ohhihohello57
|
Could you elaborate on what "encryption" you're talking about? And in what aspect? Login or messaging?
For login, up until AIM 6 the only options for authentication were XOR-based (deprecated) and MD5-based, which was used until 5.9, which was released in 2005 of all things. Both aren't really encryption per se. And to my knowledge Pidgin even in 2003 used whatever authentication method AIM's server supported, so there's no way to avoid that.
As for messaging, I doubt that will be doable since official AIM clients (AFAIK) don't support anything of the sort, and expecting that to be forced onto everyone wouldn't make much sense.
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
X3N0
|
ohhihohello57 Said: | 'Could you elaborate on what "encryption" you're talking about? And in what aspect? Login or messaging?
For login, up until AIM 6 the only options for authentication were XOR-based (deprecated) and MD5-based, which was used until 5.9, which was released in 2005 of all things. And to my knowledge Pidgin even in 2003 used whatever authentication method AIM's server supported, so there's no way to avoid that.
As for messaging, I doubt that will be doable since official AIM clients (AFAIK) don't support anything of the sort, and expecting that to be forced onto everyone wouldn't make much sense.' |
heres where md5 went..?
https://md5decrypt.net/en/
It can be decrypted, right here..online.
Those who follow the river, can fall in.
|
ohhihohello57
|
That's one of those rainbow table things where the hash and "decrypted" result are manually defined, and it's not perfect (which is good). In fact, I tried a long sentence, "abc", and "md5", all hashed to MD5, and decrypted it with the site, only to get errors stating the hashes weren't in the database. I probably should've specified that neither XOR or MD5 are "encryption". I just wanted to bring up how login for anything below AIM 6 isn't perfect.
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
X3N0
|
ohhihohello57 Said: | 'That's one of those rainbow table things where the hash and "decrypted" result are manually defined, and it's not perfect (which is good). In fact, I tried a long sentence, "abc", and "md5", all hashed to MD5, and decrypted it with the site, only to get errors stating the hashes weren't in the database. I probably should've specified that neither XOR or MD5 are "encryption". I just wanted to bring up how login for anything below AIM 6 isn't perfect.' |
Yes and the decryption of md5 is partly why, i dont know the story. So no im not pointing at that website, im sure theres an official story. So AIM6+ uses SSL? And it is?
;]
Those who follow the river, can fall in.
|
ohhihohello57
|
X3N0 Said: | 'So AIM6+ uses SSL? And it is?
;]' |
Well only for login though. AFAIK the rest is basically the same.
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
X3N0
|
Yeah, so i assumed ssl was only for websites. So its 443 port, tho. You can always self sign. I actually had a vps website up for a year and had one from a 'free' issuer.
Then begin to wonder something, i assumed it needed both.
I also had a text filed checked and a few other things, that i thought 'anchored' the site.
Then theres paid for ssl tickets...speaking of that id check here out.namecheap.com
Those who follow the river, can fall in.
|
Asha
|
SSL is used all ovver the place. I use SSL over XMPP, HTTPS, IMAP4 with E-mail and a Dozen other things.
The issue is that my Messages become unencrypted when my Spectrum 2 Server Changes my XMPP messages into AIM/OSCAR. This will only be fixed when iWarg AIM 6.x and moves to a more permanent provider like afraid.org.
As well as setting up HTTPS on his Web Server. He'll have to Self Sign everything and interested parties will need to import his CA Key, or he'll have to get his key signed by a Public CA.
|
ohhihohello57
|
I think right now it's for the better your gateway server decrypts messages since the OSCAR protocol by itself doesn't support encrypted messages as I said before. At some point however clientLogin became a thing which allowed support for SSL encryption of OSCAR messages, so when that's supported I guess that will solve your issue.
Also how will moving to another host fix the encryption, if any?
if (Nerd->Personality == (NERD_PERSON_FRONTFACING + NERD_PERSON_SMARTALEC)) { return; }
|
|