[Pidgin] #16711: Randomize manual filetransfer port range
Pidgin
trac at pidgin.im
Thu Jul 9 12:41:05 EDT 2015
#16711: Randomize manual filetransfer port range
-------------------------+--------------------------
Reporter: Beanow | Owner:
Type: enhancement | Status: new
Milestone: | Component: pidgin (gtk)
Version: 2.10.9 | Keywords:
-------------------------+--------------------------
Because the "automatic router port forwarding" option caused issues for
me, I opted for a manual port range.
Using this I noticed a privacy issue. File transfer ports (using
http://xmpp.org/extensions/xep-0065.html socks5 bytestreams) always start
at the beginning of this range. Which will leak to your contact's client
and server how many file transfers you currently are performing if they
can guess/deduce the first port in the range.
I suggest to always take a random (available) port from the range instead
of starting at the beginning.
--
Ticket URL: <https://developer.pidgin.im/ticket/16711>
Pidgin <https://pidgin.im>
Pidgin
More information about the Tracker
mailing list