[jdev] Possible Off Topic but of XMPP Interest: Wiki Leaks uses XMPP
Peter Saint-Andre
stpeter at stpeter.im
Thu Oct 28 11:41:26 CST 2010
On 10/23/10 11:52 AM, Ernest Nova wrote:
> "A Wiki leaks source who asks to remain anonymous now says that the
> organization’s XMPP server in Amsterdam, used to host its encrypted instant
> messaging communications, was compromised earlier this week by an unknown
> attacker, and the chat service had to be relocated to another server in
> Germany. “The server got attacked, hacked, and the private keys got out,” says
> the source. “We needed new private keys. Now it’s back online and secure.”
>
> http://bit.ly/bZeCWr
They were storing the private keys of end users on their XMPP server?
That seems like a bad idea. If they were storing the private key of the
server itself (i.e., the certificate used for TLS), that's another story...
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6105 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20101028/6150240a/attachment.bin>
More information about the JDev
mailing list