|
|
|
|
|
|
by hannob
2996 days ago
|
|
|
Read that:
https://github.com/TokTok/c-toxcore/issues/426 Note: The interesting part is not the vulnerability itself, that is relatively minor. The interesting part is where the tox developers explain that they don't really understand their code. |
|
|
"You are fucked if you get your key stolen. There are so many more fun things you can do if you steal someones key that I simply didn't bother trying to handle that case because it would not provide any actual security."
This seems like a pretty flippant attitude in a thread where other collaborators have already built anticipation for your response. I suppose it's possible irungentoo noticed this flaw and explicitly thought "this is outside of the scope of our security model, so I'll just leave that in there by design," but it seems much more likely that they hadn't considered it at all and are simply rationalizing after the fact. After all, if you recognize the negative security implications of a specific design decision and choose not to address it you are not really writing "secure" software. I think "I didn't consider what might happen if a secret becomes compromised" is obviously a bad look for security software.