From esurnir at gmail.com Thu Oct 1 13:45:47 2009 From: esurnir at gmail.com (Jean-Baptiste Zeller) Date: Thu, 1 Oct 2009 13:45:47 -0400 Subject: [OTR-users] OTR on iPhone In-Reply-To: <20090918182532.GI26140@thunk.cs.uwaterloo.ca> References: <56471b1e0909181038xa41bf81x487692d097441efd@mail.gmail.com> <20090918182532.GI26140@thunk.cs.uwaterloo.ca> Message-ID: <78ce815d0910011045o17a1d033p78a7d7b179ffa1d0@mail.gmail.com> I advise for those who want otr in the iphone to lobby beejive / ebuddy / im+ to include this feature ^^. The iphone can use the C library without a problem, all you need to do is get one of th established client to include it. Good luck. On Fri, Sep 18, 2009 at 2:25 PM, Ian Goldberg wrote: > On Fri, Sep 18, 2009 at 12:38:56PM -0500, Mike wrote: >> Hey all, >> >> I'm new to the list, so I apologize if this has been asked before, but I did >> a cursory scan through the archives and didn't see anything... >> >> Is there an iPhone client that supports OTR? >> >> If not, has anyone taken on this task? > > I don't know of one. ?BlackBerry and Android OTR clients should show up > not too long after our Java OTR library hits the streets (Soon! ?We > promise!), but I don't know about iPhone. > > ? - Ian > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > -- Jean-Baptiste Zeller From 2009q2 at googlemail.com Thu Oct 1 22:43:43 2009 From: 2009q2 at googlemail.com (200 9q2) Date: Fri, 2 Oct 2009 10:43:43 +0800 Subject: [OTR-users] OTR and TLS encryption to a network, good or bad? Message-ID: <6f5c885b0910011943g19747126r1d7361408fcf9fcd@mail.gmail.com> Plan to swich to jabber+OTR. Been looking for a nice Jabber+OTR opensource client. Couldn't find even 1(for windows). Probeble will give MirandaIM a try. Although im don't want to use a multie protocall client. Any one other sugestions?Why i register and now mail to this list is becaus i couldn't find the answer to the following question, but probebly you guys know: its somewhat unclear to me what is the best securty setup for jabber. I have two needs. OTR but even more so password theft provention. from what i read OTR suposed to offer plausible diniabilety, not that i would ever need it, but it sounds cool! If i use a secure connection to the network either SSL or TLS does this compromise some of the OTR merits? Is it better not using a encription on the transport layer since OTR will do the end to end encryption. Ore can these work togheter? Or would it ask to much possessing power (single core laptop)? If not using TLS on the network how to prefent password theft and save login? I am not looking for fancey clients or extra fitures. Just simle text massaging with max securty. What is the best way to go??i know OTR isn't specialy for jabber. But if their are some jabber users with aswers....thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ian at cypherpunks.ca Sat Oct 3 13:51:04 2009 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sat, 3 Oct 2009 13:51:04 -0400 Subject: [OTR-users] otr4j: OTR java library In-Reply-To: <20090929230939.GI31666@yoink.cs.uwaterloo.ca> References: <20090929230939.GI31666@yoink.cs.uwaterloo.ca> Message-ID: <20091003175104.GA31666@yoink.cs.uwaterloo.ca> On Tue, Sep 29, 2009 at 07:09:39PM -0400, Ian Goldberg wrote: > Sounds great! FYI: our own Java version just today entered "package it > for release" status. So probably tomorrow, but if not, Friday. Watch > this space. So it turned out to be Saturday. ;-) http://otr.cypherpunks.ca/java-otr-0.1.0.tar.gz It includes support for desktop (JCA) and BlackBerry (RIM), along with some sample clients in C, Java (desktop), and Java (BlackBerry). Have at it! - Ian From ananda.samaddar at vfemail.net Sat Oct 3 20:03:06 2009 From: ananda.samaddar at vfemail.net (Ananda Samaddar) Date: Sun, 04 Oct 2009 01:03:06 +0100 Subject: [OTR-users] OTR and TLS encryption to a network, good or bad? In-Reply-To: <6f5c885b0910011943g19747126r1d7361408fcf9fcd@mail.gmail.com> References: <6f5c885b0910011943g19747126r1d7361408fcf9fcd@mail.gmail.com> Message-ID: <4AC7E63A.7030906@vfemail.net> 200 9q2 wrote: > Plan to swich to jabber+OTR. Been looking for a nice Jabber+OTR opensource client. Couldn't find even 1(for windows). Probeble will give MirandaIM a try. Although im don't want to use a multie protocall client. Any one other sugestions? > Why i register and now mail to this list is becaus i couldn't find the answer to the following question, but probebly you guys know: > I'd use Pidgin + the official OTR plugin for Jabber on Windows. Ananda From paul at cypherpunks.ca Tue Oct 13 14:36:21 2009 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 13 Oct 2009 14:36:21 -0400 (EDT) Subject: [OTR-users] otr4j: OTR java library In-Reply-To: <20091003175104.GA31666@yoink.cs.uwaterloo.ca> References: <20090929230939.GI31666@yoink.cs.uwaterloo.ca> <20091003175104.GA31666@yoink.cs.uwaterloo.ca> Message-ID: On Sat, 3 Oct 2009, Ian Goldberg wrote: > So it turned out to be Saturday. ;-) > > http://otr.cypherpunks.ca/java-otr-0.1.0.tar.gz > > It includes support for desktop (JCA) and BlackBerry (RIM), along with > some sample clients in C, Java (desktop), and Java (BlackBerry). > > Have at it! cdriver/driver.c: In function ?main?: cdriver/driver.c:92: warning: format ?