TorChat is a security hazard (Answer)
Michael Blizek
michi1 at michaelblizek.twilightparadox.com
Sun Dec 12 18:20:46 UTC 2010
Hi!
On 15:03 Sun 12 Dec , Bernd Kreuss wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> [sorry for eventual double post, gmail replied to the sender instead of
> the list]
>
> On Dec 12, 2010 8:26am, Michael Blizek
> <michi1 at michaelblizek.twilightparadox.com> wrote:
>
> > proof. Suppose you have 3 peers A, B and C. B wants to impersonate A:
>
> > A wants to establish a connection to B
>
> This is where your example fails. A *can* not accidentally try to
> connect B instead of C.
I meant that A will connect intentionally to B, e.g. A wants to talk to B. B
can then send messages to C which seem to came from A. However, C will talk
back directly to A and the manipulation will most likely be detected...
-Michi
--
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list