[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Re: TorChat is a security hazard (Answer)



On Dec 12, 2010 7:20pm, Michael Blizek <michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

> I meant that A will connect intentionally to B, e.g. A wants to talk to B. B
> can then send messages to C which seem to came from A. However, C will talk
> back directly to A and the manipulation will most likely be detected...

I have committed a patch that will explicitly check for your scenario
and immediately discard the wrong pong message. The result is that
this type of attack now shouldn't have any effect on the proper operation
of A and the connection between A and C anymore.

I also fixed a possible attack regarding the sending of pong (or other)
messages over the victim's outgoing connection. It will now only accept
file* messages on the outgoing connection (files are always sent on the
other conection to enable chatting during file transfer) and file transfer
requires a fully completed handshake anyways.

I don't have any windows build based on this yet, I'm still fighting with
py2exe and the Python-2.7 SxS-msvcr90-dll-manifest-hell (dll-hell v2.0).

Bernd