Snikket: Snikket Server - September 2024 release
We hope you’ve been having a good summer (at least if you’re up here in the
northern hemisphere). Today we’re back with a new release of the self-hosted
Snikket server software.
This software is what’s at the core of the Snikket project - a self-hostable
“personal messaging server in a box”. If you wish for something like
Messenger, WhatsApp or Signal, but not using their servers, Snikket is for
you. Once deployed, you can create invitation links for family, f … ⌘ Read more
Snikket: Snikket Android app temporarily unavailable in Google Play store
We initially shared this news on our social media page, thinking
this was a temporary issue. But we’ve had no response from Google for several
days, and want to explain the situation in more detail.
We merged some changes from our upstream project, Conversations, and we
submitted the new version to Google for review. Before responding, they
removed the existing published ve … ⌘ Read more
Snikket: Security notice: Snikket not affected by CVE-2024-3094
A security vulnerability was intentionally added to a widely used open-source
project known as ‘xz’. This project is packaged in many operating systems, and
a lot of software depends upon it. The vulnerability has been assigned the
identifier CVE-2024-3094.
Systems with the vulnerable package may allow an attacker to gain unauthorized
access to the system via SSH, if your system’s SSH server was linked to the
affected packages.
Thankfully, the vulne … ⌘ Read more
Mathieu Pasquet: slixmpp v1.8.5
Highlights- Moving away from self-hosted gitlab (mathieui)
- Fix connection to Snikket instances (pep., mathieui)
- Performance fix for XEP-0115 queries
- New documentation listing projects using slixmpp (genghis)
- Bugfix and improvements (nicoco, mostly)
- Gitlab migration: see the otherblogpost
- Fix connections to Snikket instances:
Snikket decided to forbid PLAIN
authentication, which is good but exposed … ⌘ Read more
Snikket: On the jabber.ru MITM attack
This post is about a recent security incident on a public XMPP service, which
provides jabber.ru and xmpp.ru. We have received a few questions from Snikket
users about whether they should be concerned about the security of their own
servers (Snikket also uses XMPP).
The good news is that Snikket was not affected by this incident - this was a
targeted attack against the jabber.ru/xmpp.ru service specifically. Later in
the post we’ll share more information about what we’ve done, and … ⌘ Read more
Snikket: State of Snikket 2023: Funding
As promised in our ‘State of Snikket 2023’ overview post, and teased at the end of our first update post about app development, this post in the series is about that thing most of us open-source folk love to hate… money.
We are an open-source project, and not-for-profit. Making money is not our primary goal, but like any business we have upstream expenses to pay - to compensate for the time and specialist work we need to implement the Snikket vision. To do that, we need income.
T … ⌘ Read more
Snikket: State of Snikket 2023: The Apps
As promised in our introduction to the series, welcome to the first of our ‘State of Snikket’ update posts! This installment features all the app development news you could wish for.
So what’s new in the world of Snikket apps?
UI/UXIf you’ve been following Snikket development for a while, you might remember that we were receiving UX advice on making our apps easier and more fun to use, thanks to the team at … ⌘ Read more
Snikket: State of Snikket 2023
This is our first blog post for quite a while, and the last few have all been technical updates of various kinds about the Snikket software. In fact it’s been almost two years since the last post that gave a general progress update on the Snikket project itself, so let’s fix that!
You’ll be pleased to hear that Snikket is very much alive, and although there hasn’t been much of a show to see here, a bunch of stuff has been going on backstage.
We plan to catch you up with our progres … ⌘ Read more
Snikket: F-Droid security update
Last week, Snikket Android users who installed the Snikket app via F-Droid
started receiving a warning that it contained a
security vulnerability. This wasn’t entirely accurate, as the problem wasn’t
with the Snikket app itself but specifically F-Droid’s own build of the app
that was using an outdated version of the WebRTC library.
Like many communication apps, Snikket uses WebRTC for audio and video calls.
We’ve been working on finding a … ⌘ Read more
Snikket: Notes on the F-Droid security warning
Snikket Android users who installed the app via F-Droid may receive a warning
from F-Droid telling them that the app has a vulnerability and that they
“recommend uninstalling immediately”. First of all - don’t panic! This is a
over-simplified generic warning that is scary, but the actual situation is
not quite so scary and has an explanation. Here goes…
When an app is developed and ready for release, it must be compiled and built,
to produce the fina … ⌘ Read more
Prosodical Thoughts: Bringing FASTer authentication to Prosody and XMPP
As our work continues on modernizing XMPP authentication,
we have some more new milestones to share with you. Until now our work has
mostly been focused on internal Prosody improvements, such as the new roles\
and permissions framework. Now we are starting to extend our
work to the actual client-to-server protocol in XMPP.
Prosody and [Snikket](https://snik … ⌘ Read more
JMP: Newsletter: Togethr, SMS-only Ports, Snikket Hosting
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free … ⌘ Read more
Snikket: Server updates for ARM systems
We have a couple of important announcements relevant to people running the
Snikket server software on ARM devices, including Raspberry Pi. Systems using
ARM processors are increasingly popular for self-hosting due to their
increased efficiency, lower cost and minimal energy consumption.
The Snikket January 2022 server release was an
exciting release for us, but some users on ARM-based systems reported some
difficulties upgrading to … ⌘ Read more
JMP: Newsletter: Snikket Hosting, Billing Overage Limits
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Fr … ⌘ Read more
Snikket: November 2021 server release
We’re excited to introduce a new release of the Snikket server! The Snikket
server is an easy-to-install server package that allows you to run your own
private messaging service for family, friends and other small groups.
Since the previous server release, we’ve been focusing our work mainly on the
Snikket apps, especially the first release of our iOS app. We’ve continued
work on the server part of Snikket though, and we’re glad to share a range of
new imp … ⌘ Read more
Snikket: Snikket iOS app now publicly released
This is the announcement many people have been waiting for since the project
began!
Opinions are often strong about which is the best mobile operating system.
However, while it varies by region and demographic, wherever you are it’s very
likely that you have Apple users in your life, even if you don’t use one
yourself. We want to ensure that the platform you use (by choice or otherwise)
is not a barrier to secure and decentralized communication wit … ⌘ Read more
Snikket: Improving Snikket’s usability in collaboration with Simply Secure
One of the primary goals of the Snikket project is improving the usability of
open communication software. We see usability as one of the major barriers to
broader adoption of modern communication systems based on open standards and
free, libre, open-source software. By removing this barrier, we open the door
of secure and decentralized communication freedom to many vulnerable groups
for which it was previously inaccessible or i … ⌘ Read more
Snikket: XMPP Account Portability funded by NGI DAPSI ⌘ Read more…
Snikket: Products vs Protocols: What Signal got right ⌘ Read more…
Snikket: February 2021 server release ⌘ Read more…
Snikket: Sponsoring Group Chat Encryption in Siskin ⌘ https://snikket.org/blog/sponsoring-group-omemo-in-siskin/
#Snikket - a new kid in #XMPP town. https://snikket.org/