Author Topic: PtokaX with SSL/TLS?  (Read 12673 times)

0 Members and 1 Guest are viewing this topic.

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
PtokaX with SSL/TLS?
« on: 12 November, 2007, 12:34:43 »
PtokaX with SSL/TLS in future?
maybe theres the only way to go... (i think)

PtokaX forum

PtokaX with SSL/TLS?
« on: 12 November, 2007, 12:34:43 »

imb

  • Guest
Re: PtokaX with SSL/TLS?
« Reply #1 on: 12 November, 2007, 18:04:14 »
As far I'm aware PPK has no interest in ADC. Wouldn't it be best for Ptokax to be leaders rather than followers?

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #2 on: 12 November, 2007, 18:26:54 »
i dont talk about adc protokoll ! i talk about the regular dc protokoll and the ptokax hubsoft, i think its time to crypt chats and traffic...
ptokax is one of the most popular hubsoft ever and i think its time for it to bring functions like tls/ssl to crypt chats (main/pm), the clients go this way too...

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #3 on: 12 November, 2007, 18:47:35 »
Why would one encrypt the server-client traffic?
Everything could have been anything else and it would have just as much meaning.

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #4 on: 12 November, 2007, 19:02:57 »
for the users privacy? secure?
encrypted messages on main or pm (chat arrival/to arrival)
its a good start in a saver future...

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #5 on: 12 November, 2007, 19:11:31 »
the question is not "why" !
the question is why not ?

why ftp over ssl?
why https?

big brother is inquisitive... ;)

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #6 on: 12 November, 2007, 19:13:47 »
the question is not "why" !
the question is why not ?

why ftp over ssl?
why https?

big brother is inquisitive... ;)

Because it makes no sense? If you're scared of the BB please unplug your computer.
Everything could have been anything else and it would have just as much meaning.

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #7 on: 12 November, 2007, 19:18:25 »
it makes no sense to encrypt all chat arrivals or to arrivals?
i dont think so...

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #8 on: 12 November, 2007, 19:26:15 »
it makes no sense to encrypt all chat arrivals or to arrivals?
i dont think so...

Sure, so the one who would like to see them does not sniff the packets but connects to the hub. :-P
Everything could have been anything else and it would have just as much meaning.

Offline PPK

  • Administrator
  • Emperor
  • *****
  • Posts: 1 475
  • Karma: +209/-22
  • PtokaX developer
Re: PtokaX with SSL/TLS?
« Reply #9 on: 12 November, 2007, 19:44:47 »
Imho hack TLS in DC++ for use in Direct Connect protocol is easy.
Question is why ?
1 ) What is too important on chat that it need encryption ?
2 ) When encrypt private message then encrypt it in way that hub can read them ? Or can't read them and allow new wave of spammer that we can't control ?
3 ) Encrypt other data, but are anything on them important ? Hub don't know what users downloading, and can know only partially what they sharing. Encrypt search result so hub don't know about user shares will disallow bad share checking, and here is always way to get that data in different way.
4 ) Does encryption deserve high cpu/mem and higher badwith usage ? Imho can't be possible to use that on 1000+ hubs ::)
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Offline PPK

  • Administrator
  • Emperor
  • *****
  • Posts: 1 475
  • Karma: +209/-22
  • PtokaX developer
Re: PtokaX with SSL/TLS?
« Reply #10 on: 12 November, 2007, 19:52:46 »
As far I'm aware PPK has no interest in ADC. Wouldn't it be best for Ptokax to be leaders rather than followers?
Why have interest in protocol that is not after many years finished (this week they make another compatibility break in it, so all implementations need to update to be compatible again). Why have interest in protocol that is copy of actual protocol, and missing things that we already have available in actual protocol (no standard op commands, no hublist/pinger support). ADC was obsolete when it was introduced, and is obsolete in actual version too. In ADC is nothing that is not possible with extension in Direct Connect protocol.
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #11 on: 12 November, 2007, 20:00:07 »
sorry PPK but the most hubowners with more than 1000 user dont use ptokax ::)

encrypting chat arrival/to arrival isn't a question about important chat stuff, it must be a standard in future...
why? because its possible! other hub developers have recognize it too
when its possible to crypt chats easaly, why not do it? its saver...

Offline PPK

  • Administrator
  • Emperor
  • *****
  • Posts: 1 475
  • Karma: +209/-22
  • PtokaX developer
Re: PtokaX with SSL/TLS?
« Reply #12 on: 12 November, 2007, 20:05:57 »
If is reason only "because its possible" then sorry, but that is not enough for me :P
You have one reason for implementing it, i have 3 reasons for not implementing it:
1 ) high cpu usage.
2 ) high memory usage.
3 ) higher badwith usage.
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #13 on: 12 November, 2007, 20:15:39 »
crypting chats makes sense because theres no way to sniff messages from the provider!
we are all sit in a glasshouse and i will paint the walls black, thats it...
high cpu usage?  do you have a pentium 1 233 with mmx?
high memory usage? lol
higher bandwith usage? yes of course, but the line speed goes faster every month! today user will have dsl6000 but next month cable with 16000
what do you think about the line speed next year?
theres no good reasons what do you have...

