Share good ideas and conversation.   Login, Join Us, or Take a Tour!
comment by user-inactivated
user-inactivated  ·  2074 days ago  ·  link  ·    ·  parent  ·  post: Tin-Can discussion on /r/Android

just a thought, how will tincan handle manipulation of messages by malicious clients?




mk  ·  2074 days ago  ·  link  ·  

JakobVirgil is your guy here.

JakobVirgil  ·  2074 days ago  ·  link  ·  

the messages are stored in a encrypted lump. your signature will be unique. Even if both of us want to be called steve tin-can will keep us separate. by assigning a 2 utf-16 suffix on your tag. I may be steve-山蛋 and you steve-산ಡಿ (steve mountian eggs and steve acid D if any one is playing) the suffixes are optionally hidden

user-inactivated  ·  2074 days ago  ·  link  ·  

is there a centralized database of such associations are are they generated locally when a new message signature is received?

JakobVirgil  ·  2074 days ago  ·  link  ·  

no centralized database. When you name yourself you your suffix is a hash.

user-inactivated  ·  2073 days ago  ·  link  ·  

not sure i understood that. is the name's suffix a hash of the corresponding key? how will you handle hash collisions?

JakobVirgil  ·  2073 days ago  ·  link  ·  

Great question the outcome would be spoofing - writing messages and miss-attributing them (can you still do that on email?) The user name is folded in with message so that would be a bit harder do than in email were one just has to change some text. accidental collisions will of course be rare although the soccer pitch problem 4294967295 /4294967296 * 4294967294 /4294967296 ... (4294967296 - n - 1)/4294967296

should we tack on another char?

user-inactivated  ·  2073 days ago  ·  link  ·  

why not ten? don't make your decisions based on accidental collisions, if your app is useful at all there will be people searching for collisions maliciously

JakobVirgil  ·  2073 days ago  ·  link  ·  

Exactly accidental collisions even if the hash was random would be rare there would have to be more than 2 billion steves before the chance of collision became likely.

as it stands tin-can is more spoof resistant than email. The signature is not in plain text standard editors would not be effective in changing it. It is assigned at installation making forced selection quite a bit of a chore.

I need to thank you for this line of questions it is making me think that the encryption and the hash should perhaps not be made public.

user-inactivated  ·  2073 days ago  ·  link  ·  

hop on irc and ping me when you get the chance

user-inactivated  ·  2071 days ago  ·  link  ·  

There's a hubski irc channel?

mk  ·  2071 days ago  ·  link  ·  

Yep.

irc.gamesurge.net #hubski

JakobVirgil  ·  2073 days ago  ·  link  ·  

okay dokey

user-inactivated  ·  2073 days ago  ·  link  ·  

you disappeared :x

JakobVirgil  ·  2073 days ago  ·  link  ·  

sorry