From ian at cypherpunks.ca Wed Jun 1 14:41:12 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 1 Jun 2005 14:41:12 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050519195558.GT1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> Message-ID: <20050601184112.GJ1071@smtp.paip.net> Based on some comments here, how about this as a second strawman proposal: Instead of two modes (Private / Not private), there are now three: 1. Not private (red) 2. Unverified (yellow) 3. Private (green) [I'm not sure I like the actual choice of words here; suggestions are of course welcome.] The colours listed would be integrated into the conversation window OTR button somewhere. New fingerprints would cause gaim to automatically go from red to yellow. It will display a dialog saying that a new fingerprint was presented for the given user. When OTR communication is established, a message is written to the conversation window, saying so (and indicating if the fingerprint is verified or not), but not listing the fingerprint or the session id. Right-clicking on the OTR button produces a context menu which allows you to bring up a dialog containing the fingerprint and session id. This dialog also has a mechanism for indicating that you have verified the fingerprint (and, I suppose, a way to undo that indication). Once you've verified a fingerprint, gaim will go green, and future conversations with this fingerprint will automatically go green. What do people think of that? There's no more "require manual verification" option, because the people who would check that would just treat yellow as "not private", and others (probably most people) would treat yellow as "private". There's no more popup dialog for "private communication estabished", because it's better to put it in the conversation window anyway. Questions, comments, radical doubts? - Ian From rguerra at lists.privaterra.org Wed Jun 1 15:10:41 2005 From: rguerra at lists.privaterra.org (Robert Guerra) Date: Wed, 1 Jun 2005 15:10:41 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050601184112.GJ1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> Message-ID: <69E17540-16FF-4D22-B934-DF4FFDF00B6D@lists.privaterra.org> proposal seems ok. On 1-Jun-05, at 2:41 PM, Ian Goldberg wrote: > Based on some comments here, how about this as a second strawman > proposal: > > Instead of two modes (Private / Not private), there are now three: > > 1. Not private (red) > 2. Unverified (yellow) > 3. Private (green) > > -- ------------------------ [ SECURITY NOTICE ] ------------------------ To: otr-users at lists.cypherpunks.ca, ian at cypherpunks.ca. For your security, rguerra at lists.privaterra.org digitally signed this message on 01 June 2005 at 19:10:45 UTC. Verify this digital signature at http://www.ciphire.com/verify. ------------------- [ CIPHIRE DIGITAL SIGNATURE ] ------------------- Q2lwaGlyZSBTaWcuAVdvdHItdXNlcnNAbGlzdHMuY3lwaGVycHVua3MuY2EsIGlhbkBje XBoZXJwdW5rcy5jYQByZ3VlcnJhQGxpc3RzLnByaXZhdGVycmEub3JnAGVtYWlsIGJvZH kA6QAAAHwAfAAAAAEAAAA1CJ5C6QAAAIMCAAIAAgACACD9RZWDgmpFLMs4lek8uB2pLZp yny7u7fTq6V7Wk2gllgEAIAs7VyCEuxGMnVNhM6ZeRYST1cct7e7XRUp6ZP2Pu+iKk4gQ s7L+xRWSWVT0V7E1h8/9QlL/nCnYeIwINU+PKPKWXyuAU2lnRW5k --------------------- [ END DIGITAL SIGNATURE ] --------------------- From aldert at rotz.org Wed Jun 1 15:59:46 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Wed, 01 Jun 2005 21:59:46 +0200 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050601184112.GJ1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> Message-ID: <429E13B2.20403@rotz.org> Ian Goldberg wrote: > Based on some comments here, how about this as a second strawman > proposal: > > Instead of two modes (Private / Not private), there are now three: > > 1. Not private (red) > 2. Unverified (yellow) > 3. Private (green) > > [I'm not sure I like the actual choice of words here; suggestions are of > course welcome.] > The wording as stated above is exactly what I have 'difficulties' with. Also the proposed color layout does not make me 'happy'. I am not a native English speaker but I would prefer it like this : 1. Not private 2. Private 3. Verified Private The rationale is that Unverified does not give a 'safe' feeling while it is an established secure OTR connection. For the color layout I have 2 ideas : Or : 1. Red 2. Light Green 3. Dark Green Or (I don't know it this is possible but has my preference) 1. Red 2. Green 3. Green with an say Black symbol 'in' the green area like a check in a checkbox (like in http://registration-net.com/checkbox.gif) The rationale is that Yellow does not give a 'safe' feeling while it is an established secure OTR connection. Aldert. From jcohen07 at brandeis.edu Wed Jun 1 16:11:44 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Wed, 01 Jun 2005 16:11:44 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <429E13B2.20403@rotz.org> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <429E13B2.20403@rotz.org> Message-ID: <429E1680.5000604@brandeis.edu> Aldert J.B.P. Hazenberg wrote: >Ian Goldberg wrote: > > >>Based on some comments here, how about this as a second strawman >>proposal: >> >>Instead of two modes (Private / Not private), there are now three: >> >>1. Not private (red) >>2. Unverified (yellow) >>3. Private (green) >> >>[I'm not sure I like the actual choice of words here; suggestions are of >>course welcome.] >> >> >> > >The wording as stated above is exactly what I have 'difficulties' with. >Also the proposed color layout does not make me 'happy'. > >I am not a native English speaker but I would prefer it like this : > >1. Not private >2. Private >3. Verified Private > >The rationale is that Unverified does not give a 'safe' feeling while it >is an established secure OTR connection. > >For the color layout I have 2 ideas : > >Or : > >1. Red >2. Light Green >3. Dark Green > >Or (I don't know it this is possible but has my preference) > >1. Red >2. Green >3. Green with an say Black symbol 'in' the green area like a check in a > checkbox (like in http://registration-net.com/checkbox.gif) > >The rationale is that Yellow does not give a 'safe' feeling while it is >an established secure OTR connection. > >Aldert. >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > > Yellow shouldn't give a safe feeling. Encryption without authentication is useless. While the conversation is protected from sniffing by third parties, you have no assurance that the individual you are speaking to is who he says he is. In this case, your only assurance that you are speaking to the correct individual is the username/password on the IM account. If you verify the fingerprint through an out of bounds method of authentication such as via telephone, security is increased because only the individual with that key will be able to have a private conversation with you. Now a person would need both the password to the IM account and the private key to initiate a conversation. Jason Cohen From aldert at rotz.org Wed Jun 1 17:14:47 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Wed, 01 Jun 2005 23:14:47 +0200 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <429E1680.5000604@brandeis.edu> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <429E13B2.20403@rotz.org> <429E1680.5000604@brandeis.edu> Message-ID: <429E2547.6030604@rotz.org> Jason Cohen wrote: > Aldert J.B.P. Hazenberg wrote: > > >>Ian Goldberg wrote: >> >> >> >>>Based on some comments here, how about this as a second strawman >>>proposal: >>> >>>Instead of two modes (Private / Not private), there are now three: >>> >>>1. Not private (red) >>>2. Unverified (yellow) >>>3. Private (green) >>> >>>[I'm not sure I like the actual choice of words here; suggestions are of >>>course welcome.] >>> >>> >>> >> >>The wording as stated above is exactly what I have 'difficulties' with. >>Also the proposed color layout does not make me 'happy'. >> >>I am not a native English speaker but I would prefer it like this : >> >>1. Not private >>2. Private >>3. Verified Private >> >>The rationale is that Unverified does not give a 'safe' feeling while it >>is an established secure OTR connection. >> >>For the color layout I have 2 ideas : >> >>Or : >> >>1. Red >>2. Light Green >>3. Dark Green >> >>Or (I don't know it this is possible but has my preference) >> >>1. Red >>2. Green >>3. Green with an say Black symbol 'in' the green area like a check in a >> checkbox (like in http://registration-net.com/checkbox.gif) >> >>The rationale is that Yellow does not give a 'safe' feeling while it is >>an established secure OTR connection. >> >>Aldert. >>_______________________________________________ >>OTR-users mailing list >>OTR-users at lists.cypherpunks.ca >>http://lists.cypherpunks.ca/mailman/listinfo/otr-users >> >> >> > > Yellow shouldn't give a safe feeling. Encryption without authentication > is useless. While the conversation