[OTR-users] OTR mentioned in Snowden documents?
Mike Minor
mike at firstworldproblems.com
Wed Sep 11 11:27:08 EDT 2013
On Sep 11, 2013, at 7:47 AM, Mike Minor <mike at firstworldproblems.com> wrote:
>
> On Sep 6, 2013, at 10:02 AM, Nathan of Guardian <nathan at guardianproject.info> wrote:
>
>> On 09/06/2013 12:40 PM, Mike Minor wrote:
>>> I thought I might poke some discussion as to where the weaknesses might be in an OTR implementation where you are using the currently known best practices (verifying fingerprints, etc)
>> Excellent point, and true that if there were mass MITM on OTR sessions,
>> those of us who do verify would notice.
>>
>> One fear I have had has been around OTR4J (which we use in Gibberbot,
>> and others like Jitsi do as well) and our dependency on BouncyCastle
>> libraries, and Java, as well for that.
>>
>> With the recent weakness found in the Android PRNG, I fear there may be
>> other "oops" bugs, either intentional or not, somewhere in that stack.
>>
>> +n
>
> The constant "c49d360886e704936a6678e1139d26b7819f7e90" appears to be a malicious non-random seed for the prime256v1 curve that is found in BouncyCastle. Are you relying on it in your code?
Probably not - I think Moxie Marlinspike's TextSecure does though.
More information about the OTR-users
mailing list