[OTR-dev] mod_otr: man in the middle implementation for ejabberd
Olivier Goffart
ogoffart at kde.org
Fri Mar 30 09:28:49 EDT 2007
Hello,
I have developed a module for ejabberd (A widely used Jabber server) that do
the man in the middle attack on OTR messages.
I made this module to show that it is not possible to make e2e encryption user
friendly. (for those who want an easy-to-use enabled-by-default e2e
encryption)
Lamda user (who doesn't really care about security) will not check
fingerprint.
So now, check your fingerprints :-)
mod_otr: http://ejabberd.jabber.ru/mod_otr
announcement: http://blog.bepointbe.be/index.php/2007/03/29/20-mod_otr
--
Olivier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20070330/b750a8f1/attachment.pgp>
More information about the OTR-dev
mailing list