[Pidgin] #8198: Pidgin client blocked by AOL (ICQ)

Pidgin trac at pidgin.im
Wed Jan 21 13:11:43 EST 2009


#8198: Pidgin client blocked by AOL (ICQ)
--------------------+-------------------------------------------------------
 Reporter:  init    |        Owner:  MarkDoliner
     Type:  defect  |       Status:  new        
Milestone:          |    Component:  ICQ        
  Version:  2.5.4   |   Resolution:             
 Keywords:          |  
--------------------+-------------------------------------------------------

Comment(by ramzai):

 Here is the information that one of Miranda developers (Vitaly Igonin)
 left on his blog on one of the popular russian social network (excerpts,
 loose translation).

 Today (21 Jan 2009) around 13.00 MSK (GMT-3) users of almost all
 unofficial clients got a message from user with UIN 1 that there client is
 not authorized for usage. Official ICQ site on the main page has a banner
 that tells that only official clients are supported and available for
 download.

 The login protocol proceeds in a common way: init, sending capabilities,
 loading roster and data. Somewhere around this time a client receives a
 message from UIN 1 and after that point a client cannot receive anything
 from server.

 Having decided that the Dec 8 situation has appeared again, we try to
 identify ourselves as the latest icq 6.5, but that was in vain. It seemed
 that AOL is now taking sent capabilities into account - so we have changed
 them to which icq 6.5 uses. This has helped, but only for the first time -
 the second login failed. It seems that there are changes in the login and
 init sequence, without strict following the protocol the client is
 considered `alternative`. QIP developers suggested that server needs an
 additional key that may be either inlined in the official client or
 calculated based on the data received from server.

 All those changes, strangely, affected only ex-USSR citizens. For example:
 this is a page for CIS users: http://persei.miranda.im/files/icq_ru.png ,
 and here for the rest of the world: http://persei.miranda.im/files/icq.png
 . So we can talk about planned attack on alternative clients, popular in
 CIS.

 UPD: a QIP developer suggested that the sent packages sequence id start
 value may be the case. Currently all unofficial clients are generating it
 at random. Understanding the algorithm of its generation may solve the
 problem.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/8198#comment:11>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list