is protected from sniffing by third > parties, you have no assurance that the individual you are speaking to > is who he says he is. In this case, your only assurance that you are > speaking to the correct individual is the username/password on the IM > account. > > If you verify the fingerprint through an out of bounds method of > authentication such as via telephone, security is increased because only > the individual with that key will be able to have a private conversation > with you. Now a person would need both the password to the IM account > and the private key to initiate a conversation. > This does not conflict with what I try to say. Yes, I understand we need to educate people to check things like fingerprints and develop a new way of thinking re. security. But what I try to say here is : Yellow does not radiate the message we should. Yellow is in most countries the color before red not before green. (traffic lights) And remember we try to bring encryption to the masses here. It is not just an accident why PGP/GPG did not get used till something like the Enigmail plugin for Firefox came about and even with this plugin it is still seen as way to complicated for many. I think with 2 shades of green or green and a more positive green and appropiate wording you get more user understanding. (mind share). Aldert. From gdt at ir.bbn.com Thu Jun 2 08:41:24 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 02 Jun 2005 08:41:24 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050601184112.GJ1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> Message-ID: 1. Not private (red) 2. Unverified (yellow) 3. Private (green) I share the concern about wording, but I object to the notion that 2 (doing OTR, unverified fingerprint) is a shade of green. Color is awkward due to b&w displays (I'll need to fire up my Sparcstation ELC which is 1152x900x 1bit...), and accessibility issues. So perceiving of color should not be required for the UI to function - I think you are proposing having text and color simultaneously so it works without color. How about 1. Unencrypted 2. Encrypted/unverified 3. Private I think the color choices are fine. Besides the stoplight (and I see the concern about the expectation of going from yellow to red), other well-known color codes are Cooper's color code of awarenessand of course in the US the DHS terrorist threat alert level. So the intended connotations of red = not ok, yellow = iffy, green = ok seem fine. In practice, I suspect people accept the fingerprint once without really checking, but after using it for a while the odds that Mallory could be MITMing every single time seem lower (but I admit that's fuzzy thinking). This is the ssh theory, and the repeat MITM attack seems not prevalent. It would be nice to be able to export/import keys in openpgp format so one could leverage the pgp WoT; my experience is that people are better about checking PGP fingerprints than OTR fingerprints. New fingerprints would cause gaim to automatically go from red to yellow. It will display a dialog saying that a new fingerprint was presented for the given user. I think you mean 'presentation of a new OTR signing key, followed by key agreement authenticated by that (untrustworthy) key'. Pedantic, perhaps, but this is confusing enough. For expert users, the new key dialog should have three choices Discard Key Keep Key as Unconfirmed Confirm Key probably keep as unconfirmed should be the default. For non-experts, perhaps just don't present dialog. This dialog also has a mechanism for indicating that you have verified the fingerprint (and, I suppose, a way to undo that indication). Absolutely: a way to undo it, and to remove it. Basically the same three choices as the initial dialog. -- Greg Troxel From ian at cypherpunks.ca Thu Jun 2 09:27:28 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 2 Jun 2005 09:27:28 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> Message-ID: <20050602132728.GL1071@smtp.paip.net> On Thu, Jun 02, 2005 at 08:41:24AM -0400, Greg Troxel wrote: > 1. Not private (red) > 2. Unverified (yellow) > 3. Private (green) > > I share the concern about wording, but I object to the notion that 2 > (doing OTR, unverified fingerprint) is a shade of green. > > Color is awkward due to b&w displays (I'll need to fire up my > Sparcstation ELC which is 1152x900x 1bit...), and accessibility > issues. So perceiving of color should not be required for the UI to > function - I think you are proposing having text and color > simultaneously so it works without color. Oh, for sure. I was thinking the colour could also have a shape, perhaps reminiscent of traffic *signs*: red octagon, yellow triangle, green circle. And then the text underneath it. We'd do away with the "OTR:" text (maybe incorporating it into the image), which would leave us some room for text. > How about > > 1. Unencrypted > 2. Encrypted/unverified > 3. Private I don't think "Encrypted/unverified" will *fit*, unfortunately. > It would be nice to be able to export/import keys in openpgp format so > one could leverage the pgp WoT; my experience is that people are > better about checking PGP fingerprints than OTR fingerprints. PKIs can always leverage each other: see for example, http://r6.ca/russellotr.asc . So _one_ of the ways you can verify an OTR fingerprint is to use the PGP WoT. > New fingerprints would cause gaim to automatically go from red to > yellow. It will display a dialog saying that a new fingerprint was > presented for the given user. > > I think you mean 'presentation of a new OTR signing key, followed by > key agreement authenticated by that (untrustworthy) key'. Pedantic, > perhaps, but this is confusing enough. I'm not sure I see your distinction. The Key Exchange Message packet contains *both* the presentation of the DSA key *and* the DH key agreement, sign with the DSA key. If you receive one of these (well-formed; is that the distinction you were making?) packets, and it contains a DSA key you haven't seen before, gaim will let you know, but switch to yellow. - Ian From rabbi at abditum.com Thu Jun 2 09:31:56 2005 From: rabbi at abditum.com (Len Sassaman) Date: Thu, 2 Jun 2005 06:31:56 -0700 (PDT) Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <429E1680.5000604@brandeis.edu> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <429E13B2.20403@rotz.org> <429E1680.5000604@brandeis.edu> Message-ID: On Wed, 1 Jun 2005, Jason Cohen wrote: > Encryption without authentication is useless. This is one of the most often repeated lies of the crypto community, and belief in this is one of the main reasons we're not seeing greater spread of crypto. From aldert at rotz.org Thu Jun 2 09:40:34 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Thu, 02 Jun 2005 15:40:34 +0200 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050602132728.GL1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <20050602132728.GL1071@smtp.paip.net> Message-ID: <429F0C52.60709@rotz.org> Ian Goldberg wrote: > I was thinking the colour could also have a shape, > perhaps reminiscent of traffic *signs*: red octagon, yellow triangle, > green circle. And then the text underneath it. We'd do away with the > "OTR:" text (maybe incorporating it into the image), which would leave > us some room for text. > > I think AdiumX did a good job with the open and closed lock. So if shapes are an option how about : 1. Open lock 2. Closed lock 3. Closed lock with this check of a checkbox superimposed. Aldert. From ian at cypherpunks.ca Thu Jun 2 10:02:07 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 2 Jun 2005 10:02:07 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <429F0C52.60709@rotz.org> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <20050602132728.GL1071@smtp.paip.net> <429F0C52.60709@rotz.org> Message-ID: <20050602140207.GN1071@smtp.paip.net> On Thu, Jun 02, 2005 at 03:40:34PM +0200, Aldert J.B.P. Hazenberg wrote: > I think AdiumX did a good job with the open and closed lock. > So if shapes are an option how about : > > 1. Open lock > 2. Closed lock > 3. Closed lock with this check of a checkbox superimposed. Locks to me suggest "secure", whereas OTR provides "private", which is a somewhat stronger notion. (With the pfs, deniability, etc.) I'd prefer it to not be so easily confused with things like gaim-encryption. Also, even in the "lock" world, I think we really don't want to give the misimpression that people should be happy at 2. The moods I'd like people to have (somewhat flippantly): 1. Unhappy 2. Uneasy 3. Comfortable Maybe use smilies? ;-) - Ian From aldert at rotz.org Thu Jun 2 10:55:37 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Thu, 02 Jun 2005 16:55:37 +0200 Subject: [OTR-users] Jabber and OTR - Google Summer of Code ? In-Reply-To: <20050602140207.GN1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <20050602132728.GL1071@smtp.paip.net> <429F0C52.60709@rotz.org> <20050602140207.GN1071@smtp.paip.net> Message-ID: <429F1DE9.3080305@rotz.org> Cool, I see talks are underway to get OTR in Jabber; http://www.saint-andre.com/blog/2005-03.html#2005-03-15T12:47 Even cooler, it looks like that somebody could do it in a paid project form through the Google Summer of Code programm !!! http://www.saint-andre.com/blog/2005-06.html#2005-06-01T16:59 Must be dozens of crypto wizards students who could do this :) Right ? :) And earning some money while being part of serious Open Source software development is a very good experience.... Aldert. From paul at cypherpunks.ca Thu Jun 2 18:15:18 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Fri, 3 Jun 2005 00:15:18 +0200 (CEST) Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050602140207.GN1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <20050602132728.GL1071@smtp.paip.net> <429F0C52.60709@rotz.org> <20050602140207.GN1071@smtp.paip.net> Message-ID: On Thu, 2 Jun 2005, Ian Goldberg wrote: >> I think AdiumX did a good job with the open and closed lock. >> So if shapes are an option how about : >> >> 1. Open lock >> 2. Closed lock >> 3. Closed lock with this check of a checkbox superimposed. > > Locks to me suggest "secure", whereas OTR provides "private", which is a > somewhat stronger notion. (With the pfs, deniability, etc.) I'd prefer > it to not be so easily confused with things like gaim-encryption. But you are trying to convey cryptography concepts to the masses. That will not work. > Also, even in the "lock" world, I think we really don't want to give the > misimpression that people should be happy at 2. The moods I'd like > people to have (somewhat flippantly): > > 1. Unhappy > 2. Uneasy > 3. Comfortable That is pretty misleading. I would call 2 "easy", since it protects against silly passive attacks, which are the most types of attacks most IM users would face. > Maybe use smilies? ;-) I have enough childish icons forced down my throat as it is, thankyouverymuch how about: 1. Insecure 2. Protected 3. Safe Then it leaves the interpretation of 'protected' to the individuals. We can explain (in a mouse over or something) that protected means 'protected against sniffing and passive attacks', and that safe means 'protected against sniffing and active attacks'. While die-hard crypto people will call 'protected' completely insecure and meaningless. Protected could be coloured blue (eg protected by some uniform, but do we trust the uniform?) It should not be some shade of green. We need to explain these things so that my dad can understand the difference. Perhaps a pointer to a url to the OTR website with cute animations or something. Paul From lists at lohengrin.net Sun Jun 5 13:47:30 2005 From: lists at lohengrin.net (lists at lohengrin.net) Date: Sun, 5 Jun 2005 12:47:30 -0500 Subject: [OTR-users] Does OTR Proxy support different ports Message-ID: <20050605124729.A29502@alliance.rogue-squad.com> Does OTR proxy support using a different port for a connection. While at work, I can not connect to AIM using the standard 5190 port. I can however use the port 9898. I can not seem to get OTR proxy to work when I have the 9898 port specified. When I take the same computer home and use the standard port, I can connect via the proxy without problems. Cheers, Sean -- Beauty: What's in your eye when you have a bee in your hand. -- unknown author From brian.krebs at washingtonpost.com Sun Jun 5 13:37:48 2005 From: brian.krebs at washingtonpost.com (brian.krebs at washingtonpost.com) Date: Sun, 05 Jun 2005 13:37:48 -0400 Subject: [OTR-users] wiretapping Message-ID: <2a6bc211844.42a3002c@digitalink.com> So if the person I'm chatting with and I both have the OTR plugin installed, and are using it in our conversations, would it be possible for the IM provider - say AOL e.g. - to eavesdrop on or offer law enforcement the ability to piggyback on the conversation from either party's end and read the conversation? -------------- next part -------------- A non-text attachment was scrubbed... Name: brian.krebs.vcf Type: text/x-vcard Size: 210 bytes Desc: Card for URL: From ian at cypherpunks.ca Sun Jun 5 14:03:14 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 5 Jun 2005 14:03:14 -0400 Subject: [OTR-users] Does OTR Proxy support different ports In-Reply-To: <20050605124729.A29502@alliance.rogue-squad.com> References: <20050605124729.A29502@alliance.rogue-squad.com> Message-ID: <20050605180314.GZ1071@smtp.paip.net> On Sun, Jun 05, 2005 at 12:47:30PM -0500, lists at lohengrin.net wrote: > Does OTR proxy support using a different port for a connection. > > While at work, I can not connect to AIM using the standard 5190 port. I > can however use the port 9898. I can not seem to get OTR proxy to work > when I have the 9898 port specified. When I take the same computer home > and use the standard port, I can connect via the proxy without problems. So your work blocks port 5190, but you're just connecting to the AOL server on port 9898? [It seems that the AOL servers will accept a connection on *any* port, so blocking outgoing port 5190 is kind of useless.] Indeed, otrproxy right now understands that a connection to port 5190 means to speak the OSCAR protocol. I suppose that could be made configurable, but it's not at the moment. [As a suboptimal workaround, you could use gaim and gaim-otr while at work, I suppose.] - Ian From ian at cypherpunks.ca Sun Jun 5 14:24:28 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 5 Jun 2005 14:24:28 -0400 Subject: [OTR-users] wiretapping In-Reply-To: <2a6bc211844.42a3002c@digitalink.com> References: <2a6bc211844.42a3002c@digitalink.com> Message-ID: <20050605182428.GA1071@smtp.paip.net> On Sun, Jun 05, 2005 at 01:37:48PM -0400, brian.krebs at washingtonpost.com wrote: > So if the person I'm chatting with and I both have the OTR plugin installed, > and are using it in our conversations, would it be possible for the IM > provider - say AOL e.g. - to eavesdrop on or offer law enforcement the ability > to piggyback on the conversation from either party's end and read the > conversation? The OTR protocol encrypts the messages between Alice's computer and Bob's computer. Although the messages still go through the provider's servers, the provider is unable to read them. OTR also allows Alice and Bob to verify each other's "fingerprints", in order to combat so-called "man-in-the-middle" attacks. [Note that some other IM encryption mechanisms, such as Trillian SecureIM, don't provide such protection, and then the IM provider could in fact read the contents of the supposedly private conversation.] That having been said, it's still possible for law enforcement or the IM provider to try to install software, such as a keystroke logger, on your computer, and steal the messages before they get encrypted in the first place. - Ian From codewarrior at cuseeme.de Sun Jun 5 15:04:01 2005 From: codewarrior at cuseeme.de (codewarrior at cuseeme.de) Date: Sun, 5 Jun 2005 21:04:01 +0200 Subject: [OTR-users] Is there life after DNS? Message-ID: <286D58D5-55C7-4B28-9B7F-462F941AD193@cuseeme.de> dear list members, due to the massive influence from tycoon firms, and the ongoing software patents disscussion in europe and the pressure from the http://www.mpaa.org/ on bittorrent users i think there is a strong need for "Opencuseeme" the first free peer2peer multiconferencing tool. please join we need some helping hands best regards marc manthey www.cuseeme.de ******************************************************** opencuseeme / peer2peer multiparty conferencing Begin forwarded message: > From: Peter Dambier > Date: June 5, 2005 12:34:18 PM GMT+02:00 > To: discussions at list.inaic.com > Cc: Marc Manthey > Subject: Is there life after DNS? > Reply-To: peter at peter-dambier.de > > > Hi all, > > did you ever ask yourself that question? > > With 2369 domains we have the best root. We are the frontier. We > have to think > what comes after DNS. > > ICANN does not face that frontier. They used to have 250 Domains > but they lost > one. No they are back to 249. They cannot go up to 250 again > because the > next domain they want to introduse is "xxx." and that gets filtered > and > accused on most servers they use because they are owned by > universities. > It just happened to me and several others on NANOG. :) > > IPv6 will be a challenge. No normal human beeing thinks of typing > in IPv6 > addresses. Cut and paste, maybe - but typing, no! IPv6 will break DNS! > > There are nameservers behind firewalls that dont allow tpc > connections to the > namesevers. IPv6 addresses will break packet borders and they will > finally > break these nameservers. > > You dont need IPv6? Ipv4 is good enuf for you? > > Joe and me, we have seen IPv9 working. Stay with your