[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TorChat is a security hazard (Answer)



Hi!

On 15:03 Sun 12 Dec     , Bernd Kreuss wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> [sorry for eventual double post, gmail replied to the sender instead of
> the list]
> 
> On Dec 12, 2010 8:26am, Michael Blizek
> <michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> 
> > proof. Suppose you have 3 peers A, B and C. B wants to impersonate A:
> 
> > A wants to establish a connection to B
> 
> This is where your example fails. A *can* not accidentally try to
> connect B instead of C.

I meant that A will connect intentionally to B, e.g. A wants to talk to B. B
can then send messages to C which seem to came from A. However, C will talk
back directly to A and the manipulation will most likely be detected...

	-Michi
-- 
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/