freenode news

freenode Community Team

2016-10-18T21:34:00+01:00

Hi,

You might not be aware that freenode has a dedicated community team and that we would be delighted to help your projects get the most from freenode. The freenode community team consists of christel, edk, JonathanD, mquin, Myrtti, nhandler, Swant and tomaw, and we would love to help you spread the word about releases and launches, conferences or events and any other project milestones that may be of interest to our shared communities. We are happy to make announcements on IRC, reshare your social media posts and we would love for you to guest author or co-author a blog post for the freenode website.

If you think this is something that would be useful for your project, please do not hesitate to get in touch with us! You can find us in #freenode-community or drop us a line to community@freenode.net.

Make sure not to miss any interesting news by setting /umode +w (or /mode yournick +w).

Resurrecting Tor, continued

2016-09-18T20:18:00+01:00

Following an embarrassingly long period of no Tor support, we recently blogged about resurrecting Tor.

As of today, Tor users can once more connect to freenode over Tor; the hidden service address is

freenodeok2gncmy.onion

The hidden service requires SASL authentication, as before. In addition, due to the abuse that led Tor access to be disabled in the first place, we have unfortunately had to add another couple of restrictions:

You must log in using SASL's EXTERNAL or ECDSA-NIST256P-CHALLENGE (more below)
If you log out while connected via Tor, you will not be able to log in without reconnecting.

If you haven't set up the requisite SASL authentication, we recommend SASL EXTERNAL. You'll need to generate a client certificate:

openssl req -x509 -sha256 -new -newkey rsa:4096 -days 1000 -nodes -out freenode.pem -keyout freenode.pem

and consult your IRC client's documentation to find out how to use it to connect. Connect to freenode over TLS on the plain Internet and /msg NickServ CERT ADD to authorise it to your account.

You'll then want to tell your client to try the EXTERNAL mechanism. We lack comprehensive documentation for this, but it's a feature in most modern clients—check their docs for instructions for now.

It's currently not possible to register an account for use with Tor without connecting at least once over the Internet. We're investigating our options, and would like to provide a solution to this in the future.

Resurrecting tor-sasl

2016-09-05T16:09:00+01:00

As many of you will no doubt be aware, freenode used to run a Tor hidden service, providing anonymous access to the network. Unfortunately, this had to be disabled due to concerns about abuse.

We regret that it has taken some time to resolve this issue but we are now almost ready to deploy some software updates that will allow us to re-enable the gateway. We've made one important change: password-based SASL authentication is disabled over the Tor gateway, so you'll need to generate a client certificate and add its fingerprint (/msg NickServ CERT ADD) over a regular connection before connecting.

We'd appreciate your help testing this setup on our testnet. Further instructions can be found in #freenode there. (if you already have a certificate set, the hidden service is at ircs://testnet67chdulhs.onion:6697)

Expect the occasional interruption—even if nothing exciting happens, we still have a few configuration things to take care of. The test network may be reset, rolled back, or shut down at any time.

Thanks for your patience, and thank you in advance for helping to bring Tor access back as fast as possible!

Happy Birthday to the World Wide Web

2016-08-06T22:06:00+00:00

25 years ago—On the 6'th of August 1991—the world's first website went live, and it's still there.

In other words, the world wide web is celebrating silver jubilee today.

Imagine where we would've been without it. Would your project exist? Would freenode exist?

On behalf of freenode, I'd like to give all our sponsors a big shoutout, for making freenode possible—read more about who they are on our acknowledgements page.

And lastly we would like to thank you, the people that use freenode, the people who use freenode for your projects, the people that contribute to keeping the internet full of Free and Open Source Software. You are a part of what took the internet this far and a part of what keep it, and a lot of other tech related things, evolving.

Stay with us, it's freenode's porcelain jubilee this year, keep chatting, keep the internet open.

A Reminder

2016-07-18T22:06:00+00:00

Hi all,

In the distant past, freenode fairly frequently sent /wallops about news of conferences, releases or anything else that might be of interest to the FOSS community. We'd quite like to do more of that, so… if you know of anything that might fit the bill, please drop the community team a line at groups@freenode.net or message me (my nickname is e) on IRC (even if the project in question isn't (yet) registered with freenode).