%d? expects type ?int?, but argument 2 has type ?size_t? cdriver/driver.c:96: error: too few arguments to function ?otrl_message_sending? cdriver/driver.c:103: warning: format ?%d? expects type ?int?, but argument 2 has type ?size_t? cdriver/driver.c:119: warning: format ?%d? expects type ?int?, but argument 2 has type ?size_t? Paul From Dominik.Holler at gmx.net Sun Oct 18 17:25:16 2009 From: Dominik.Holler at gmx.net (Dominik Holler) Date: Sun, 18 Oct 2009 23:25:16 +0200 Subject: [OTR-users] file transfer Message-ID: <20091018232516.3498b39a@sackgesicht> Hello, should I can send a file via jabber transfer while chatting otr encrypted via jabber to the same person a the same time? I tested this scenario from pidgin of ubuntu 9.04 to pidgin 8.04 and from pidgin 2.6.2 windows to pidgin 2.6.2 linux. My problem is, that the file sending is stopping, while sending OTR encrypted instant messaging. Without otr encryption I can send and chat at the same time. regards Dominik -- dominik.holler at gmx.net || PGP Key ID: FDEF2A0B -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ian at cypherpunks.ca Mon Oct 19 08:38:59 2009 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 19 Oct 2009 08:38:59 -0400 Subject: [OTR-users] file transfer In-Reply-To: <20091018232516.3498b39a@sackgesicht> References: <20091018232516.3498b39a@sackgesicht> Message-ID: <20091019123859.GD28145@thunk.cs.uwaterloo.ca> On Sun, Oct 18, 2009 at 11:25:16PM +0200, Dominik Holler wrote: > Hello, > should I can send a file via jabber transfer while chatting otr > encrypted via jabber to the same person a the same time? > > I tested this scenario from pidgin of ubuntu 9.04 to pidgin 8.04 and > from pidgin 2.6.2 windows to pidgin 2.6.2 linux. > My problem is, that the file sending is stopping, while sending OTR > encrypted instant messaging. > Without otr encryption I can send and chat at the same time. A student implemented OTR-enabled file transfer for a GSoC project this summer. It's in my queue of things to look at, and I expect to deal with it in November. - Ian From Dominik.Holler at gmx.net Mon Oct 19 08:48:34 2009 From: Dominik.Holler at gmx.net (Dominik Holler) Date: Mon, 19 Oct 2009 14:48:34 +0200 Subject: [OTR-users] file transfer In-Reply-To: <20091019123859.GD28145@thunk.cs.uwaterloo.ca> References: <20091018232516.3498b39a@sackgesicht> <20091019123859.GD28145@thunk.cs.uwaterloo.ca> Message-ID: <4ADC6022.7070307@gmx.net> Ian Goldberg schrieb: > On Sun, Oct 18, 2009 at 11:25:16PM +0200, Dominik Holler wrote: >> Hello, >> should I can send a file via jabber transfer while chatting otr >> encrypted via jabber to the same person a the same time? > > A student implemented OTR-enabled file transfer for a GSoC project this > summer. It's in my queue of things to look at, and I expect to deal > with it in November. > That sounds good. Hope this enhancement will fix the bug. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 260 bytes Desc: OpenPGP digital signature URL: From gmaxwell at gmail.com Wed Oct 21 17:34:18 2009 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Wed, 21 Oct 2009 17:34:18 -0400 Subject: [OTR-users] AIM and shadow accounts Message-ID: As most OTR users on AIM know: If you log in from multiple places and talk to another OTR user you'll end up in an "OTR war" with the remote client that you can't hear. AOL tells you (sometimes?) about the second user on your account if its coming from another IP, but doesn't tell you if the clients share IP. The war stops if you log the remote client out, which can be done remotely by sending "1" to aolsystemmsg. I have recently observed OTR wars happening with my client when no other client I control could possibly be logged in, yet sending "1" to aolsystemmsg stops the war so it must have been my client duplicated rather than the remote party. I first observed this some months ago but I wasn't entirely sure that it couldn't have been another regular client of mine logged in but I changed my password anyways. Since it is still happening occasionally I can only speculate that something is sniffing my password on some network I use (since AIM sends it in the clear) or that some AIM-internal process is interfering with OTR. The latter possibility is especially concerning because it would be fairly easy to convince people to de-install OTR by occasionally subjecting them to this kind of behaviour. Is this something specific to the networks I use, or are other OTR users on aim seeing this? From otr at spectralmud.org Wed Oct 21 23:41:22 2009 From: otr at spectralmud.org (Richard James Salts) Date: Thu, 22 Oct 2009 14:41:22 +1100 Subject: [OTR-users] AIM and shadow accounts