Jabber.org Update
For anyone that might be interested, here is the latest news:
The machine (hades.jabber.org) was cracked approximately one year ago
by means of an automated rootkit. Based on the evidence of the initial
investigation by the admin team for this machine, the rootkit was not
used to view or modify any files. Furthermore, we have found no
evidence of instrusion into the other machines that are part of the
jabber.org infrastructure (e.g., the production jabber server or the
mailing list server).
The affected machine has been rebuilt and fully locked down, and access
has been restricted to a handful of admins, who are actively working
on the transition to new server machines that the Jabber Software
Foundation purchased recently.
Developers who use JabberStudio for their projects MUST follow the
instructions posted at http://www.jabberstudio.org/ in order to validate
their code. Only validated code will be restored to JabberStudio! If you
have questions about the JabberStudio service, please direct them to
Thomas Muldowney (a.k.a. temas).
I am working to restore the complete www.jabber.org website, and will do
so as soon as I am comfortable with the security profile of the website
code. Hopefully that will happen by the end of this week, but security
is a higher priority than speed at this point.
