Earlier today the freenode infra team noticed an anomaly on a single IRC server. We have since identified that this was indicative of the server being compromised by an unknown third party. We immediately started an investigation to map the extent of the problem and located similar issues with several other machines and have taken those offline. For now, since network traffic may have been sniffed, we recommend that everyone change their NickServ password as a precaution.
Before changing your password, please check your email address in /msg nickserv info and, if needed, update it – see /msg nickserv help set email (remember to check your new email for the verification key). This will ensure that we can send you a password reset email should, for whatever reason, your password change not work properly. If you have no email set on your account or an email set that you cannot access, we cannot send password resets to you, so do please keep this up-to-date.
To change your password use /msg nickserv set password newpasshere
Since traffic may have been sniffed, you may also wish to consider any channel keys or similar secret information exchanged over the network.
We’ll issue more updates as WALLOPS and via social media!
The planned services upgrade and database prune went ahead today as planned and has completed successfully. Approximately 300000 nicks were removed from the database, and we’ve moved to Atheme 7, so hopefully response times from services should be improved, with less of the lag that was sometimes noticeable before.
In addition, certificate based authentication is now available. We’ll hopefully get the docs for this up online shortly.
Our group registration system has been around for some time, in various guises. Over that time, our small but dedicated team of staff has attempted to keep up with demand for groups. Unfortunately, in the early years of GRF, this generated a substantial backlog of processing, since the system was very manual, a lot of data was processed (restricting the staff who had access) and each group can take some time to properly investigate. To address this issue, we’ve tried a number of alternatives, such as priority group emails, and, lately, a streamlined group registration system known as “grf-f”.
For various reasons, these replacements haven’t worked quite how we’d want or need them to in order to achieve our objective of registering groups in a timely fashion. Meanwhile, development of GMS, our automated replacement GRF system, continues.
For these reasons, we have taken the decision to temporarily close the group registration system.
What this means is that –
- No new group registrations will be accepted from this point onwards, until further notice.
- Outstanding grf-f applications already in the queue will be processed in due course.
- Outstanding “old style” GRF applications will *not* be processed (most of the applications in this set are very old now, and the people who submitted them should have seen at least one reminder to refile under grf-f)
- All existing registered groups are unaffected and continue as normal.
Please bear with us whilst we work on where we want to go next with this system. Meanwhile, if there are channels currently owned by freenode-staff that your project could make use of, please contact a staffer to see if (provisional) op rights can be granted to your account. (These would likely be done on a somewhat temporary basis, until such time as registration re-opens.) Note also that this is *only* to gain ops on channels, *not* for obtaining group cloaks.
As always, thanks for flying freenode!
The long-awaited upgrade of services which we blogged about a while ago is now planned for this coming weekend, the 16th/17th June.
We anticipate up to an hour of services outage for this upgrade and prune to take place. We will notify the connected users closer to the time through the use of WALLOPS and/or globals, but please do plan ahead accordingly for a period of services unavailability.
We will be moving to Atheme 7, so, amongst other improvements, this will see the introduction of certificate-based authentication to services.
To use certificate based authentication, you would need firstly to generate a certificate, then add the certificate to your client, then tell nickserv about your certificate fingerprint. We’ll explain more about this in a future blog entry or on the freenode website in the near future.
We’ve been working on improving the environment in #defocus for a while now. We think we’re on the right track with opening up channel moderation to more than @freenode/staff/ but we need your help to get to where we want to be.
So this is a call out to those who think that they might be able to work with us to improve #defocus further. If you think you have what it takes to be a #defocus channel operator, or simply have some ideas that you want to share as to how the existing or new team can improve things, please /join #defocus-focus where you can state your desire to be considered for the team, or share your ideas, or both!
(Don’t worry if you’re the first one there, either, someone has to be!)
Hope to see you there.