I'd like to make an xmpp account -- where should I do it?

17 replies [Last post]
muhammed
Offline
Joined: 04/13/2013

Most peoples' first choice seems to be jabber.org. I guess that's because they were the first. But their registration site is down at the moment.

Can you recommend a place to make an account?

I may want to use xmpp for audio/video calls later, so a site that supports that feature would be great. I also care about privacy, so it would be nice if the site respects privacy as well.

lloydsmart

I am a member!

Offline
Joined: 12/22/2012

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>Can you recommend a place to make an account?

Locally. This would be the most secure. Here's a list of servers, along with their licenses:

http://xmpp.org/xmpp-software/servers/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iF4EAREIAAYFAlHkIJsACgkQgijxUCZnvluwrQD+Med/rv/q3gFhYzyO2o6fE9hy
u+qzi5vwq2RKzdxsYNsBAK5t5OTRMzhTbqmlGLwrkwnuFxMZltzncKBmrSMBwEj0
=RA28
-----END PGP SIGNATURE-----

stefano
Offline
Joined: 10/14/2011

On Mon, Jul 15, 2013 at 4:58 PM, <name at domain> wrote:
> Most peoples' first choice seems to be jabber.org. I guess that's because
> they were the first. But their registration site is down at the moment.
>
> Can you recommend a place to make an account?
>
> I may want to use xmpp for audio/video calls later, so a site that supports
> that feature would be great. I also care about privacy, so it would be nice
> if the site respects privacy as well.

Jabber.org is based on the US and must comply with the US
jurisdiction. Also, you traffic will likely go through the US.

I'd advise to use a European-based server to mitigate the privacy issue.

jabber.at seems a good one, but there are many others[1].

If you feel brave enough, you could set up your own jabber server[2].
I have done so using jabberd14 (even though ejabberd seems more
popular) and plan to add a wiki page here sooner or later.

Best,

--
Stefano

[1] http://xmpp.org/xmpp-software/servers
[2] http://xmpp.net/

ADFENO
Offline
Joined: 12/31/2012

You can use Riseup.net.

Besides getting a XMPP account, you get an email address. I can't confirm if it has voice or video calls because I haven't tested these functionalities yet. Also, Riseup.net respects your privacy.

The registration process can be done using two ways:

- Asking for two of your dearest friends (which use Riseup.net) to send you an invitation code from each one of them, and using the invitation codes to create an account, which will be activated instantly.

- Registering by normal means, and answering the last question of the registration process, which I can't tell you. Then, waiting for your account to be activated.

Best regards, ADFENO.
Have a nice day.

Jodiendo
Offline
Joined: 01/09/2013

I actually did apply for an e-mail account with them, and they did grant me one. It is true, I could confirm, they do encrypt messages, I send an e-mail to my dad and he told "i CANT READ WHAT YOU WROTE IS ALL GARBLE"

ADFENO
Offline
Joined: 12/31/2012

Sorry... Uh... Perhaps your email client was configured to automaticly encrypt your messages. I sent test emails to my mother's email address, and she read all of them in another computer with no problems,

I even sent an email to a Russian, and she also read it with no problems.

Best regards, ADFENO.
Have a nice day.

aloniv

I am a translator!

Offline
Joined: 01/11/2011

Lavabit also provides an XMPP account when you register an email account.

icarolongo
Offline
Joined: 03/26/2011

https://jappix.com/
http://jappix.net/

---

In the my user page at Libreplanet have some free software services:
http://libreplanet.org/wiki/User:Icaro

You can see the prism-break.org also.

t3g
t3g
Offline
Joined: 05/15/2011
Magic Banana

I am a member!

Offline
Joined: 07/24/2010

Become a Trisquel member and have with it an account on its XMPP domain (member.trisquel.info)!

GNUser
Offline
Joined: 07/17/2013

Well, pretty much what everyone has said.

You can wait for Jabber.org to have their servers back online.
You can become a member of Trisquel which will give you (among other things) an XMPP account.
You can use Riseup.
YOu can use lavabit and have both email and xmpp.

From my personal experience, Lavabit is a good, simple, choice if you will be making a decent use of it. So, I suggest you use Lavabit (start with free account and if you like it, you can use a padi account which is excellent!)

muhammed
Offline
Joined: 04/13/2013

Thanks guys. I decided on jabber.at. I don't have friends on xmpp at the moment, so it's kind of lonely! I'll ask a few friends to try it out. If anyone wants to add me, my username is toronto

muhammed
Offline
Joined: 04/13/2013

So ... I just read this:

"Ejabberd currently stores passwords in plain text in its database. This means that anyone who compromises the server would be able to get the password for your account."

https://jabber.at/en/passwords-0

lembas
Offline
Joined: 05/13/2010

>So ... I just read this:

What that basically means is you should use unique passwords for each site. When a site gets compromised, they cannot use your stolen credentials to access your other accounts on other services.

muhammed
Offline
Joined: 04/13/2013

Could anyone compromise the site? Will the compromiser be able to log into my account and see who my friends are?

I only have two xmpp buddies right now so it's not that big a deal. Unless the hacker impersonates me.

But it doesn't cost anything to care about privacy in principle. And I'd like to take reasonable steps to support the principle.

stefano
Offline
Joined: 10/14/2011

On Sat, 20 Jul 2013 18:00:27 +0200 (CEST), you wrote:
>So ... I just read this:
>
>"Ejabberd currently stores passwords in plain text in its database. This
>means that anyone who compromises the server would be able to get the
>password for your account."
>
>https://jabber.at/en/passwords-0
>
>

That is a XMPP design choice and there isn't much we can do about it. The
server administrators can do nothing about it. Any other service using ejabberd
or jabberd2 is going to store the passwords in plain text.

As it's already been suggested, use a unique password for that account so that
if things go wrong an intruder won't be able to access other accounts tied to
you.

If you are using pidgin, please be aware that the application stores your
passwords in plain text as well. You can find them in your home directory
under .purple/accounts.xml
You can read more about it on the pidgin developer wiki[1]. I don't know about
telepathy or other software.

Best,

--
Stefano

Fortune of the day: "You will not be elected to public office this year."

[1] https://developer.pidgin.im/wiki/PlainTextPasswords

Dave_Hunt

I am a member!

Offline
Joined: 09/19/2011

I just added name at domain to my xmpp group; am name at domain.
I've done voice and text xmpp chats with pidgin; empathy should work,
too.

muhammed
Offline
Joined: 04/13/2013

Thanks for the add Dave; it's good to meet you