old IPv4 > machines and let > governements decide what is good for you. Send your emails to the > governement > and let them decide what is spam. They are looking forward to > reading and maybe > forwarding or not your emails. Who needs to run a mailserver > anyhow. Dont you > think its a good idea of the goverment to close port 25 forwarding? > > If you dont think so read on! > > Today we have to worlds a host might live in. There are some good > guys running > servers running important machines with fixed addresses. They make > up the world > of DNS. Everybody can ask DNS for their addresses and maybe their > names. > > And then we have hosts like yours and mine connected via NAT- > routers to dsl- or > cable-modems or to good old pots via good old modems. Whenever I > connect to the > internet I get a new ip. An ip that somebody else might have used > for sending > spam the I cannot use it for sending emails. An ip that nobody > knows not even me. > If I dont disconnect and reconnect my provider will do that for me > once every > 24 hours. That is the world of P2P users and services like no-ip.com . > > How do these hosts know eachother? How do they find eachother. How > do they > connect? How do they identify? > > There is live outside DNS. I have met them. > > Before we had DNS there was /etc/hosts and there still is NIS. NIS+ > might have > become DNS but SUN has given up. It does not scale up. > > Still there is P2P. It is losely connected to DNS by services like > no-ip.com > > Does P2P really need static ip addresses?. > > The DSLAM the concentrator and router I am connected to, manages > some 4K addresses. > To find echnaton.serveftp.com just try 4K ip addresses and you have > got me. > > If only 100 hosts of those 4K possible addresses in the voicinity > of frankfurt on > main, germany had a P2P-nameservice running you would only have to > ask 40 addresses > to get me. > > You got me? > > Have a nice weekend > > regards, > Peter and Karin Dambier > Public-Root > > > > > From aldert at rotz.org Sun Jun 5 16:59:01 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Sun, 05 Jun 2005 22:59:01 +0200 Subject: [OTR-users] Gaim and Norton Internet Security In-Reply-To: <429C9048.5080602@rotz.org> References: <20050505231258.GC1071@smtp.paip.net> <429C9048.5080602@rotz.org> Message-ID: <42A36795.2000300@rotz.org> I noticed that the combination XP SP2 + Norton Internet Security leaves your Gaim with non working Jabber and MSN accounts. And that is kinda bad if you try to do some OTR :) I found the 'solution' and documented it : http://rotz.org/archives/2005/06/gaim_norton_int.html Aldert. From codewarrior at cuseeme.de Sun Jun 5 19:02:02 2005 From: codewarrior at cuseeme.de (codewarrior at cuseeme.de) Date: Mon, 6 Jun 2005 01:02:02 +0200 Subject: [OTR-users] wiretapping In-Reply-To: <2a6bc211844.42a3002c@digitalink.com> References: <2a6bc211844.42a3002c@digitalink.com> Message-ID: <6E0A1CB7-909D-46F2-BB2E-9112DC72BD0E@cuseeme.de> On Jun 5, 2005, at 7:37 PM, brian.krebs at washingtonpost.com wrote: > So if the person I'm chatting with and I both have the OTR plugin > installed, > and are using it in our conversations, would it be possible for the IM > provider - say AOL e.g. - to eavesdrop on or offer law enforcement > the ability > to piggyback on the conversation from either party's end and read the > conversation? > > hello brian, interesting, found this here http://www.wolist.com/wo/society/crime/organized-crime-23089/ organized-crime.html http://seclists.org/lists/politech/2004/Jan/0026.html http://www.wmob.com/ regards marc From jcohen07 at brandeis.edu Sun Jun 5 23:09:54 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Sun, 05 Jun 2005 23:09:54 -0400 Subject: [OTR-users] gaim-otr 2.0.2 will be going into debian sid In-Reply-To: References: <200506051652.j55Gq1MG016554@blanca.unet.brandeis.edu> Message-ID: <42A3BE82.1070501@brandeis.edu> It appears my bug report worked. gaim-otr will be entering Sid and will shortly propogate into testing. Debian Bug Tracking System wrote: >This is an automatic notification regarding your Bug report >#312117: gaim-otr: New Gaim-OTR version (2.0.2) available to resolve conflicts with gaim-encryption, >which was filed against the gaim-otr package. > >It has been closed by one of the developers, namely >Thibaut VARENE . > >Their explanation is attached below. If this explanation is >unsatisfactory and you have not received a better one in a separate >message then please contact the developer, by replying to this email. > >Debian bug tracking system administrator >(administrator, Debian Bugs database) > >Received: (at 312117-close) by bugs.debian.org; 6 Jun 2005 02:39:37 +0000 >>From katie at ftp-master.debian.org Sun Jun 05 19:39:37 2005 >Return-path: >Received: from newraff.debian.org [208.185.25.31] (mail) > by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) > id 1Df7Wa-0007AX-00; Sun, 05 Jun 2005 19:39:36 -0700 >Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) > id 1Df7RC-00085s-00; Sun, 05 Jun 2005 22:34:02 -0400 >From: Thibaut VARENE >To: 312117-close at bugs.debian.org >X-Katie: $Revision: 1.56 $ >Subject: Bug#312117: fixed in gaim-otr 2.0.2-1 >Message-Id: >Sender: Archive Administrator >Date: Sun, 05 Jun 2005 22:34:02 -0400 >Delivered-To: 312117-close at bugs.debian.org >X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 > (1.212-2003-09-23-exp) on spohr.debian.org >X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER > autolearn=no version=2.60-bugs.debian.org_2005_01_02 >X-Spam-Level: > >Source: gaim-otr >Source-Version: 2.0.2-1 > >We believe that the bug you reported is fixed in the latest version of >gaim-otr, which is due to be installed in the Debian FTP archive: > >gaim-otr_2.0.2-1.diff.gz > to pool/main/g/gaim-otr/gaim-otr_2.0.2-1.diff.gz >gaim-otr_2.0.2-1.dsc > to pool/main/g/gaim-otr/gaim-otr_2.0.2-1.dsc >gaim-otr_2.0.2-1_powerpc.deb > to pool/main/g/gaim-otr/gaim-otr_2.0.2-1_powerpc.deb >gaim-otr_2.0.2.orig.tar.gz > to pool/main/g/gaim-otr/gaim-otr_2.0.2.orig.tar.gz > > > >A summary of the changes between this version and the previous one is >attached. > >Thank you for reporting the bug, which will now be closed. If you >have further comments please address them to 312117 at bugs.debian.org, >and the maintainer will reopen the bug report if appropriate. > >Debian distribution maintenance software >pp. >Thibaut VARENE (supplier of updated gaim-otr package) > >(This message was generated automatically at their request; if you >believe that there is a problem with it please contact the archive >administrators by mailing ftpmaster at debian.org) > > > Format: 1.7 > Date: Sun, 5 Jun 2005 21:33:05 +0200 > Source: gaim-otr > Binary: gaim-otr > Architecture: source powerpc > Version: 2.0.2-1 > Distribution: unstable > Urgency: low > Maintainer: Thibaut VARENE > Changed-By: Thibaut VARENE > Description: > gaim-otr - Off-the-Record Messaging plugin for gaim > Closes: 312117 > Changes: > gaim-otr (2.0.2-1) unstable; urgency=low > . > * New upstream release > * Fix to coexist more nicely with other gaim encryption plugins > (closes: #312117) > Files: > a376ae775762ff28243da6b2538e61dd 694 net optional gaim-otr_2.0.2-1.dsc > 3ee3542752dae8e9015d35f9fbff9996 314346 net optional > gaim-otr_2.0.2.orig.tar.gz > 357371b91802cece19b5a609c676f5fc 2802 net optional > gaim-otr_2.0.2-1.diff.gz > bc1d7133c19bb6542181c77815cba669 25046 net optional > gaim-otr_2.0.2-1_powerpc.deb > From gdt at ir.bbn.com Mon Jun 13 09:55:55 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 13 Jun 2005 09:55:55 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050602132728.GL1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <20050601184112.GJ1071@smtp.paip.net> <20050602132728.GL1071@smtp.paip.net> Message-ID: Ian Goldberg writes: > On Thu, Jun 02, 2005 at 08:41:24AM -0400, Greg Troxel wrote: > > New fingerprints would cause gaim to automatically go from red to > > yellow. It will display a dialog saying that a new fingerprint was > > presented for the given user. > > > > I think you mean 'presentation of a new OTR signing key, followed by > > key agreement authenticated by that (untrustworthy) key'. Pedantic, > > perhaps, but this is confusing enough. > > I'm not sure I see your distinction. The Key Exchange Message packet > contains *both* the presentation of the DSA key *and* the DH key > agreement, sign with the DSA key. My point was to make the signing key be the primary entity, rather than 'fingerprint', which is just a hash of the signing key (and an overused word IMHO). -- Greg Troxel From gdt at ir.bbn.com Mon Jun 13 10:15:07 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 13 Jun 2005 10:15:07 -0400 Subject: [OTR-users] wiretapping In-Reply-To: <20050605182428.GA1071@smtp.paip.net> References: <2a6bc211844.42a3002c@digitalink.com> <20050605182428.GA1071@smtp.paip.net> Message-ID: Ian Goldberg writes: > The OTR protocol encrypts the messages between Alice's computer and > Bob's computer. Although the messages still go through the provider's > servers, the provider is unable to read them. In an earlier message, I mentioned that it would be hard for an attacker to repeatedly mount a man-in-the-middle attack. However, a service provider such as AOL could easily do this for a pair of correspondents. But, widespread MITM activity would likely be detected, so it's unclear how bad a risk this is unless they are after you specifically. > OTR also allows Alice and Bob to verify each other's "fingerprints", > in order to combat so-called "man-in-the-middle" attacks. [Note that > some other IM encryption mechanisms, such as Trillian SecureIM, don't > provide such protection, and then the IM provider could in fact read the > contents of the supposedly private conversation.] The possibility -- and ease of mounting - of a service provider MITM attack is a strong argument for viewing unconfirmed signing keys as an 'uneasy' rather than 'good' state. Perhaps the OTR distribution should have a jabber server module to MITM OTR, in the same spirit as the forgery toolkit. -- Greg Troxel From lists at subvs.co.uk Tue Jun 14 09:58:42 2005 From: lists at subvs.co.uk (Hamish) Date: Tue, 14 Jun 2005 14:58:42 +0100 Subject: [OTR-users] Suse howto done Message-ID: <200506141458.54828.lists@subvs.co.uk> Hi list Ive just managed to get gaim-otr running on my suse 9.3 box, Ive put the details on http://www.susewiki.org/index.php?title=Gaim-OTR - please feel free to change somthing if you have a better way! Thanks, H -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ian at cypherpunks.ca Wed Jun 15 17:33:31 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 15 Jun 2005 17:33:31 -0400 Subject: [OTR-users] Suse howto done In-Reply-To: <200506141458.54828.lists@subvs.co.uk> References: <200506141458.54828.lists@subvs.co.uk> Message-ID: <20050615213331.GC1071@smtp.paip.net> On Tue, Jun 14, 2005 at 02:58:42PM +0100, Hamish wrote: > Hi list > Ive just managed to get gaim-otr running on my suse 9.3 box, Ive put the > details on http://www.susewiki.org/index.php?title=Gaim-OTR - please feel > free to change somthing if you have a better way! I don't know suse at all, but rather than having the rpm install gaim-otr.so in the Fedora place (/usr/lib/gaim), and then symlinking to the suse place (/opt/gnome/lib, apparently), why not just change the gaim-otr spec file to install it in the right place? Changing the options to configure should suffice. Also, what's the "normal" way users install packages in suse (without compiling them themselves)? Any idea how one adds packages to that repository? Thanks, - Ian From phusion9 at netcabo.pt Sat Jun 18 16:28:57 2005 From: phusion9 at netcabo.pt (phusion9) Date: Sat, 18 Jun 2005 21:28:57 +0100 Subject: [OTR-users] Error Message-ID: Hi! I'm having an error when I try to generate a private key for my MSN account to make a private conversation. I use Gaim v1.3.1 for windows with the plugin Off-the-Record Messaging 2.0.2 It shows that it's done but when I click ok . an error message appears: OTR error "Error creating OTR key Exchange Message: Unusable secret key" Can you help me? What should I do to solve this problem? Thank you for your time and answer. PHuSiOn9 -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul at cypherpunks.ca Sat Jun 18 16:49:10 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sat, 18 Jun 2005 22:49:10 +0200 (CEST) Subject: [OTR-users] Error In-Reply-To: References: Message-ID: On Sat, 18 Jun 2005, phusion9 wrote: > I'm having an error when I try to generate a private key for my MSN account > to make a private conversation. > > I use Gaim v1.3.1 for windows with the plugin Off-the-Record Messaging 2.0.2 > It shows that it's done but when I click ok . an error message appears: > > OTR error > > "Error creating OTR key Exchange Message: > > Unusable secret key" I have never seen that before. Can you delete the key and try again? Can you try another windows pc? Paul From ian at cypherpunks.ca Sat Jun 18 16:53:26 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sat, 18 Jun 2005 16:53:26 -0400 Subject: [OTR-users] Error In-Reply-To: References: Message-ID: <20050618205326.GI1071@smtp.paip.net> On Sat, Jun 18, 2005 at 09:28:57PM +0100, phusion9 wrote: > Hi! > > I'm having an error when I try to generate a private key for my MSN account > to make a private conversation. > > I use Gaim v1.3.1 for windows with the plugin Off-the-Record Messaging 2.0.2 > > > > It shows that it's done but when I click ok . an error message appears: > > OTR error > > "Error creating OTR key Exchange Message: > > Unusable secret key" > > > > Can you help me? What should I do to solve this problem? That error message means gaim-otr created your private key, but then found it unusable later, probably when it tried to read it back from disk. Do you have an otr.private_key file in your gaim user directory (the same directory as accounts.xml, blist.xml, etc.)? What's in it? - Ian From ian at cypherpunks.ca Sat Jun 18 17:10:09 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sat, 18 Jun 2005 17:10:09 -0400 Subject: [OTR-users] wiretapping In-Reply-To: References: <2a6bc211844.42a3002c@digitalink.com> <20050605182428.GA1071@smtp.paip.net> Message-ID: <20050618211009.GJ1071@smtp.paip.net> On Mon, Jun 13, 2005 at 10:15:07AM -0400, Greg Troxel wrote: > The possibility -- and ease of mounting - of a service provider MITM > attack is a strong argument for viewing unconfirmed signing keys as an > 'uneasy' rather than 'good' state. Right. > Perhaps the OTR distribution should have a jabber server module to > MITM OTR, in the same spirit as the forgery toolkit. This is a _fantastic_ idea. But it'll have to fall to someone else. It should be too hard, if someone wants to give it a shot. - Ian From CLAY at BROKENLADDER.COM Wed Jun 22 19:25:50 2005 From: CLAY at BROKENLADDER.COM (CLAY SHENTRUP) Date: Wed, 22 Jun 2005 16:25:50 -0700 Subject: [OTR-users] diffie-hellyes Message-ID: <1119482750.15250.236965148@webmail.messagingengine.com> I haven't read the OTR spec in awhile, but I seem to recall that one digitally signs the AES key derived from the Diffie-Hellman transaction. Why not simply sign only your own public value in the Diffie-Hellman process? If the other party sign's his, then you know with confidence the shared secret (private key) that you will both generate. This seems to provide substantially better deniability, because there's no way to prove you ever even knew the other party's public value and generated the shared secret. You could deny that you had ever even seen that private key. Does this make sense?? Am I missing something? Is this how it's already done and I just misunderstood? Just curious.. I think the next step on this plug-in, and I wish I had the time to help, would be to make the equivalent of mixminion for IM. Essentially, your message is encrypted like those little Russian dolls, so that the next person in the line can encrypt a layer, and then on down the line, until the final party can view the message, and an outside observer would be hard pressed to discover who you were talking to. Maybe this is too process intensive, since it would require successive RSA decryption to peel away the layers, as well as the permission of various people on a network. Just a thought.. Clay -------------------------------------------------- ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE THE PGP PUBLIC KEY FOR BROKEN LADDER AT HTTP://ESKILO.WARPMAIL.NET/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From ian at cypherpunks.ca Wed Jun 22 19:33:07 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 22 Jun 2005 19:33:07 -0400 Subject: [OTR-users] diffie-hellyes In-Reply-To: <1119482750.15250.236965148@webmail.messagingengine.com> References: <1119482750.15250.236965148@webmail.messagingengine.com> Message-ID: <20050622233307.GE8008@smtp.paip.net> On Wed, Jun 22, 2005 at 04:25:50PM -0700, CLAY SHENTRUP wrote: > > I haven't read the OTR spec in awhile, but I seem to recall that > one digitally signs the AES key derived from the Diffie-Hellman > transaction. Why not simply sign only your own public value in > the Diffie-Hellman process? If the other party sign's his, then > you know with confidence the shared secret (private key) that > you will both generate. This seems to provide substantially > better deniability, because there's no way to prove you ever > even knew the other party's public value and generated the > shared secret. You could deny that you had ever even seen that > private key. Does this make sense?? Am I missing something? > Is this how it's already done and I just misunderstood? This is in fact