On Tuesday, September 09, 2014 08:59:41 PM Andrew Savchenko wrote: My last response to this, as it is getting too OT
> Hello, > > On Sun, 07 Sep 2014 17:51:46 +0200 J. Roeleveld wrote: > > It probably works, provided all your contacts also use it. > > As long as the vast majority of my contacts use Skype and Yahoo, I will > > not > > be able to switch. If Kopete (and other generic IM clients) would add > > support for tox, then it would be easier. > > There is a tox plugin for pidgin in tox-overlay. That's nice for pidgin users. When others follow, uptake will be easier. > > Which trojan injection are you talking about? > > I'm talking about the following research: > https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact > =8&ved=0CB4QFjAA&url=https%3A%2F%2Fwww.blackhat.com%2Fpresentations%2Fbh-eur > ope-06%2Fbh-eu-06-biondi%2Fbh-eu-06-biondi-up.pdf&ei=9jAPVJH1AafnygOOiIHgDg& > usg=AFQjCNHeILDYY4k-nUUw8vPmUCJ86Eywbg&bvm=bv.74649129,d.bGQ > > Of course, skype protocol was likely changed since that time, but I > really doubt that functionality for remote execution of arbitrary > code was removed. That research was from 2006. Over 8 years ago. Do you avoid using Bind because of all the security bugs it had in 2006? What about OpenSSL, that one had a big one not too long ago. And I'm sure I can find plenty of exploits for the Linux kernel based on the versions in use in 2006. The Skype protocol has changed a lot over the years and older versions of the protocol have been deprecated and removed. If it is still in there, I'm certain it would be known, considering the amount of people using Skype these days. -- Joost
