On Sat, Aug 25, 2012 at 11:28:05PM -0400, Paul Wouters wrote: > On Sat, 25 Aug 2012, Ian Goldberg wrote: > > >So even after Alice and Bob have established an OTR session and are > >happily chatting, the current 4.x (master branch) code still has a copy > >of the private key used to generate Bob's COMMIT message stashed away. > >If Bob's computer's memory is compromised after that point, this private > >key may be able to be used to decrypt the first messages of the > >conversation. This is undesirable. > > But wouldn't the messages be in plaintext in memory anyway somewhere > in pidgin space? If you can read memory of the user, can't you get to > the plaintext anyway? Even with logging disabled?
I have no reason to believe pidgin necessarily stores old plaintexts in memory if, say, the conversation window is cleared (control-L) or closed. But more to the point, pidgin isn't the only application that uses libotr. > > polltime = otrl_polltime(userstate); > > > otrl_poll(userstate, uiops, uiopdata); > > > > every polltime seconds (or thereabouts; exactness is not important). > > The otrl_poll function will do any periodic cleanups necessary for > > forward secrecy purposes (and, I suppose, any other operations that > > should be done periodically, but none is needed at the moment). > > Seems fine, but I would really like to do some extended testing to see > how it works in practise. Definitely. Thanks, - Ian _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
