Who are the end users of xmpp.ru and jabber.ru? Are they hoping to pick up traffic between Russian soldiers? Spies? I hate mass surveillance as much as the next guy but why target Russian domains specifically?
replies(2):
I think the more likely scenario is that someone was to catch carders/botnet operators, since Jabber/XMPP is still very popular amongst people in that scene in Russia; you'll see often see screenshots or logs containing @exploit.in, @jabber.ru, and various other servers pretty much in any Krebs on Security article, for example.
That said, I think mass-surveillance is usually pretty gross regardless of intent.
I don't know what the exact ratio of criminal to non-criminal usage of either server is, but just like how Tor simultaneously has a ton of obviously illegal content mixed with whatever percentage of legitimate use [1], they presumably still do have a fair amount of totally normal conversations going on. And so I'm not an exactly a huge fan of invading privacy in order to spy on random cybercriminals likely far out of your jurisdiction in countries unwilling to extradite in the first place.
And while I understand if Hetzner was forced to comply, unless they wanted to become another Lavabit, as someone who recommends them often, it'll still be a little disappointing, IMO, if it turns out they were aware and allowed or assisted in the MitM attack, because otherwise, I think they're one of the best hosting companies.
Their transparency is great. And I get better uptime, reliability, and support than the overwhelming majority of cloud providers without selling my organs to afford it. And their effort put into turning environmentally-friendly design choices into economically smart choices is commendable.
The "reduce" in reduce > reuse > recycle can be seen in their KISS designs—like the raised, angled roof, allowing natural heat escape rather than loads of HVAC [2]; server chassises that are more bare-minimum structural support and air-shrouds than actual chassises; and stripped-down standard motherboard designs with only the most minimal changes, like 90-degree rotated sockets to allow a single fan to cool the VRM, CPU, and memory [3], rather than a dozen screaming, power-slurping Delta fans for every server.
And their knowledge of "reuse" is evident by their server auctions, where they do Dutch-auction-style rentals of legacy hardware rather than scrapping everything, avoiding spending a load on new hardware while also avoiding the environmental cost associated with manufacturing new everything each generation.
I'd love to be able use them more if only they had dedicated servers outside of Europe.
[1]: "legitimate" is hard to define anyway; one country's journalist is another's "foreign agent", and one country's "freedom fighter" is another's "terrorist".
[2]: Der8auer: Over 200,000 Servers in One Place! Visiting Hetzner in Falkenstein - https://youtu.be/5eo8nz_niiM?t=259
[3]: Der8auer: Hetzner shows Special AM5 Board with 90° Rotated Socket - https://youtu.be/V2P8mjWRqpk
The Ukrainian military has been using Discord, so it's not totally unimaginable. Are these domains administered by Russians? IMO it would be pretty naive for Russians to be hosting comm servers in NATO datacenters right now. Perhaps related: I interviewed for a job recently where the hiring manager was a Russian immigrant. He was telling me I should go visit St. Petersburg and didn't seem to understand that is not an option at the moment. I was flattered by the suggestion of course and it is a nice reminder that regular people are typically tolerant, but also confused. Do people not understand the severity of the situation or is this behavior of acting like it is business as usual a coping mechanism?