We're rolling out two targeted hotfixes today that enhance the security framework of our TI-Messenger products. These updates address room encryption and access control, ensuring better protection for your communication spaces.
What's New
TI-Messenger ePA: Encrypted Rooms by Default
We've implemented requirement A_26015-02, which prevents the creation of unencrypted rooms in TI-Messenger ePA.
What this means for you:
The client will no longer allow users to configure rooms with the following settings:
- Join Rules set to "public" or "knock"
- History Visibility set to "world_readable"
- Room Directory Visibility set to "public"
- Encryption disabled
This ensures that all communication remains encrypted and access-controlled from the start. Your existing private rooms continue to work exactly as before.
TI-Messenger Pro: Protecting Legacy Public Rooms
With requirement A_28755, we're adding an additional safety layer for any historical public rooms that might exist.
How it works:
If a room has the "public" join rule without federation being explicitly disabled (m.federate=false), the TI-M Federation Service now restricts room access to users whose accounts are on the same homeserver where the room was originally created.
This prevents unauthorized external access while maintaining functionality for legitimate users on the same server.
Version Status
Both hotfixes are being released with "valid" status and replace their respective predecessor versions, which are now marked as "deprecated".