exactly how it's done now. :-) The only thing the digitally signed message in OTR proves is that you've used OTR at some point in the past (not even necessarily to talk to any particular person). > Just curious.. > I think the next step on this plug-in, and I wish I had the time > to help, would be to make the equivalent of mixminion for IM. > Essentially, your message is encrypted like those little Russian > dolls, so that the next person in the line can encrypt a layer, > and then on down the line, until the final party can view the > message, and an outside observer would be hard pressed to > discover who you were talking to. Maybe this is too process > intensive, since it would require successive RSA decryption to > peel away the layers, as well as the permission of various > people on a network. Just a thought.. Ben Laurie's "APRES" project is along these lines. You need to use a separate IM network though (not, for example, AIM), since it would be way too easy for AOL to figure out who's talking to whom, when every single message goes through their servers. - Ian From codewarrior at cuseeme.de Wed Jun 22 20:03:02 2005 From: codewarrior at cuseeme.de (codewarrior at cuseeme.de) Date: Thu, 23 Jun 2005 02:03:02 +0200 Subject: [OTR-users] diffie-hellyes In-Reply-To: <20050622233307.GE8008@smtp.paip.net> References: <1119482750.15250.236965148@webmail.messagingengine.com> <20050622233307.GE8008@smtp.paip.net> Message-ID: > You need to use a > separate IM network though (not, for example, AIM), since it would be > way too easy for AOL to figure out who's talking to whom, when every > single message goes through their servers. > cusoon;) marc -- reflector openning party on 06/25/2005 11pm UTC no limit just cam ****please register its free www.isabel.de ** www.cuseeme.de **** From rabbi at abditum.com Thu Jun 23 04:21:01 2005 From: rabbi at abditum.com (Len Sassaman) Date: Thu, 23 Jun 2005 01:21:01 -0700 (PDT) Subject: [OTR-users] diffie-hellyes In-Reply-To: <1119482750.15250.236965148@webmail.messagingengine.com> References: <1119482750.15250.236965148@webmail.messagingengine.com> Message-ID: On Wed, 22 Jun 2005, CLAY SHENTRUP wrote: > I think the next step on this plug-in, and I wish I had the time > to help, would be to make the equivalent of mixminion for IM. > Essentially, your message is encrypted like those little Russian > dolls, so that the next person in the line can encrypt a layer, > and then on down the line, until the final party can view the > message, and an outside observer would be hard pressed to > discover who you were talking to. Maybe this is too process > intensive, since it would require successive RSA decryption to > peel away the layers, as well as the permission of various > people on a network. Just a thought.. Building strong anonymity into IM systems is a very difficult proposition. Unlike email, where it isn't a huge problem if messages are delivered with high latency and in a different order than when they are sent, IM systems generally want extremely low latency and synchronous delivery. But worse, most IM systems are centrally operated by private entities, which would make either traffic analysis or blocking of the anonymous IM servers trivial. There are other alternatives, such as using Tor with a dedicated IM screen name (which would have to be created, and used exclusively with Tor, lest an attacker learn a real ID to associate with the name). Tor, however, provides much less anonymity than high-latency systems like Mixmaster and Mixminion, as a trade-off for its low-latency properties. I predict we won't see a decent IM anonymity solution until we solve the low-latency anonymity problems, have wide-spread use of decentralized IM systems, or both. --Len. From CLAY at BROKENLADDER.COM Thu Jun 23 12:17:21 2005 From: CLAY at BROKENLADDER.COM (CLAY SHENTRUP) Date: Thu, 23 Jun 2005 09:17:21 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #76 - 4 msgs In-Reply-To: <20050623103511.8323.36461.Mailman@brandeis.paip.net> References: <20050623103511.8323.36461.Mailman@brandeis.paip.net> Message-ID: <1119543441.22667.237018009@webmail.messagingengine.com> >This is in fact exactly how it's done now. :-) Ah, yes. I just looked over the protocol PDF again and I see that this is exactly how it's done. I should have known better considering the genius behind OTR. :) It might be slightly incriminating if it became obvious that you chose your X_a such that it satisfie a particular e and n, in Diffie-Hellman terms, but it's hard to envision how strong that connection would be, or in which scenario that might even come into play. As to the anonymity over private server networks, what about scenarios such as, sending a message (in an encryption shell) to ten people, who each strip away one layer of encryption, and then send to 10 people, and so on, until you've reached say, 1000 people. In this case, many many people would receive the message, but only the intended recipient would be able to read it. I've heard this type of technique, like posting messages up on a public board where the recipient reads all messages, and discovers which ones are addressed to him, "shouting" or something like that. Even if the NSA or the like were watching this, how feasible would it be to track down 1000 people, search their hard drives, etc. Say you make it 10,000, and constructed it so that all the messages not going to the intended recipient wouldn't even be the real message. If the maximum message size were kept relatively small, this technique would not seem infeasible. The bandwidth used would be negligible compared to steraming audio and many other things that the internet is used for, especially because it would be so highly distributed. And the processing resources to strip away a layer of encryption on a relatively short stream of text, and then resend it to ten people, would not be a significant burden upon any given user. I could certainly be overlooking some obvious problems, but this scenario doesn't seem unreasonable to me. Clay -------------------------------------------------- ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE THE PGP PUBLIC KEY FOR BROKEN LADDER AT HTTP://ESKILO.WARPMAIL.NET/ From olivierschwander-listes at altern.org Thu Jun 23 15:19:06 2005 From: olivierschwander-listes at altern.org (Olivier Schwander) Date: Thu, 23 Jun 2005 21:19:06 +0200 Subject: [OTR-users] private key for multiple accounts Message-ID: <42BB0B2A.10703@altern.org> Hello, Why the private key is different for each account? It should be easier for public key and fingerprint sharing to use a single key for all accounts. Is there a security reason to use different keys? Thanks Olivier From alex323 at gmail.com Thu Jun 23 15:31:33 2005 From: alex323 at gmail.com (Alex) Date: Thu, 23 Jun 2005 15:31:33 -0400 Subject: [OTR-users] private key for multiple accounts In-Reply-To: <42BB0B2A.10703@altern.org> References: <42BB0B2A.10703@altern.org> Message-ID: <42BB0E15.6050805@gmail.com> In my opinion, I like multiple keys. If your private key is stolen, all of your IM accounts on all protocols are at risk. If you just lose one key (MSN let's say), then you just tell people to talk to you on AIM or something. Olivier Schwander wrote: >Hello, >Why the private key is different for each account? >It should be easier for public key and fingerprint sharing to use a >single key for all accounts. >Is there a security reason to use different keys? > >Thanks > >Olivier > >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: OpenPGP digital signature URL: From ian at cypherpunks.ca Thu Jun 23 16:39:53 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 23 Jun 2005 16:39:53 -0400 Subject: [OTR-users] private key for multiple accounts In-Reply-To: <42BB0B2A.10703@altern.org> References: <42BB0B2A.10703@altern.org> Message-ID: <20050623203953.GF8008@smtp.paip.net> On Thu, Jun 23, 2005 at 09:19:06PM +0200, Olivier Schwander wrote: > Hello, > Why the private key is different for each account? > It should be easier for public key and fingerprint sharing to use a > single key for all accounts. > Is there a security reason to use different keys? There is. Some people have multiple IM accounts that they don't want it to be obvious that they're actually the same person. For example, someone may have the accounts MarkFeltFBI and DeepThroat. If the private key was shared for all the user's accounts, it would be obvious that they're the same person. This way, they can be kept separate. [Of course, he'd likely have to use something like Tor as well, to hide his IP.] - Ian From CLAY at BROKENLADDER.COM Fri Jun 24 13:51:08 2005 From: CLAY at BROKENLADDER.COM (CLAY SHENTRUP) Date: Fri, 24 Jun 2005 10:51:08 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #77 - 4 msgs In-Reply-To: <20050624103402.15096.79891.Mailman@brandeis.paip.net> References: <20050624103402.15096.79891.Mailman@brandeis.paip.net> Message-ID: <1119635468.16418.237104622@webmail.messagingengine.com> You can easily edit your otr keys file so that the same key is used for all. That's what I did. Then I used different keys for different locations, in case the NSA cracks into the computer at my San Francisco hospital office. -Winston Smith (nyuk nyuk) -------------------------------------------------- ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE THE PGP PUBLIC KEY FOR BROKEN LADDER AT HTTP://ESKILO.WARPMAIL.NET/ ----- Original message ----- From: otr-users-request at lists.cypherpunks.ca To: otr-users at lists.cypherpunks.ca Date: Fri, 24 Jun 2005 06:34:02 -0400 Subject: OTR-users digest, Vol 1 #77 - 4 msgs Send OTR-users mailing list submissions to otr-users at lists.cypherpunks.ca To subscribe or unsubscribe via the World Wide Web, visit http://lists.cypherpunks.ca/mailman/listinfo/otr-users or, via email, send a message with subject or body 'help' to otr-users-request at lists.cypherpunks.ca You can reach the person managing the list at otr-users-admin at lists.cypherpunks.ca When replying, please edit your Subject line so it is more specific than "Re: Contents of OTR-users digest..." Today's Topics: 1. Re: OTR-users digest, Vol 1 #76 - 4 msgs (CLAY SHENTRUP) 2. private key for multiple accounts (Olivier Schwander) 3. Re: private key for multiple accounts (Alex) 4. Re: private key for multiple accounts (Ian Goldberg) --__--__-- Message: 1 From: "CLAY SHENTRUP" To: otr-users at lists.cypherpunks.ca Date: Thu, 23 Jun 2005 09:17:21 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #76 - 4 msgs >This is in fact exactly how it's done now. :-) Ah, yes. I just looked over the protocol PDF again and I see that this is exactly how it's done. I should have known better considering the genius behind OTR. :) It might be slightly incriminating if it became obvious that you chose your X_a such that it satisfie a particular e and n, in Diffie-Hellman terms, but it's hard to envision how strong that connection would be, or in which scenario that might even come into play. As to the anonymity over private server networks, what about scenarios such as, sending a message (in an encryption shell) to ten people, who each strip away one layer of encryption, and then send to 10 people, and so on, until you've reached say, 1000 people. In this case, many many people would receive the message, but only the intended recipient would be able to read it. I've heard this type of technique, like posting messages up on a public board where the recipient reads all messages, and discovers which ones are addressed to him, "shouting" or something like that. Even if the NSA or the like were watching this, how feasible would it be to track down 1000 people, search their hard drives, etc. Say you make it 10,000, and constructed it so that all the messages not going to the intended recipient wouldn't even be the real message. If the maximum message size were kept relatively small, this technique would not seem infeasible. The bandwidth used would be negligible compared to steraming audio and many other things that the internet is used for, especially because it would be so highly distributed. And the processing resources to strip away a layer of encryption on a relatively short stream of text, and then resend it to ten people, would not be a significant burden upon any given user. I could certainly be overlooking some obvious problems, but this scenario doesn't seem unreasonable to me. Clay -------------------------------------------------- ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE THE PGP PUBLIC KEY FOR BROKEN LADDER AT HTTP://ESKILO.WARPMAIL.NET/ --__--__-- Message: 2 Date: Thu, 23 Jun 2005 21:19:06 +0200 From: Olivier Schwander To: otr-users at lists.cypherpunks.ca Subject: [OTR-users] private key for multiple accounts Hello, Why the private key is different for each account? It should be easier for public key and fingerprint sharing to use a single key for all accounts. Is there a security reason to use different keys? Thanks Olivier --__--__-- Message: 3 Date: Thu, 23 Jun 2005 15:31:33 -0400 From: Alex To: Olivier Schwander , otr-users at lists.cypherpunks.ca Subject: Re: [OTR-users] private key for multiple accounts This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBA2FAE8970DD9A099F9BA409 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit In my opinion, I like multiple keys. If your private key is stolen, all of your IM accounts on all protocols are at risk. If you just lose one key (MSN let's say), then you just tell people to talk to you on AIM or something. Olivier Schwander wrote: >Hello, >Why the private key is different for each account? >It should be easier for public key and fingerprint sharing to use a >single key for all accounts. >Is there a security reason to use different keys? > >Thanks > >Olivier > >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > --------------enigBA2FAE8970DD9A099F9BA409 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQIVAwUBQrsOFYNsvbPFJtOPAQPK4g//TqHqkKYJ3THvdw9yeJtoeMsvqAgYPMyx 9Y2bPTBc0EexWk+0IQ2bjTs3QFQW9zbN7h72h6ptB8usQLdVUA/fygNZuOLLf+wA m1+3Rgk78WsVbMGYGLAwWHJUAjY+eHDOxraBw8eVvkLa3qGsSXSOx5THOtmmZVu7 l+JW9bb+YLHZBG95YSIObLeKfjGBUOsprUKtzorPlK5MzW5JLmJ4uLYt6GIKQNYi +uK/DQRJ+sGyZmyfgAhu271OkcDpfGm2u90S4jXC8O8xbh7cKYIWWoe0aCZQuwX1 bUXIL6+OX6bYJZrdygHff9nmdFQthoeaEFJFaSoRgAIwJankzMid2l6vGrDTFlvw 8hH15XEq7c6Ob6Ow3giJEvmFwlivLgoePQFqDbOLAA6N6B3F2PxExSmbHG7srZYl KCPCS5gB4mLnoV9Ij4harxBVTG0hOnsiMG+N7xKSAkTninOacX8ReIfFsIAl1kt9 ttkPhbBWcNfVPtDj1ZMOXiZyRieoaS/woJs79Pv1nxcVAufRR1CPQX03aDgsLidN AyrNr0a2GHqda5W+TvDkH/GDUQR/mYU0JwXWSPf4PQnbGYi3VbvXaNea4BOOezvJ r1f8H/0VQnshA25VEerVC9fLf7M7WrBP/Qog0b4PEwkm9reXPvuZgpkA0Q0hDiyb TlO0bQVfnm4= =+K8s -----END PGP SIGNATURE----- --------------enigBA2FAE8970DD9A099F9BA409-- --__--__-- Message: 4 Date: Thu, 23 Jun 2005 16:39:53 -0400 To: otr-users at lists.cypherpunks.ca Subject: Re: [OTR-users] private key for multiple accounts From: Ian Goldberg On Thu, Jun 23, 2005 at 09:19:06PM +0200, Olivier Schwander wrote: > Hello, > Why the private key is different for each account? > It should be easier for public key and fingerprint sharing to use a > single key for all accounts. > Is there a security reason to use different keys? There is. Some people have multiple IM accounts that they don't want it to be obvious that they're actually the same person. For example, someone may have the accounts MarkFeltFBI and DeepThroat. If the private key was shared for all the user's accounts, it would be obvious that they're the same person. This way, they can be kept separate. [Of course, he'd likely have to use something like Tor as well, to hide his IP.] - Ian --__--__-- _______________________________________________ OTR-users mailing list OTR-users at lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-users End of OTR-users Digest From CLAY at BROKENLADDER.COM Sat Jun 25 00:56:50 2005 From: CLAY at BROKENLADDER.COM (CLAY SHENTRUP) Date: Fri, 24 Jun 2005 21:56:50 -0700 Subject: [OTR-users] pr0duct cypher / magic money Message-ID: <1119675410.24443.237130316@webmail.messagingengine.com> In recent months I've become quite obsessed over the idea of digital money. I would even consider setting up my own (offshore hosted) magic money server, like a small-time paypal, but I need the software to do it. I see the advent of an open-source digital currency as absolutely crucial. Does anyone know what ever became of Magic Money, or where to find a current incarnation of it, or something similar? -------------------------------------------------- ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE THE PGP PUBLIC KEY FOR BROKEN LADDER AT HTTP://ESKILO.WARPMAIL.NET/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex323 at gmail.com Sat Jun 25 10:49:49 2005 From: alex323 at gmail.com (Alex) Date: Sat, 25 Jun 2005 10:49:49 -0400 Subject: [OTR-users] pr0duct cypher / magic money In-Reply-To: <1119675410.24443.237130316@webmail.messagingengine.com> References: <1119675410.24443.237130316@webmail.messagingengine.com> Message-ID: <42BD6F0D.6000702@gmail.com> CLAY SHENTRUP wrote: > In recent months I've become quite obsessed over the idea of digital > money. I would even consider setting up my own (offshore hosted) > magic money server, like a small-time paypal, but I need the software > to do it. I see the advent of an open-source digital currency as > absolutely crucial. > > Does anyone know what ever became of Magic Money, or where to find a > current incarnation of it, or something similar? > >-------------------------------------------------- >ENCRYPTED MESSAGES ARE PREFERRED. PLEASE USE >THE PGP PUBLIC KEY FOR BROKEN LADDER AT >HTTP://ESKILO.WARPMAIL.NET/ > > What does this have to do with OTR? