I found this last night after a ton of digging but I don't know if it's true.... - Random

feld, 1 month ago

I found this last night after a ton of digging but I don't know if it's true. Strange that this isn't more widely publicized.

https://mtpsym.github.io/

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Image

Image alternative text

mischievoustomato, 1 month ago

@feld can someone not into cryptography and shit read this?

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

feld, 1 month ago

@mischievoustomato it's theoretical stuff like:

They may be able to affect the order of messages by spamming millions of crafted messages to your client

They may be able to intercept messages for a server (not decrypt, just get in the middle) by sending billions of crafted messages to the server

The crypto does too much work on data before validating it wasn't tampered with (checks the decrypted contents with a checksum, not the encrypted payload)

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Add comment