Presented by

  • Amolith

    Amolith
    https://secluded.site

    Amolith is a musician, developer, and sysadmin. He works with MBOA.dev on products like JMP.chat, co-hosts the Linux Dev Time (linuxdevtime.com) and Linux Lads (linuxlads.com) podcasts, runs NixNet (nixnet.services), and blogs on secluded.site.

Abstract

In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targetting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. This talk covers the basics of MITM attacks in general, some specifics of the attack against Jabber.ru, and a very effective mitigation strategy for admins to implement and both admins and users to monitor. This talk assumes little prior knowledge beyond “XMPP is an open and extensible communication protocol that facilitates messaging, calling, and more”.