Offline PPK

  • Administrator
  • Emperor
  • *****
  • Posts: 1 475
  • Karma: +209/-22
  • PtokaX developer
Re: PtokaX with SSL/TLS?
« Reply #14 on: 12 November, 2007, 20:38:50 »
crypting chats makes sense because theres no way to sniff messages from the provider!
Yes encrypting messages makes sense... on private hub. But how much hubs is private ? When hub is not private then any encryption is false security because if you want data unencrypted then you simply join hub ;D
high cpu usage?  do you have a pentium 1 233 with mmx?
No, but many users have ;)
high memory usage? lol
Yes, most memory is used by send and receive buffers. More bandwith usage = more memory needed for buffers.
higher bandwith usage? yes of course, but the line speed goes faster every month!
Sad that my connection don't notice that, and is same for more than 3 years :'(
today user will have dsl6000 but next month cable with 16000
what do you think about the line speed next year?
I'm today using 384/128, and i have few last weeks throttled most ports from 6:00 to 22:00 because i'm with that "fast" connection overloading my isp AP ;D Something like dsl 6000 or cable 16000 is dream here. Only god knows what will be next year.
theres no good reasons what do you have...
Same is for your one reason.
My opinion about client->hub hub->client encryption on public hub is that it is false security wasting resources.
I'm seeing more important client->client encryption... but only to avoid isp p2p throttling.
Thats all, again when client is on public hub then it is false security because others on that hub can download filelist and files ::)
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #15 on: 12 November, 2007, 21:08:22 »
crypting chats makes sense because theres no way to sniff messages from the provider!

Do you think providers sniff messages in DC++ mainchats/PMs? Why would they? (I do not consider 'because they can' and 'why not?' real answers.)
Everything could have been anything else and it would have just as much meaning.

Offline pulsar

  • Junior Member
  • **
  • Posts: 16
  • Karma: +11/-0
Re: PtokaX with SSL/TLS?
« Reply #16 on: 12 November, 2007, 21:20:22 »
i talk about a fuction in gui -> enable/disable TLS/SSL

owners with low performance can disable it...

Offline PPK

  • Administrator
  • Emperor
  • *****
  • Posts: 1 475
  • Karma: +209/-22
  • PtokaX developer
Re: PtokaX with SSL/TLS?
« Reply #17 on: 12 November, 2007, 21:32:13 »
I know exactly what you want. But it is not only about adding one checkbox to PtokaX gui. That is easy, add one fake checkbox ;D But for real working encryption you need support from clients (when support from one client is not problem, i don't think that you can force all users on your hub to use that one client) and hublists (you need to notify clients that your hub use encrypted connections, for example in ADC way with diferent hub address prefix).
"Most of you are familiar with the virtues of a programmer. There are three, of course: laziness, impatience, and hubris." - Larry Wall

Offline ExtreeM

  • Forum Ace
  • *****
  • Posts: 83
  • Karma: +33/-6
Re: PtokaX with SSL/TLS?
« Reply #18 on: 16 December, 2007, 23:22:13 »
Quote
i talk about a fuction in gui -> enable/disable TLS/SSL

owners with low performance can disable it...

hmm secure file transfer is a big wish from many, so SSL/TLS is a very god way, encrypt the data send/recieved wow this would be awesome, but for the chat and pm?s i dont think its needed, well as little as it helps then i would wish a enable/disable function to the new API but only for data send/recieved, just my meaning of it :)

Offline Zlobomir

  • Newbie
  • *
  • Posts: 7
  • Karma: +5/-0
Re: PtokaX with SSL/TLS?
« Reply #19 on: 22 January, 2008, 01:46:10 »
...yep, not been posted... I prefer not to open a new topic...

Hello,

Sorry to be so stubborn with my first post, but imo encription is needed. And since it can be done as option, why not do it for chats, PMs and transfers. Please do not "care" so much about what owners and users need. Give them the choice. And let them know values, not just scare them away with "more, more, more resources". I am currently running two Yn hubs and one PtokaX. Well, Yn does not have Trivia inside. If you care for b/w usage f. ex., why have you set Trivia instead of letting owners use external bot? But when it comes to something really concerning security (anyone thought that 99% of the passwords are announced either in OP chat or via PM?) and impossible to do externally, you refuse. Do not get me wrong please, I am not looking to making a conflict, it is just my opinion.   
« Last Edit: 22 January, 2008, 01:48:53 by Zlobomir »

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #20 on: 22 January, 2008, 18:33:31 »
It cannot be done so long as clients do not support it.
Everything could have been anything else and it would have just as much meaning.

Offline NightLitch

  • Emperor
  • **
  • Posts: 1 455
  • Karma: +16/-0
Re: PtokaX with SSL/TLS?
« Reply #21 on: 22 January, 2008, 21:22:49 »
I just need to drop a message here...

I only say AESLua. can be added to PtokaX and all clients that has Lua Support. Only thing needed is a compiled luabit.dll for that particullar lua.dll.

I'm just saying here, I'm not doing...

Just to let everyone know that it is possible to make secured sending/receiveing between clients and hubsoft, and can be limited to only say Operators.

Just a drop message...  :P

NightLitch, over and out...
//NL

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 725
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Re: PtokaX with SSL/TLS?
« Reply #22 on: 23 January, 2008, 18:05:41 »
AESLua is confessedly slow. It would not fit for this purpose.
Everything could have been anything else and it would have just as much meaning.

Offline Zlobomir

  • Newbie
  • *
  • Posts: 7
  • Karma: +5/-0
Re: PtokaX with SSL/TLS?
« Reply #23 on: 31 January, 2008, 20:54:19 »
It cannot be done so long as clients do not support it.
You know, client devs just love to excuse with hub soft. :) imHo someone has to do the first step. For various reasons it is better to be the hub.


Offline Rahim

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
Re: PtokaX with SSL/TLS?
« Reply #24 on: 16 October, 2011, 09:08:00 »
why PtokaX dont support ssl ?? i dont use ptokax because dont have ssl, i use not secure public network and hub/www without ssl/tls is not good, any one can run wireshark or something like this and get all noencrypted data. Create disable/enable ssl button in PtokaX and all users will be happy :)

cheers!

PtokaX forum

Re: PtokaX with SSL/TLS?
« Reply #24 on: 16 October, 2011, 09:08:00 »