#MatrixDown: So, is the main issue of #Matrix too many users using the main instance, a condition actively pushed by #Vector, creating half-centralized ecosystem?
Is it the issue that #Matrix servers are a overly complex and resource hungry systems, which are hard to administrate and even harder to troubleshoot? 🤔
Or is it a combination of these problems? Hmmm. 👀
@matrix good luck on the remediation actions 🫡
Matrix.org just announced they are back once more:
https://twitter.com/matrixdotorg/status/1116616382584475648
Let's hope things stay up as they are. There are definitely some new challenges to tackle, which came up in their issue tracker:
https://github.com/matrix-org/matrix.org/issues
Let's see if they got really rid of the attacker 🤞
Too early to be happy, seems like the attacker found their way in and is still around on Matrix's infrastructure.
The attack has proven themselves to have shell access on their synapse instance, which is definitely bad. It means that all user accounts are compromised and have to be reset.
https://twitter.com/matrixdotorg/status/1116593380102852608
There will go a lot of efforts into figuring out the details and fixing the vulnerability.
Meanwhile, send some love to the people behind matrix!
The homeservers are back up 🎉
It seems like they are missing some pictures right now, I guess those will come back later.
Make sure you change your password (and NickServ passwords) and happy chatting!
See you around 👋
Matrix is coming back up! One of the first things happening was writing a new blog post about the incident which you can find here:
https://matrix.org/blog/2019/04/11/security-incident/
TL;DR: Some outdated software was discovered and cracked by an attack which then had access to various data points.
Important: Change your password ASAP (including NickServ when you used the IRC bridges)
Hint: The homeserver is not back up yet.
Seems like Matrix.org is getting ready to come back!
When #Matrix comes back online, or even before, anyone using matrix.org as a homeserver should strongly consider switching to another instance (https://www.hello-matrix.net/public_servers.php) or starting their own.
The de facto centralization of Matrix is what's preventing you from chatting now. Promote the decentralization and federation that worked well for the Mastodon fediverse by leaving matrix.org.
If you wonder where the CodiMD community channel went, here is a short text explaining it:
https://community.codimd.org/t/community-chat-down/26
TL;DR: Matrix.org is rebuilding their infrastructure from scratch after a security incident.
As you may notice, are the usual links to our Community channel down. The good news: Since Matrix is federated the channel isn’t really down, because it continues to run on other servers. The bad news: Since Matrix.org is the major server of the entire Matrix universe the majority of users went down with their infrastructure. So far I can say that there was a security incident happening on the Matrix infrastructure and they are currently reconstructing the entire infrastructure from scratch, a...
@matrix Turns out that there was a successful compromise of the Matrix infrastructure happening.
Details from Matrix on Twitter: https://twitter.com/matrixdotorg/status/1116388572922302466
You may ask how that could happen, but more important: It didn't stay unnoticed and that's a good sign.
“In terms of the incident itself, we will publish an update shortly. Summary is: an attacker accessed the production infra that runs https://t.co/vidAnPoIo2, hence the rebuild. Source code & packages are unaffected. We do not think user data was targeted, but are playing it safe.”
CryptGoat
Solinvictus 
Sheogorath
Jonah 