[OTR-users] about how the otr works (what if password get stolen)
Jean-Baptiste Zeller
esurnir at gmail.com
Sun Jun 15 15:31:15 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tatu Portin wrote:
| So, I would like to get a bit clarification... Now I think that OTR
| works by encryping the current conversation, so that other's can't
| see... what if someone uses the same computer, having pass and login for
| the im account? But I guess it prevent such happening, if he steal your
| username and pass, and try use by his own computer.. because if he
| hasn't stolen the private key, he can't indentify as the original
| person. So if someone takes your private key, username, and password,
| and logins to your im account from different computer, he can show up as
| you, for the OTR of the person he wants talk to?
|
| _______________________________________________
| OTR-users mailing list
| OTR-users at lists.cypherpunks.ca
| http://lists.cypherpunks.ca/mailman/listinfo/otr-users
If you think something phony is going on you can do a socialist
millionaire exchange again asking the person what was the previous
shared secret you used.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIVW4D5Zo8rPlqN+sRAr81AKCj8NY4aN5GHuppDBOkG3fTeEOCSACdEzW+
p25Ir/cpOvjkzvGJ1REcOy8=
=wR9M
-----END PGP SIGNATURE-----
More information about the OTR-users
mailing list