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: OpenPGP digital signature URL: From ian at cypherpunks.ca Sun Jun 26 00:31:42 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 26 Jun 2005 00:31:42 -0400 Subject: [OTR-users] 10000 Message-ID: <20050626043142.GH8008@smtp.paip.net> Just a note that this evening, we passed 10 thousand unique IP downloads of OTR software from the main web site. This doesn't include the mirrors, people grabbing software that's included in their OS distro, or people using other OTR-enabled software, of course. ;-) - Ian From ryan.bourque at gmail.com Thu Jun 30 10:04:48 2005 From: ryan.bourque at gmail.com (Ryan Bourque) Date: Thu, 30 Jun 2005 09:04:48 -0500 Subject: [OTR-users] gaim-otr hangs on generating key Message-ID: I've recently been using gaim-otr with my own jabber server for a few months with no problems at all, but I recently changed the domain name, updated all of the accounts and wiped all of our user's gaim settings. Now whenever anyone attempts to generate a key, it hangs gaim and I have to manually kill the gaim process. The gaim debug output follows whenever I click on "Generate key": dns[11292]: nobody needs me... =( select() error: Interrupted system call It doesn't matter which account we generate a key for, it always hangs gaim. I've uninstalled and reinstalled gaim, gaim-otr, libotr1 and libotr1-bin (debian sarge packages). From ian at cypherpunks.ca Thu Jun 30 15:18:24 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 30 Jun 2005 15:18:24 -0400 Subject: [OTR-users] gaim-otr hangs on generating key In-Reply-To: References: Message-ID: <20050630191824.GX8008@smtp.paip.net> On Thu, Jun 30, 2005 at 09:04:48AM -0500, Ryan Bourque wrote: > I've recently been using gaim-otr with my own jabber server for a few > months with no problems at all, but I recently changed the domain > name, updated all of the accounts and wiped all of our user's gaim > settings. > > Now whenever anyone attempts to generate a key, it hangs gaim and I > have to manually kill the gaim process. The gaim debug output follows > whenever I click on "Generate key": > > dns[11292]: nobody needs me... =( > select() error: Interrupted system call > > It doesn't matter which account we generate a key for, it always hangs > gaim. I've uninstalled and reinstalled gaim, gaim-otr, libotr1 and > libotr1-bin (debian sarge packages). Hmmm. A similar problem happened long ago on win32, and it turned out to be a bug in the Windows version of libgcrypt (the win32 libgcrypt entropy gatherer could get into an infinite loop). But it seems unlikely that debian would have the same issue. (Especially since it's worked before, and it's working for everyone else.) The "select() error: Interrupted system call" seems weird; what signal is being generated? Could you strace and/or ltrace and see what's going on? Does gaim end up blocked, or in an infinite loop (what state does "ps" show it being in)? Note that generating a key *should* hang gaim, but only for a second or so, while the key is being calculated. - Ian From ryan.bourque at gmail.com Thu Jun 30 16:39:51 2005 From: ryan.bourque at gmail.com (Ryan Bourque) Date: Thu, 30 Jun 2005 15:39:51 -0500 Subject: [OTR-users] gaim-otr hangs on generating key In-Reply-To: <20050630191824.GX8008@smtp.paip.net> References: <20050630191824.GX8008@smtp.paip.net> Message-ID: Hi Ian, Thanks for the quick reply. The server that's having the problem is getting rebuilt soon so once we get a fresh image on it, I doubt we'll have the problem after that since we've been using the plugin on many of our servers with no problems- I just thought the behavior kind of interesting. PS doesn't show the process blocked, but it isn't using any CPU either. Another tidbit: I've found that every now and then, maybe 1 in 20, it'll just work and generate the key. The error that an ltrace shows (when it hangs up) is: gaim: ath.c:181: _gcry_ath_mutex_lock: Assertion `*lock == ((ath_mutex_t) 0)' failed and the strace: getrusage(RUSAGE_SELF, {ru_utime={0, 796878}, ru_stime={0, 131979}, ...}) = 0 time(NULL) = 1120160820 times({tms_utime=79, tms_stime=13, tms_cutime=0, tms_cstime=0}) = 436037707 getpid() = 31770 getpid() = 31770 open("/dev/random", O_RDONLY) = 9 select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) read(9, "8U>\311\320\25\337\347\375U\356\340\276\35\376\311\355"..., 300) = 85 select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) read(9, "\332\10\202Zi\274\344b\6\305\230/T\31\252d\354\317\326"..., 215) = 85 select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) read(9, "8\6*\213\253\311/\357U\370?\266L\307b\274\r^\30\rU?\256"..., 130) = 85 select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) read(9, "5\316.\346\1\336G\16\334\37\315J\200\206\352\273\342\3"..., 45) = 38 select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = ? ERESTARTNOHAND (To be restarted) --- SIGCHLD (Child exited) @ 0 (0) --- waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG) = 31823 waitpid(-1, 0xbfff56b0, WNOHANG) = -1 ECHILD (No child processes) rt_sigaction(SIGCHLD, {0x80f7770, [CHLD], SA_RESTART}, {0x80f7770, [CHLD], SA_RE START}, 8) = 0 sigreturn() = ? (mask now []) write(2, "select() error: Interrupted syst"..., 40select() error: Interrupted sy stem call ) = 40 select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) select(10, [9], NULL, NULL, {3, 0} Yesterday I would have told you I was running on an actual physical server, but I just figured out that my hosting company has my "dedicated server" in a vm. That may be introducing some delay. I just just wondering if anyone had seen this kind of behavior before. Troubleshooting any further may be more trouble than it's worth. On 6/30/05, Ian Goldberg wrote: > On Thu, Jun 30, 2005 at 09:04:48AM -0500, Ryan Bourque wrote: > > I've recently been using gaim-otr with my own jabber server for a few > > months with no problems at all, but I recently changed the domain > > name, updated all of the accounts and wiped all of our user's gaim > > settings. > > > > Now whenever anyone attempts to generate a key, it hangs gaim and I > > have to manually kill the gaim process. The gaim debug output follows > > whenever I click on "Generate key": > > > > dns[11292]: nobody needs me... =( > > select() error: Interrupted system call > > > > It doesn't matter which account we generate a key for, it always hangs > > gaim. I've uninstalled and reinstalled gaim, gaim-otr, libotr1 and > > libotr1-bin (debian sarge packages). > > Hmmm. A similar problem happened long ago on win32, and it turned out > to be a bug in the Windows version of libgcrypt (the win32 libgcrypt > entropy gatherer could get into an infinite loop). But it seems > unlikely that debian would have the same issue. (Especially since it's > worked before, and it's working for everyone else.) > > The "select() error: Interrupted system call" seems weird; what signal > is being generated? Could you strace and/or ltrace and see what's going > on? Does gaim end up blocked, or in an infinite loop (what state does > "ps" show it being in)? > > Note that generating a key *should* hang gaim, but only for a second or > so, while the key is being calculated. > > - Ian > From ian at cypherpunks.ca Thu Jun 30 18:32:51 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 30 Jun 2005 18:32:51 -0400 Subject: [OTR-users] gaim-otr hangs on generating key In-Reply-To: References: <20050630191824.GX8008@smtp.paip.net> Message-ID: <20050630223251.GA8008@smtp.paip.net> The strace (particularly this part: > open("/dev/random", O_RDONLY) = 9 > select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) > read(9, "8U>\311\320\25\337\347\375U\356\340\276\35\376\311\355"..., > 300) = 85> select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left > {3, 0}) > read(9, "\332\10\202Zi\274\344b\6\305\230/T\31\252d\354\317\326"..., > 215) = 85> select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left > {3, 0}) > read(9, "8\6*\213\253\311/\357U\370?\266L\307b\274\r^\30\rU?\256"..., > 130) = 85 > select(10, [9], NULL, NULL, {3, 0}) = 1 (in [9], left {3, 0}) > read(9, "5\316.\346\1\336G\16\334\37\315J\200\206\352\273\342\3"..., > 45) = 38 > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) > select(10, [9], NULL, NULL, {3, 0}) = 0 (Timeout) ) leads me to believe that for some reason, your kernel is accumulating very little randomness in /dev/random [in fact, none at all for 18 seconds, here]. That seems odd, as things like disk accesses and mouse movements AFAIK add randomness. Is this an strace of gaim running on the virtual server, or on a client? If it's on the server, I can imagine that the (real) server machine isn't giving enough randomness to the virtual server's /dev/urandom. But I'm unclear on why one would run gaim on the server, and not on a client. - Ian