Brian Warner
Brian Warner
It occurred to me today that the same approach I described for doing multiple PAKE algorithms without incurring a roundtrip, would also let you use a "sided" algorithm without adding...
What version of magic-wormhole are you using? And what OS? We might have managed to fix this in current trunk: could you try doing a git checkout and run from...
It's basically: * git clone ... * cd magic-wormhole * virtualenv ve * source ve/bin/activate * pip install . The "source" line modifies your $PATH to put the virtualenv's `ve/bin`...
I *think* this is a duplicate of #76, but could you take a look at the discussion there and see if you agree? (actually reusing the same code multiple times...
Ah, interesting. Let's see, allowing the same code to be reused multiple times also allows an attacker multiple guesses. We could mitigate this by making multiple-use codes longer: if you...
Probably emscripten, yeah.. several projects seem to have gone that path with success (I'd have to verify it, but I think the Electron-based Signal desktop app does something like that)....
Hm, I wonder if this calls for an option (probably an environment variable, or we could add a config file) to make the listening port not be random. As you...
Hm, according to https://docs.python.org/3/library/zipfile.html#zipfile-objects , that setting causes older timestamps to be truncated: any files older than 1980 will arrive on the new machine with a timestamp of january 1st...
Hm, good idea. There's a subtle failure mode we have to be careful about, though, where the transfer gets interrupted partway through. Basically we just need to stream into a...
Hm, maybe we need to launch `tar` or `zip` in a subprocess, and stream its data to the other side. We wouldn't know how large the zipfile will be ahead...