[OTR-users] OTR mentioned in Snowden documents?
Nathan of Guardian
nathan at guardianproject.info
Thu Sep 12 13:32:33 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/12/2013 01:21 PM, The Doctor wrote:
> What about a vulnerability in the IM client (not the OTR plugin)
> that allows an attacker to grab messages post-decryption or
> pre-encryption (ala Skype surveillanceware)?
Or as has been already pointed out perhaps, a vulnerability in the
PRNG that generates the key in the first place:
http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
Should that case of "oops" be re-opened to determine who committed the
so-called mistake?
+n
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSMfqwAAoJEKgBGD5ps3qpPkoQAKjKe2060NYBVUouyej55NV0
vA55lo2aF32YkWPt+AYywH07kNWJSqipYy4/2xppnPh+/paOdXC4tSMM5a151uel
WH1hVmPWjfjsFtzkboQ97B0vUhrYzXWabsIuhY7pygCeapWiSyHzhwBhf9iXmFH7
GhravVvfUEA+AqQ4WWPdoHgRaDK8zgDy5a/QIFW7JOCVllqlR+Qr8pDgG2iPAjyK
ASIyf3KJLAcQtUWeoMaGywuTqyrE4nEimsq4vSysD3FAonisQZ7EYwWxl6CezT5n
i1OqAradV4ratw0P7MUZcx8MCh4RQTMQEzPeixw7jmiKTARpvua21zQcRTYs6HBt
E/MT8/8V3tG+E11hM4mi8H5ba4hasW/Ok+YP8ctegLRQFOFjSL0I6Vg9xnZDuoKz
nkvG7KWgV3hwmviC7Yhvsm5UVM8ljg4pumALApzqDFx0hrNVghBtHlCgYAEvYxEG
ZyF1wO1xxy5GK1iVx0mVR4CW9Gaek8UpuUqcoFwyPL+ianydInto4ZhRgFap1CBy
5z/w3/535ums6/0NzLysfYNY8zD1pA3Z1csOUljvxzNrAMyCVXVei2Jk2OUeyjjm
TgHYPGdCcz9oMcP0GNEB78z15A3HxenRUVWNY2iQDskTWM9BUnkInr/N8oAE4KGW
D8HsR+MnvBjwI6LG55fP
=NYzE
-----END PGP SIGNATURE-----
More information about the OTR-users
mailing list