PtokaX with SSL/TLS? - Page 2
 

News:

29 December 2022 - PtokaX 0.5.3.0 (20th anniversary edition) released...
11 April 2017 - PtokaX 0.5.2.2 released...
8 April 2015 Anti child and anti pedo pr0n scripts are not allowed anymore on this board!
28 September 2015 - PtokaX 0.5.2.1 for Windows 10 IoT released...
3 September 2015 - PtokaX 0.5.2.1 released...
16 August 2015 - PtokaX 0.5.2.0 released...
1 August 2015 - Crowdfunding for ADC protocol support in PtokaX ended. Clearly nobody want ADC support...
30 June 2015 - PtokaX 0.5.1.0 released...
30 April 2015 Crowdfunding for ADC protocol support in PtokaX
26 April 2015 New support hub!
20 February 2015 - PtokaX 0.5.0.3 released...
13 April 2014 - PtokaX 0.5.0.2 released...
23 March 2014 - PtokaX testing version 0.5.0.1 build 454 is available.
04 March 2014 - PtokaX.org sites were temporary down because of DDOS attacks and issues with hosting service provider.

Main Menu

PtokaX with SSL/TLS?

Started by pulsar, 12 November, 2007, 12:34:43

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

PPK

PtokaX don't support and never will support SSL, actually when it was exploited it will not make any sense to add it  ;D http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/  :-X
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Rahim

"The vulnerability resides in versions 1.0 and earlier of TLS" add tls 3.0.  really ssl/tls is very important  :)
DEVIL TEAM - http://devilteam.pl/

PPK

Newest TLS version is 1.2. Most clients use DC++ secure sockets implementation. That implementation is using OpenSSL and supporting max TLS 1.0 :-X
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Rahim

yup i mean ssl 3.0, so do what you want, but some option encryption connection with ptokax is good idea :)
DEVIL TEAM - http://devilteam.pl/

PPK

SSL 3.0 is previous version to TLS 1.0, so it is unsecure and exploitable ::) Encryption is in my TODO list after IPv6 support, but i don' see reason to hurry with that... for that few private hubs who will use that, as it is not make sense to running public hub with encryption because public is not secure in any way  :P
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Hamachi

DChublist stats: PtokaX hubs: 369

There is maybe 100+ private hubs there use PtokaX.

More and more private hubs like to run TLS, go over to ADCH++ because of TLS support.


PPK

#31
Quote from: Hamachi on 18 October, 2011, 19:53:34
There is maybe 100+ private hubs there use PtokaX.
Maybe, not really  :P Real PRIVATE hub is private, that means it is not PUBLIC and listed on PUBLIC hublist ;D
Quote from: Hamachi on 18 October, 2011, 19:53:34
More and more private hubs like to run TLS, go over to ADCH++ because of TLS support.
Unsecure TLS 1.0 support ;D And no, they will not go to ADCH++ because it is unstable resource hungry crap  ;)
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Hamachi

I mean yes 369 public hubs, but there is 100+ private hubs there not are in public hub list, lot of the private hubs like to use TLS, i know some start to use ADCH++ because of TLS.

Unsecure TLS 1.0 support ???

PPK

Quote from: Hamachi on 19 October, 2011, 23:21:13
Unsecure TLS 1.0 support ???
You should read previous posts, last month was discovered hole in TLS 1.0 and all SSL versions http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/  ::) ADCH++ use OpenSSL for TLS and max supported TLS version is 1.0  :P
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

bastya_elvtars

After 4 years I still don't get the point if encrypting client-server traffic. ;)
Everything could have been anything else and it would have just as much meaning.

PPK

You want point ? I have one... "because we can" ;D
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

bastya_elvtars

Quote from: PPK on 22 October, 2011, 19:44:53
You want point ? I have one... "because we can" ;D

We can also change every text message to 'FUCK YOU', still we don't do that. :P
Everything could have been anything else and it would have just as much meaning.

PPK

But here is small difference... users want to be fucked with TLS, not with "fuck you" messages ;D
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

SMF spam blocked by CleanTalk