[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Security Analysis of Instant Messenger TorChat

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Security Analysis of Instant Messenger TorChat
From: Blake Hadley <moosehadley@xxxxxxxxx>
Date: Fri, 13 May 2016 15:43:25 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 13 May 2016 15:44:00 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=6540n8Lyh76V+XcIfE6EcWI5Yy7obZGPU0okWMpxzUc=; b=Yt/tKbbEsQgvulvcKDPt8BT8IhYK90VkfDDKpC+ZMaX8a63HMIwYVrDo9FGwngEBmj 8EmxPVCkmZ2TJZb9FpLrcr1ExOvdRHPa87gCFZk5sWmocZIkJb84Ni4TExZ+XYjIukRG 08dALssH8xj9U1q6fNVmDIrWODp6flTBKiye7pO2yrXFAr73Fw+cOkPdkJII6ARC/taN uh+yZ7JHDt7bOjV4aQLJAmAcps7o78XL+EzYxT+VnYHqVpV7pIhKKtg8cWA8UUrDOtZG z0xBjA0Rcm+e9Cyd0S1rX7On21VCvQ0qdh+H/6J4jPKlXZwJ6YQpqtyklI6wHefqXyIJ FqIQ==
In-reply-to: <4771e7c2-18e6-02ba-9750-b141084fa078@xxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <57333AF1.30203@xxxxx> <4771e7c2-18e6-02ba-9750-b141084fa078@xxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.0

On 5/13/16 3:39 PM, me@xxxxxxxxxxxx wrote:

> "TorChat  processes  contact  requests  and  updates  the  contact
> list  without asking  the  user's  consent." "An  attacker  can
> exploit  this  to add arbitrary contacts to the victim's contact list.
> . ." OMG, does any IM client allow this?
I think a few did back in the late 1990's
Today, that sort of thing is kinda insane.

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Security Analysis of Instant Messenger TorChat
  - From: Arnis
- Re: [tor-talk] Security Analysis of Instant Messenger TorChat
  - From: me

Prev by Author: Re: [tor-talk] Pluggable Transports and DPI
Next by Author: Re: [tor-talk] fwd: FBI Is Pushing Back Against Judge's Order to Reveal Tor Browser Exploit
Previous by thread: Re: [tor-talk] Security Analysis of Instant Messenger TorChat
Next by thread: [tor-talk] ProtonMail
Index(es):
- Author
- Thread