[tor-talk] Security Analysis of Instant Messenger TorChat

Blake Hadley moosehadley at gmail.com
Fri May 13 19:43:25 UTC 2016

On 5/13/16 3:39 PM, me at beroal.in.ua wrote:

> "TorChat  processes  contact  requests  and  updates  the  contact
> list  without asking  the  user's  consent." "An  attacker  can
> exploit  this  to add arbitrary contacts to the victim's contact list.
> . ." OMG, does any IM client allow this?
I think a few did back in the late 1990's
Today, that sort of thing is kinda insane.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20160513/73dce14d/attachment.sig>

More information about the tor-talk mailing list