horrorho
horrorho
I had a brief look at this, but I'm no expert so take it all with a pinch of salt. ``` POST /ajax_login HTTP/1.1 Host: www.dropbox.com User-Agent: ... Accept: text/plain,...
Sorry, rather late to the party. If you want a modern crypto library that's relevant to every day use then you need to support algorithms in common use. Remove them...
Hi, thank you for the feedback. It sounds like we agree more than we disagree. Implementation details/ auditing should be documented but this could be considered separate from criticisms of...
@zsck Whilst interesting my own view is that this would be a violation of the unsafe keyword semantics. [Unsafe](https://doc.rust-lang.org/book/unsafe.html) is for code that doesn't meet certain compile time guarantees, not...
@tarcieri MD5 isn't that broken for all applications. HMAC-MD5 is still in use and doesn't suffer the same levels of weakness, Apple for one still use it. Yes, they would...
@tarcieri That note needs to be reviewed in context. At no point do they mention, discuss or provide any solid evidence of an exploitable HMAC-MD5 vulnerability. The safety of HMAC...
Thanks for the feedback. Unfortunately as @mattandersen has also mentioned, the hardware model isn't an accurate gauge of the encryption mode. If all else fails, I'll have to code in...
@oct-test Hi. I can't offer direct assistance. I would recommend, if you haven't already done so, to look through some of the older tickets, particularly #38. @Blokh @dirkwirth et al:...
Hi. This isn't part of InflatableDonkey's functionality. I was going to suggest you take a look at [iphone-dataprotection](https://github.com/dinosec/iphone-dataprotection) but I see you've already opened a [ticket](https://github.com/dinosec/iphone-dataprotection/issues/22) there.
@AppleTechy Unless my heavy work schedule changes, it's unlikely I'll have time to add in the functionality for local backups. Sorry. It may sound rather odd, but I've never owned...