please note that this will not affect one-to-one chats, only groupchat rooms. Thanks for your patience.2020-08-11: Back in BusinessQuick update: we're back online!2020-08-11: Data Center OutageBecause of a major Internet outage caused by severe weather in the midwestern U.S., the data center that hosts the Jabber.org messaging service is currently offline. We'll post further details as soon as possible.2020-05-27: Server Software MigrationAfter many fine years of running Isode's M-Link server software, the jabber.org admin team is currently working to migrate to the open-source Prosody server. Although we will strive to make this transition as seamless as possible, performance might suffer temporarily as we run migration scripts and the like. We apologize for any inconvenience.2014-04-08: OpenSSL UpgradeIn response to the Heartbleed bug, upgraded the version of OpenSSL used at jabber.org to help prevent information leakage.2014-03-19: Cipher Suite Upgrades for Improved SecurityIn order to improve the security of your connections to the jabber.org IM service, we have upgraded the list of cipher suites that we support for Transport Layer Security (TLS). Specifically, we have removed a number of weak cipher suites that provide low levels of protection. As a result of these changes, it is possible that some client software will not able to connect (e.g., very old clients, and software exported to certain countries). Please post to the [email protected] discussion list if you experience difficulties.2014-02-06: Distributed Denial of Service AttacksThe jabber.org IM service has been under attack over the last several days. As a result, your connectivity might be intermittent and message delivery might be slow. In addition, we have temporarily blocked communication with a number of other XMPP servers on the Internet to protect the jabber.org server. Please see our post at http://mail.jabber.org/pipermail/juser/2014-February/007048.html for further details.2014-01-03: First Encryption Test DayOn January 4, we will perform a test of requiring encrypted connections to other XMPP services on the Internet. During this test, it is possible that you will not be able to chat with friends at other domains, including Google Talk. Please visit http://www.jabber.org/security.html for details.2013-12-18: Security PlanWe are planning a series of security improvements, including mandated encryption of client connections. Please visit http://www.jabber.org/security.html for details.2013-09-24: Where We StandWe seem to be over the worst of the upgrade issues now. Reliability appears better than before, we are supporting nearly twice as many concurrent users, and many new features have been added. Please let us know if you notice any odd behaviors, and thanks for bearing with us.2013-08-21: Certificate FixAfter completing the server upgrade, we also corrected the order of information in the digital certificate for jabber.org, which means you should no longer receive certificate warnings when logging in.2013-08-20: Migration CompleteThe server migration was completed earlier today. Expect some residual instability as we iron out various wrinkles. Many thanks to the Isode team for all their hard work on the upgrade! And thanks to the users of jabber.org for your patience. :-)2013-08-18: Server MigrationOn Tuesday, August 20, the jabber.org IM service will be migrated to a new server machine, generously donated by Isode. If all goes well, we will have a few hours of downtime. If not all goes well, we will most likely revert to the current machine and attempt the migration on another day. Please follow us on Identi.ca or Twitter for real-time updates.2013-06-25: IPv6 RestoredIPv6 support was restored today around 07:00 local time (U.S. Central Time).2013-06-25: Registration DisabledWe have temporarily disabled account registration at the jabber.org IM service while we migrate the account database to a new machine. We will enable the web registration form again as soon as possible! In the meantime, you can create an account at any other public XMPP service.2013-06-24: IPv6 OutageOur hosting provider is experiencing an outage with IPv6 support. No ETA for a fix. We'll post again when we know more.2013-03-05: Corrected Security CertificateThe security certificate that we installed in December used a SHA-256 fingerprint, which theoretically is more secure but which some existing software can't handle yet. Therefore we have installed a corrected certificate using a SHA-1 fingerprint. If you've been receiving a certificate warning for the last few months, you shouldn't receive those anymore.2013-01-15: Non-ASCII Characters Disallowed in New AccountsIn response to several recent instances of abuse, we have disallowed non-ASCII characters in new accounts registered at the jabber.org IM service. This policy does not apply to existing accounts.2012-10-09: Registration Re-OpenedWe have re-opened account registration at <https://register.jabber.org/>.2012-09-25: Updated Service PolicyVersion 1.1 of the jabber.org service policy is now in effect.2012-08-22: Disabled AccountsRecently the jabber.org IM service has been the victim of massive and repeated denial of service attacks. The admin team strongly suspects that these attacks are related to the widespread and abusive use of jabber.org accounts by "customers" of KBot, a program for cheating at the DarkOrbit game. Even if the DoS attacks prove to be unrelated to KBot, the admin team has decided that use of jabber.org to communicate with KBot violates the jabber.org service policy. Although we are in the process of updating the service policy to more clearly define how this kind of usage is abusive, the dire nature of the current threat has forced us to take more immediate action. Therefore, we are disabling the accounts of every jabber.org user who communicates with KBot, and we have disabled new account registration to prevent further communication between jabber.org users and KBot. We do not take this step lightly, but given the current circumstances we have no other choice.2012-08-22: Account Registration DisabledAs part of our defensive measures against repeated DoS attacks, we have disabled new account registration until further notice.2012-08-21: Another Denial of ServiceThe previous DDoS attack has started again. As before, fallback measures are in place, but if your IM client doesn't handle DNS SRV records correctly then you might not be able to connect.2012-08-20: Proposed Changes to the Service PolicyWe have posted proposed changes to the policy that governs use of the jabber.org IM service. Details, links, and instructions for providing feedback can be found in our post to the [email protected] email list, see http://mail.jabber.org/pipermail/juser/2012-August/006869.html.2012-08-15: Service RestoredWe were able to completely restore service today. However, it is quite possible that the denial of service attack could be launched again at any time. If you were unable to connect during the outage, we recommend that you consider using a different IM client or reporting a bug to the developers of the IM client you use, since standard DNS fallback and XMPP reconnection methods should have been sufficient to keep you online after the first few hours of the attack.2012-08-12: Denial of ServiceToday we have experienced a distributed denial of service attack against the jabber.org IM service. Although the web server and email server are running fine, we have been forced to take the IM service offline until your (volunteer!) admin team has time to determine appropriate countermeasures. UPDATE 2012-08-12: We've made some DNS fixes and some clients are now able to connect.