We'd also like to feature a bit more FOSS news on our blog, so if you're itching to write a guest post for us, I'd love to hear about that as well.

Thanks for using freenode! :)

Help protect net neutrality in the EU

2016-07-04T14:58:00+00:00

As many of you no doubt know, the European Union passed legislation last year intended to protect net neutrality. However, it contained significant loopholes which many people believe will allow European ISPs to prioritise paying partners' traffic. Among other things, this is potentially quite scary for FOSS projects—most of which don't have the kind of funding necessary to enter into such arrangements.

If this is something that concerns you, campaigns aimed at convincing BEREC to close the loopholes are running at https://www.savenetneutrality.eu/ and https://savetheinternet.eu/en/.

AFD quiz

2016-04-01T12:00:00+00:00

As a tradition, we would like to invite our users to participate in the annual April Fool's Day quiz.

Good luck and have fun! You can join us in #ircpuzzles for casual conversation.

IyMjIyMjQUZEMjAxNlN0YXJ0

New Website

2016-03-22T23:25:00+00:00

If you are reading this you have most probably already realised that our brand spanking new website is up and running. On behalf of freenode I would like to express heartfelt thanks to dsample, edk, Swant, thefam, emerson and SteinSplitter and boxmein -- not only for the help in designing the new website based on a very fickle and constantly changing spec but also for providing tremendously amusing banter and generally being awesome guys! You did beautifully and it has been an absolute pleasure working with you, I can't wait to do it again sometime (soon!).

Oh, and the new website is hosted with Github Pages.

Recent Events and Future Changes

2016-02-19T13:11:54+00:00

Many of you have been asking questions about the recent rash of high-profile staff resignations, and we feel we owe you all both an explanation and an apology.

First, the explanation: in short, it's become clear over recent months that freenode has lost its way somewhat, when compared to the ideals and goals that we were created with. A growing sense of disillusionment amongst those of us who remember the olden days, when we were far more friendly, approachable and engaged in the communities we were set up to serve, has recently come to a head. Naturally, when some of these people decided they could no longer continue with the way things had become, it was time for us to think long and hard about what had gone wrong and what we should do about it.

And so, to the apology. We're uncomfortably aware that freenode was set up with the strong idea that the projects and communities which use it should be the first, and often the only, priority. We've lost sight of that, and we're sorry. We'll be doing our best, from now on, to get back in touch with the ideals that made freenode such a great place.

This won't be easy for us, as we've got years of bad habits to break, but hopefully you should start seeing some improvements in the coming months. If you see anything that we're not doing that would help your communities, please tell us and we'll try our best to find a way to make it happen. You might see a bit of chaos or inconsistency while we try to find our way around again, but please try to bear with us and we hope you'll see things get better in time.

And finally, because we're conscious that a lack of clarity around our leadership structure has not helped matters, we've decided to set out unambiguously how the staff management structure will work from now on. Our activities and operations will be split roughly into four areas, each with a designated lead.

mist is head of staff, and in charge of day to day network operations and general staff issues.
kloeri is head of infrastructure, in charge of making sure that the network continues to run in a usable fashion and that we have the right hardware and server platforms in place to provide the services we want to.
spb is head of development, in charge of the software platforms that we use to run the network.
christel is head of projects and communities, and also the overall project lead in charge of the other three heads. She'll be trying to make sure that we get back the levels of engagement that we once had with the projects we're here to serve.

These four, together, will take any decisions that affect the future direction of freenode. While they each have their own area of focus, feel free to contact any of us about any issues you may have -- we try to keep an open (virtual) door policy.

The New Policies

2016-02-19T13:11:52+00:00

One of the several problems that's become obvious in recent times is that we have too many policies, they're often not consistent with each other, and we've spent too much time and effort wondering whether something, which is obviously the right thing to do, fits with our published policy. With that in mind, the following stripped-back set of policies will apply in future, with the intention that we can set out a simple set of baselines and apply common sense on top of them.

