[OTR-users] AIM and shadow accounts
mcjathan
mcjathan1 at xmission.com
Mon Dec 28 11:03:43 EST 2009
Is there a target release date for this new code?
Gregory Maxwell wrote:
> As most OTR users on AIM know: If you log in from multiple places and
> talk to another OTR user you'll end up in an "OTR war" with the remote
> client that you can't hear.
>
> AOL tells you (sometimes?) about the second user on your account if
> its coming from another IP, but doesn't tell you if the clients share
> IP.
>
> The war stops if you log the remote client out, which can be done
> remotely by sending "1" to aolsystemmsg.
>
> I have recently observed OTR wars happening with my client when no
> other client I control could possibly be logged in, yet sending "1" to
> aolsystemmsg stops the war so it must have been my client duplicated
> rather than the remote party.
>
> I first observed this some months ago but I wasn't entirely sure that
> it couldn't have been another regular client of mine logged in but I
> changed my password anyways. Since it is still happening occasionally
> I can only speculate that something is sniffing my password on some
> network I use (since AIM sends it in the clear) or that some
> AIM-internal process is interfering with OTR.
>
> The latter possibility is especially concerning because it would be
> fairly easy to convince people to de-install OTR by occasionally
> subjecting them to this kind of behaviour.
>
> Is this something specific to the networks I use, or are other OTR
> users on aim seeing this?
> _______________________________________________
> OTR-users mailing list
> OTR-users at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-users
>
>
More information about the OTR-users
mailing list