Skip to content
Snippets Groups Projects
Select Git revision
  • replace_gradle_witness
  • fix_nonlocalized_timestamp
  • fileStorage
  • implement-chunking
  • upgrade_roboletric_to_401
  • master default
  • implement-mailbox-contact-sessions
  • 541-faster-retransmission-eta
  • add_special_purpose_contacts
  • mailbox-b
  • mailbox
  • mailbox-jd
  • implement_mailbox_connection_manager
  • 1343-vanniktech-emoji
  • 541-allow-retransmission-if-faster
  • asp-temp
  • fix_performance_test_db
  • 514-allow-retransmissions-using-lower-latency-transports
  • implement-SyncSession-writer-error-handling
  • add_special_purpose_contacts_refactored
  • beta-0.16.16
  • beta-0.16.10
  • beta-0.16.11
  • beta-0.16.12
  • beta-0.16.13
  • beta-0.16.14
  • beta-0.16.15
  • beta-0.16.9
  • beta-0.16.1
  • beta-0.16.2
  • beta-0.16.3
  • beta-0.16.4
  • beta-0.16.5
  • beta-0.16.6
  • beta-0.16.7
  • beta-0.16.8
36 results
Search by author
  • Any Author
  • Julian Dehm Julian Dehm goapunk
1 author
  1. Jan 28, 2015
  3. Jan 07, 2015
  5. Jan 05, 2015
  7. Dec 29, 2014
    • akwizgran's avatar
      Don't try to erase secrets from memory. · 358166bc
      akwizgran authored 
      1. The things we're really trying to protect - contact identities,
message contents, etc - can't be erased from memory because they're
encapsulated inside objects we don't control.

2. Long-term secrets can't be protected by erasing them from memory
because they're stored in the database and the database key has to be
held in memory whenever the app's running.

3. If the runtime uses a compacting garbage collector then we have no
way to ensure an object is erased from memory.

4. Trying to erase secrets from memory makes the code more complex.

Conclusion: Let's not try to protect secrets from an attacker who can
read arbitrary memory locations.
      358166bc
  9. Dec 26, 2014
  11. Dec 22, 2014
  13. Dec 17, 2014
  15. Dec 14, 2014
  17. Dec 13, 2014
    • akwizgran's avatar
      Application layer keepalives to detect dead TCP connections. · d4fa656d
      akwizgran authored 
      DuplexOutgoingSession flushes its output stream if it's idle for a
transport-defined interval, causing an empty frame to be sent. The TCP
and Tor plugins use a socket timeout equal to twice the idle interval to
detect dead connections.

See bugs #27, #46 and #60.
      d4fa656d
  19. Dec 06, 2014
  21. Dec 05, 2014
  23. Dec 04, 2014
  25. Nov 25, 2014
  27. Nov 24, 2014
  29. Nov 13, 2014
  31. Nov 12, 2014
    • akwizgran's avatar
      Set max SDK version to 20. · 1bbdbc54
      akwizgran authored 
      Android L requires executables to be compiled with PIE support, so we'll
have to ship two Tor binaries.
      1bbdbc54
  33. Nov 09, 2014
  35. Nov 05, 2014
  37. Nov 04, 2014
  39. Oct 29, 2014
  41. Oct 08, 2014
  43. Oct 07, 2014
  45. Oct 06, 2014
    • akwizgran's avatar
      Patched tor and jtorctl for improved hidden service performance. · 9e5e2e2d
      akwizgran authored 
      Two changes have been made to Tor:

1. Set can_complete_circuit to false when the network is disabled, and
don't try to build introduction circuits while can_complete_circuit is
false. This avoids a situation where Tor tries to build introduction
circuits as soon as the network is re-enabled, all the circuits fail,
and then Tor waits 5 minutes before trying to build more.

2. Added a FORGETHS command to the control protocol which clears any
cached client state relating to a specified hidden service. This can be
used to flush state that's likely to be stale before trying to connect
to a hidden service with an unstable network connection.

Support for the FORGETHS command was also added to jtorctl.
      9e5e2e2d
  47. Oct 03, 2014
  49. Oct 02, 2014