Nickname ownership

Nicknames are allocated on a first-come, first-served basis, to the first person who registers the name with NickServ. However, we expect users to act in good faith and reserve the right to remove a nickname registration where we believe that this has not been the case. Nickname and account registrations expire ten weeks after they are last used. For nicknames, 'used' means that you were using the nickname while logged in to the account which owns it. For accounts, 'used' means that you logged in to the account, regardless of the nickname you used to do so. Nicknames which are the primary account name only expire when the entire account is expired. In some cases, such as for very old accounts, we may, at our discretion, extend the expiry time of a nickname or account. We will not normally do this beyond 15 weeks past the last use.

Some nicknames and accounts, including but not limited to some of those owned by current or former network staff, do not expire at all. These accounts can be identified by the 'Hold' flag in their NickServ info output.

Nicknames and accounts which are expired will not automatically be dropped. Please contact network staff if you would like to take over an expired nickname.

Channel ownership

Channels on freenode fall into one of two categories. Primary channels, which begin with a single # character, are reserved for on-topic projects. If you'd like to take over one of these channels, then you'll need to be associated in some way with the project in question. Topical, or 'about' channels, begin with two # characters, and these are allocated on a first-come, first-served basis to the first person who registers it with ChanServ. As with nicknames, however, we reserve the right to remove or alter registrations where we believe they have not been made in good faith.

Primary channels do not expire with inactivity, though they can be claimed at any time by a representative of an on-topic project with the appropriate name. Topical channels expire after 60 days in which no user on the access list for the channel has joined it.

On-topic Use

freenode's primary goal is to encourage and foster the development and use of free and open source software projects and other peer-directed communities producing broadly licensed creative output. Any project falling under this broad description is likely to be considered on-topic for the purposes of primary channel naming and other project services which we may provide, but individual decisions may be made at the discretion of staff.

Off-topic Use

We expect all users of the network, whether affiliated with a project or not, to act in good faith and in accordance with both their local laws and those applicable where freenode operates. Use of freenode and its facilities is a privilege, not a right, and may be withdrawn where we believe that this has not been the case.

Services database purge

2015-09-18T08:58:13+00:00

On or around Friday, October 2nd, we shall be cleaning up the services database. This involves the bulk removal of expired nicks, channels and accounts.

Therefore, please remember to identify to services when you connect ( /msg nickserv help identify ) and to use your grouped nicks whilst identified - remember, they all expire separately.

Nicks that are past the expiry threshold of 120 days unidentified on October 2nd will be freed from the database and available for others to register.

If you have a nick grouped to your account that you'd prefer to use as your main nick, you can change your account name - see /msg nickserv help set accountname for information.

Remember you can use sendpass to recover lost passwords - see /msg nickserv help sendpass.

Helping GNOME defend its trademark

2014-11-11T10:49:11+00:00

The GNOME project will be familiar to the vast majority of our users, what you might not be aware of is that the project is currently facing an expensive trademark battle against Groupon with the latter having allegedly chosen to infringe upon GNOME's trademark by launching a product with the same name (a POS "operating system for merchants to run their entire operation").

I am not going to go into the details here, as they have been explained by the GNOME project over at http://www.gnome.org/groupon/ and the GNOME folk are in a much better position than me to provide more detailed information on the matter.

What I am going to do is appeal for your help. The GNOME project is looking to raise $80,000 to cover the legal costs involved in defending their trademark. At the time of writing this post the freenode network has 89,998 connected users. Users who are passionate about FOSS.

If each of us donated just ONE DOLLAR to the GNOME project they would cover the anticipated legal costs AND have some spare change leftover for a pint when the proceedings conclude.

Even if you do not use GNOME, please consider helping them out. This is bigger than just GNOME and I think would be fantastic if the FOSS communities could drum together to support our own.

If you head over to http://www.gnome.org/groupon/ you can make a donation directly via PayPal by clicking on the "Help us by donating today" button.

Update: Due to the controversial nature of PayPal, GNOME is now also offering other ways to donate .

Thank you!

