| 1 |
On Tuesday, September 09, 2014 08:59:41 PM Andrew Savchenko wrote: |
| 2 |
My last response to this, as it is getting too OT |
| 3 |
|
| 4 |
> Hello, |
| 5 |
> |
| 6 |
> On Sun, 07 Sep 2014 17:51:46 +0200 J. Roeleveld wrote: |
| 7 |
> > It probably works, provided all your contacts also use it. |
| 8 |
> > As long as the vast majority of my contacts use Skype and Yahoo, I will |
| 9 |
> > not |
| 10 |
> > be able to switch. If Kopete (and other generic IM clients) would add |
| 11 |
> > support for tox, then it would be easier. |
| 12 |
> |
| 13 |
> There is a tox plugin for pidgin in tox-overlay. |
| 14 |
|
| 15 |
That's nice for pidgin users. When others follow, uptake will be easier. |
| 16 |
|
| 17 |
> > Which trojan injection are you talking about? |
| 18 |
> |
| 19 |
> I'm talking about the following research: |
| 20 |
> https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact |
| 21 |
> =8&ved=0CB4QFjAA&url=https%3A%2F%2Fwww.blackhat.com%2Fpresentations%2Fbh-eur |
| 22 |
> ope-06%2Fbh-eu-06-biondi%2Fbh-eu-06-biondi-up.pdf&ei=9jAPVJH1AafnygOOiIHgDg& |
| 23 |
> usg=AFQjCNHeILDYY4k-nUUw8vPmUCJ86Eywbg&bvm=bv.74649129,d.bGQ |
| 24 |
> |
| 25 |
> Of course, skype protocol was likely changed since that time, but I |
| 26 |
> really doubt that functionality for remote execution of arbitrary |
| 27 |
> code was removed. |
| 28 |
|
| 29 |
That research was from 2006. Over 8 years ago. |
| 30 |
Do you avoid using Bind because of all the security bugs it had in 2006? |
| 31 |
What about OpenSSL, that one had a big one not too long ago. |
| 32 |
And I'm sure I can find plenty of exploits for the Linux kernel based on the |
| 33 |
versions in use in 2006. |
| 34 |
|
| 35 |
The Skype protocol has changed a lot over the years and older versions of the |
| 36 |
protocol have been deprecated and removed. |
| 37 |
|
| 38 |
If it is still in there, I'm certain it would be known, considering the amount |
| 39 |
of people using Skype these days. |
| 40 |
|
| 41 |
-- |
| 42 |
Joost |
Archives