[OTR-users] OTR messaging is vulnerable to censorship
Ananda Samaddar
ananda.kumar.samaddar at googlemail.com
Sat May 17 12:52:10 EDT 2008
Hi, all
Apologies if this has already been discussed, I've googled this and the
mailing list archives do not appear to be searchable.
I'm no security or networking expert but consider myself to be a
reasonably competent Debian user. Out of curiosity I ran Wireshark to
do some traffic logging whilst engaged in an OTR chat session. From
this I discovered that all OTR messages begin with the string
'?OTR:' (without quotes).
Surely this means that IM providers could simply block OTR messages by
blocking all messages that contain the string '?OTR:'. There is a
precedent to potential blocking already established. MSN / Windows
Live messaging already blocks certain urls on their network
particularly ones containing php links. There is also speculation that
they might be blocking youtube links.
This is of concern to me as I use OTR to talk to friends in the PRC,
and it's well known that they heavily censor internet use in that
country.
If anyone can point me to a thread where this has already been
discussed then please do.
regards,
Ananda Samaddar
More information about the OTR-users
mailing list