Update #2: According to the Groupon blog and this article over at Engadget Groupon has issued the following statement: "Groupon is a strong and consistent supporter of the open source community, and our developers are active contributors to a number of open source projects. We've been communicating with the Foundation for months to try to come to a mutually satisfactory resolution, including alternative branding options, and we're happy to continue those conversations. Our relationship with the open source community is more important to us than a product name. And if we can't come up with a mutually acceptable solution, we'll be glad to look for another name."

I am assuming that this means that the trademarks filed will be retracted and that the GNOME project can go about business as usual. I am certain they will be releasing a statement with further details before long.

Atheme 7.2 and freenode

2014-11-08T23:18:51+00:00

Hello!

We've begun some testing on Atheme's latest release, 7.2, and we'd like to invite interested users to help with that.

Not all changes the Atheme project has included in their new release will be included in our Atheme upgrade, so here's the bulk of the changes that will actually affect our network:

/msg NickServ DROP will require confirmations from the user similar to the ChanServ variant. This is to prevent people DROPping when they should be GHOSTing or similar.
We've loaded two exttargets:
- $registered to grant flags to all people who are identified to NickServ
- $chanacs to grant flags to people who have flags in another channel. Please read /msg ChanServ HELP FLAGS for details on how they work.
The SASL mechanism DH-BLOWFISH has been removed. People using it can connect via SSL and use PLAIN or upgrade to ECDSA-NIST256P-CHALLENGE. Details of how to do so are here and our SASL page will be updated with the relevant documentation soonish.

You should be able to connect to testnet at testnet.freenode.net Port 9002 for cleartext, and 9003 for SSL. Bear in mind, the database is a couple weeks old, so changes you've recently made on the production network may not be mirrored on the testnet network. Various amounts of staff should be idling in #freenode on testnet at all times, please feel free to poke us with any questions.

Thanks!

User-enabled sendpass

2014-10-29T21:20:17+00:00

As a network, we feel it is hugely important to maintain close relationships with our many communities and users. Our interactions with users in #freenode and elsewhere on the network, fielding support requests and assisting users, help build and maintain these relationships.

But we're constantly looking for things to change and make better, and one of the pieces of feedback we've had is that users would like a little automation - and the ability to be able to resolve some of their own support requests.

We recognise that allowing users to generate their own password reset e-mails brings us in line with other registration systems online and may provide a higher quality of service.

So for now, if you are having difficulties accessing your account, you can generate your own password reset e-mail using the following command:

/msg NickServ SENDPASS <account>

This command will only work with an offline account (i.e. it won't work if a client is logged into your account via NickServ), and should obviously only be used on an account that you believe is yours.

We will be keeping an eye on how this feature is used, and may retain it permanently if it proves to be helpful and non-harmful!

Server Issues: Update

2014-10-15T21:27:44+00:00

Following up on our previous blog post, we have continued to investigate the compromise of freenode infrastructure, aided by our sponsors in addition to experts in the field.

NCC Group's Cyber Defence Operations team kindly provided pro bono digital forensic and reverse engineering services to assist our infrastructure team and have recently published a report with some of their findings:

https://www.nccgroup.com/en/blog/2014/10/analysis-of-the-linux-backdoor-used-in-freenode-irc-network-compromise/

NCC's support has been invaluable in aiding us in further securing our infrastructure, and we have already made significant changes to ensure that it is more resilient against further attacks. Our investigation into the compromise is ongoing and we will provide further updates as appropriate.

In the mean time, if you haven't updated your password, we would advise you do so as some traffic may have been sniffed. Simply "/msg nickserv set password newpasshere" and don't forget to update your client's saved password.

Whilst we endeavour to provide a robust service, it is worth bearing in mind that no computer system is ever perfectly secure and many are inevitably breached. For this reason we do not suggest relying entirely on freenode (or any infrastructure) to protect sensitive data, and encourage our users to take further steps (e.g. unique passwords per service, encryption) as part of a defence in depth strategy to safeguard it.

We are extremely grateful to NCC in addition to our many other sponsors for their assistance and continued support. Without the ongoing support of our generous sponsors and wonderful infrastructure team, freenode would quite literally not have a network!

We will be continuing to work with our sponsors in addition to other relevant authorities regarding this breach and any further incidents.