PtokaX forum

PtokaX => Feature Proposals => Topic started by: onkel on 28 November, 2010, 16:29:19

Title: sugestion SSL
Post by: onkel on 28 November, 2010, 16:29:19
hey,

would it be possible to implement SSL to  PtokaX ?

ADC and so have it, but they dont have any GUI.
ADCH++ have a GUI, but have more bugs and crashes than it should have.

safty 1st :)

//onkel
Title: Re: sugestion SSL
Post by: PPK on 28 November, 2010, 16:53:18
It is possible, but no it will not be implemented in PtokaX.
Title: Re: sugestion SSL
Post by: onkel on 28 November, 2010, 16:54:33
why?
Title: Re: sugestion SSL
Post by: PPK on 28 November, 2010, 17:34:14
Because TLS  :P
Title: Re: sugestion SSL
Post by: maksis- on 28 November, 2010, 17:41:53
TLS is going to be added? Any timeframe? It has been TODO for some time: http://www.czdc.org/forum/index.php?topic=3219.msg16095#msg16095
Title: Re: sugestion SSL
Post by: PPK on 28 November, 2010, 20:20:58
No timeframe... non-windows version was in TODO atleast 5 years before was really created. And that was important thing, this is not much important  ::)
Title: Re: sugestion SSL
Post by: maksis- on 11 December, 2010, 22:30:08
No timeframe... non-windows version was in TODO atleast 5 years before was really created. And that was important thing, this is not much important  ::)

There's a small possibility that some people will start using ADCS during the waiting...  :P
Title: Re: sugestion SSL
Post by: PPK on 12 December, 2010, 02:30:07
That is acceptable for me  :P
Title: NMDCS support (TLS)
Post by: Hamachi on 26 June, 2011, 18:46:36
Maby add support for NMDCS ?
Title: Re: sugestion SSL
Post by: PPK on 26 June, 2011, 19:06:14
It is impossible to add something that is not documented...
Title: Re: sugestion SSL
Post by: Hamachi on 28 August, 2011, 15:18:28
NMDCS:xxxx.com:123

FlexHub have make nmdcs :)

[28-08-2011 15:16:25] <FlexBot> You are now connected through TLS, traffic to and from the hub is encrypted.
Title: Re: sugestion SSL
Post by: MisterFister on 03 April, 2015, 03:52:48
Hello,

i liked using PtokaX in past days because of its great community and many nice scripts but encryption became more and more important. That forced me to change to an adc compatible software to give my users a better protection because it is irresponsible to deny encryption, even google uses https in its search engine.

Does anybody here recognize the importance of encyrption?

Will PtokaX ever support the better and more secure adc protocol?
Title: Re: sugestion SSL
Post by: PPK on 03 April, 2015, 04:04:58
Encryption is important for few, but really is here too many private hubs who need that ? Or it is only for false security as in google example, because google is saving many data about users (like every search request) and give it to any law enforcer organisation on request :rolleyes:

And no, PtokaX will not support ADC. Because it is not better and not more secure. After 11 years of ADC development it is only bad copy of actual protocol and from user point of view here is no real difference.
Title: Re: sugestion SSL
Post by: MisterFister on 03 April, 2015, 04:49:22
Quote
is here too many private hubs who need that ?
really? 90% of all private hubs are sharing copyright protected stuff, that is fact. So 90% of all private hubs need a protection and the best way to protect chats or traffic is encryption, that is fact too.

Quote
Or it is only for false security as in google example, because google is saving many data about users
of course, google is no good example, but you talk about "saving user data", have u ever used a network sniffing tool like wireshark on ptokax? you can read EVERYTHING, all private messages, all main chat messages, all CTMs and so on, all in clear text. if you use ADCS you cannot sniff anything, because of its encryption.

Quote
After 11 years of ADC development it is only bad copy of actual protocol
the Advanced Direct Connect Protokol (ADC) is more than a bad copy, it is stable, supports many new nice features and it supports ENCRYPTION (ADCS)

Quote
from user point of view here is no real difference
the difference is that ADC supports ENCRYPTION with siphers like "DHE-RSA-AES256-SHA" or "ECDHE-RSA-AES256-SHA" and more, and you say this is a bad copy of NMDC? lol

give yourself a fair chance and think, think about your big community, think about the users here, as a developer you have the responsibility to give your community the possibility to protect the hubs with encryption.
Title: Re: sugestion SSL
Post by: PPK on 03 April, 2015, 05:36:17
really? 90% of all private hubs are sharing copyright protected stuff, that is fact. So 90% of all private hubs need a protection and the best way to protect chats or traffic is encryption, that is fact too.
Hubs not share data. Users share data. Important is encryption in client - client connection. Hub as something that is not sharing any data is safe.
have u ever used a network sniffing tool like wireshark on ptokax? you can read EVERYTHING, all private messages, all main chat messages, all CTMs and so on, all in clear text. if you use ADCS you cannot sniff anything, because of its encryption.
I know how dc protocol work, if you don't notice i'm hub and client developer. You think that you are safe with ADCS ? Wrong, because in ADCS is possible to use unsecure SSL and unsecure TLS 1.0.
the Advanced Direct Connect Protokol (ADC) is more than a bad copy, it is stable, supports many new nice features
Really ? Give me few and i show you that they are in dc too.
and it supports ENCRYPTION (ADCS)
the difference is that ADC supports ENCRYPTION with siphers like "DHE-RSA-AES256-SHA" or "ECDHE-RSA-AES256-SHA" and more, and you say this is a bad copy of NMDC? lol
And same is in DC as NMDCS...
give yourself a fair chance and think, think about your big community, think about the users here, as a developer you have the responsibility to give your community the possibility to protect the hubs with encryption.
Protect against what ? I was contacted by police multiple times. Every time they asked for users who share something and requested info about them. TLS can't protect agains that, becuase they simply joined hub and downloaded filelist and data from user. Of course they used TLS when was available :P And my hubs always running, because police can't do anything with them when they share no data ;)