In-Reply-To: References: Message-ID: <200910221441.22491.otr@spectralmud.org> On Thu, 22 Oct 2009 08:34:18 Gregory Maxwell wrote: > As most OTR users on AIM know: If you log in from multiple places and > talk to another OTR user you'll end up in an "OTR war" with the remote > client that you can't hear. > > AOL tells you (sometimes?) about the second user on your account if > its coming from another IP, but doesn't tell you if the clients share > IP. > > The war stops if you log the remote client out, which can be done > remotely by sending "1" to aolsystemmsg. > > I have recently observed OTR wars happening with my client when no > other client I control could possibly be logged in, yet sending "1" to > aolsystemmsg stops the war so it must have been my client duplicated > rather than the remote party. > > I first observed this some months ago but I wasn't entirely sure that > it couldn't have been another regular client of mine logged in but I > changed my password anyways. Since it is still happening occasionally > I can only speculate that something is sniffing my password on some > network I use (since AIM sends it in the clear) or that some > AIM-internal process is interfering with OTR. > > The latter possibility is especially concerning because it would be > fairly easy to convince people to de-install OTR by occasionally > subjecting them to this kind of behaviour. > > Is this something specific to the networks I use, or are other OTR > users on aim seeing this? I've seen this using xmpp/jabber from multiple locations, I'm not sure whether oscar/aim prefers one location over another but when I unticked automatically initiate otr conversations it stopped warring between each other. > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users From ian at cypherpunks.ca Sun Oct 25 19:08:55 2009 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 25 Oct 2009 19:08:55 -0400 Subject: [OTR-users] AIM and shadow accounts In-Reply-To: References: Message-ID: <20091025230855.GO7440@yoink.cs.uwaterloo.ca> On Wed, Oct 21, 2009 at 05:34:18PM -0400, Gregory Maxwell wrote: > As most OTR users on AIM know: If you log in from multiple places and > talk to another OTR user you'll end up in an "OTR war" with the remote > client that you can't hear. > > AOL tells you (sometimes?) about the second user on your account if > its coming from another IP, but doesn't tell you if the clients share > IP. > > The war stops if you log the remote client out, which can be done > remotely by sending "1" to aolsystemmsg. > > I have recently observed OTR wars happening with my client when no > other client I control could possibly be logged in, yet sending "1" to > aolsystemmsg stops the war so it must have been my client duplicated > rather than the remote party. > > I first observed this some months ago but I wasn't entirely sure that > it couldn't have been another regular client of mine logged in but I > changed my password anyways. Since it is still happening occasionally > I can only speculate that something is sniffing my password on some > network I use (since AIM sends it in the clear) or that some > AIM-internal process is interfering with OTR. > > The latter possibility is especially concerning because it would be > fairly easy to convince people to de-install OTR by occasionally > subjecting them to this kind of behaviour. > > Is this something specific to the networks I use, or are other OTR > users on aim seeing this? This is a long-standing issue with OTR when users are logged in multiple times simultaneously. We've got a fix coded up, but it's still pending review, which is slated to happen in November. - Ian From paul at cypherpunks.ca Thu Oct 29 12:56:55 2009 From: paul at cypherpunks.ca (Paul Wouters) Date: Thu, 29 Oct 2009 12:56:55 -0400 (EDT) Subject: [OTR-users] AIM and shadow accounts In-Reply-To: References: Message-ID: On Wed, 21 Oct 2009, Gregory Maxwell wrote: > As most OTR users on AIM know: If you log in from multiple places and > talk to another OTR user you'll end up in an "OTR war" with the remote > client that you can't hear. There is prerelease code you can grab from ftp.xelerance.com that have incorporated the fixes for this. I've been running it for over a month now. Paul From bdm at fenrir.org.uk Thu Oct 29 13:24:43 2009 From: bdm at fenrir.org.uk (Brian Morrison) Date: Thu, 29 Oct 2009 17:24:43 +0000 Subject: [OTR-users] AIM and shadow accounts In-Reply-To: References: Message-ID: <4AE9CFDB.2030408@fenrir.org.uk> Paul Wouters wrote: > On Wed, 21 Oct 2009, Gregory Maxwell wrote: > >> As most OTR users on AIM know: If you log in from multiple places and >> talk to another OTR user you'll end up in an "OTR war" with the remote >> client that you can't hear. > > There is prerelease code you can grab from ftp.xelerance.com that have > incorporated the fixes for this. I've been running it for over a month > now. Er, prerelease code for what exactly? OTR, Pidgin, something else? -- Brian