New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarification on OTR functionality in Legacy Conversations #2943
Comments
I don't think the protocol actually specifies how to do verification. If
you are under any sort of risk I can only advise not to use OTR. It has
been removed for a reason.
|
I think that's false. From https://otr.cypherpunks.ca/index.php#faqs
From https://otr.cypherpunks.ca/Protocol-v3-4.1.1.html
From https://otr.cypherpunks.ca/help/authenticate.php
The fact you are apparently unaware of this is very troubling, indeed. |
That was also my impression, but the author is indicating he did not properly implement such a mechanism. So it remains unanswered, whether OTR in Conversations ever vulnerable to a MITM due to no actual verification. The fact that I can't get a straight answer to this question is really disappointing. |
I’m not sure whats not to understand if I say that Conversations didn’t do any sort of verification. |
Are you purposefully being facetious? Conversation prompted to verify OTR participants' identities, exactly like @licaon-kter showed in the screenshot, either through Q&A or by manually verifying fingerprints. So what I don't understand is why you keep saying there's no verification - was the aforementioned functionality not effectual, or do you mean something else entirely by "verification"? |
I receive a warning about "OMEMO fingerprint blindly trusted" or something similar, but not when setting up OTR (yet). It would seem to me that the OMEMO implementation is the one that's dangerous, not OTR. I'm using 1.23.8 |
@jesse-git Settings-Expert-Disable BTBV Read about BTBV here: https://gultsch.de/trust.html |
Thank you for that explanation and for preserving the "classic" behavior as an option. I, for one, am the type of user who wants to verify keys if at all possible and am willing to spend the extra couple of minutes doing it. |
Yeah I also noticed that at some point the default became to blindly trust instead of verifying keys. I thought it very strange at the time (and still do) in such a security/privacy focused app. Whenever I turn new people on to Conversations and XMPP I always explain what MitM attacks are and why it's important to verify keys. And then we do it together. It only takes a few moments. Incidentally, I also noticed that the barcode scanner finally works to do this, making it even easier! |
So why do you made OTR available in the 1st place if you now admit that it wasn't correctly implemented, knowingly? What you saying is that everyone who used OTR in conversations was betrayed by fake security from the start. |
Hi,
In #2908, it was said:
What does the latter clause mean? Do you mean that OTR was not implemented properly and users of Conversations were/are vulnerable to a man in the middle attack? Or do you mean that an OTR session also required the additional step of identity verification? Please clarify whether Legacy Conversations, which still has OTR functionality, actually implements the protocol properly.
Thanks
The text was updated successfully, but these errors were encountered: