this post was submitted on 21 Oct 2023
6 points (100.0% liked)
XMPP
316 readers
1 users here now
XMPP (aka Jabber) is the community-owned standard for real-time federated messaging.
JoinJabber.org admin support chat
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
A TTL of 64 supeficially suggests to me that the attack occurred on the server / in the hosting location. Network hardware is supposed to decrease it on every hop, is it not?
Seems to support a hypothesis that the attack occurred at the hosting location.
Too bad they didn't discover how the forged certificate was obtained.
My guess, since those were .ru domains and that's a hot topic: spooks from three letter agencies spooking around. Either Russian agencies trying to catch dissidents or other agencies trying to catch someone working for Russian agencies.
I don't think they forged certifs, they obtained valid ones because they controlled the machine behind the IP?
Apparently that server was widely for "dark market" sort of things. Isn't a "simple" police investigation more likely?
Perhaps indeed.