PDA

View Full Version : Peer To Peer Chat experiment



Yakman
06-27-2008, 06:34 PM
i wanted to learn about some kind of peer-to-peer-model, so a made a peertopeerchat program,

I'm done with it, so here you go, do what you want with it,
later, ill make a peer-to-peer version of my old program PaintPad, that will be win,


the packets are formatted in xml, using the JDOM library,

any packets received are simply forwarded to everyone, that way everyone see it,
its not a very secure way, i can think of at least 5 or 6 methods of attacking this network,

i also used the one-jar package so you dont have to lag the jdom.jar library all the time,

iv been working on this since december 2007, save for my exams and stuff, it took me a long time, and now im fairly sure its bug-free


before i released this, i tried to stir up some people to help me test it,
i only managed to get two people on it, but oh well, heres a screenshot anyway

http://img169.imageshack.us/img169/5093/p2pscreenshotdy7.th.png (http://img169.imageshack.us/img169/5093/p2pscreenshotdy7.png)

for more details, read the readme.txt which is a massive wall of text, containing far too much detail,

Dumpin
06-27-2008, 10:02 PM
shit you pwn, you should definently intergrate this in a game lol :P

Dan Cardin
06-27-2008, 10:27 PM
awesome!*jogs to the download link*
*takes it and runs*

Smartzkid
06-28-2008, 02:18 AM
I must be in heaven...

Amazing, yak; looking forward to read through your code (hurry up winrar...)

Harry
05-18-2009, 09:36 AM
http://i41.tinypic.com/2v81ekl.gif

Nice program yakman.

Update it to be more secure (maybe SSL?) and fix any of those packet problems? :)

Yakman
05-19-2009, 07:01 AM
http://i41.tinypic.com/2v81ekl.gif

Nice program yakman.

Update it to be more secure (maybe SSL?) and fix any of those packet problems? :)


<flame for bumping up a year old thread with a pointless suggestion>


you've shown you have really _epic_ understanding of security in general and ssl in particular. </sarc>


also, you cant read

there are other issues with security, this peer to peer model was not built with security as its
highest priority,



the thing that ssl in this case should have is mutual authentication, that means when the program does its key exchange, there cannot be a man-in-the-middle attack.

to get mutual authentication, there would need to be trusted certificate authorities which distribute everyones public key, and the program would need to have built into it a list of these certificate authorities.

all certificate authorities today charge for their service, and setting one up yourself for the sole purpose of serving this program is simply too much.


I dont think anyone will be exchanging credit card details or national security issues over my program, any kind of decent security would be the most impractical thing since the windows operating system.



harry, its obvious to me that you have no understanding of ssl apart from "OMG it cumz up wiv unfunny bytes in wpe!"

you've been very irresponsible bumping this thread up, with your fail attempt at a humourous picture, and your incompetent suggestions.


</flame for bumping up a year old thread with a pointless suggestion>

Richard
05-19-2009, 07:04 AM
To be fair Harry, yakman does have a point, you shouldn't have done that...

bullzeye95
05-19-2009, 07:07 AM
To be fair Harry, yakman does have a point, you shouldn't have done that...

EDIT: Agh, I read his post wrong. Sorry Richard and Harry.

Harry
05-19-2009, 07:11 AM
Why so flame :(

I said the program was good, it did not get attention, so I was just hoping more people would like it. No need to be an arse to me.

Jason2gs
05-19-2009, 07:11 AM
<flame for bumping up a year old thread with a pointless suggestion>


you've shown you have really _epic_ understanding of security in general and ssl in particular. </sarc>


also, you cant read




the thing that ssl in this case should have is mutual authentication, that means when the program does its key exchange, there cannot be a man-in-the-middle attack.

to get mutual authentication, there would need to be trusted certificate authorities which distribute everyones public key, and the program would need to have built into it a list of these certificate authorities.

all certificate authorities today charge for their service, and setting one up yourself for the sole purpose of serving this program is simply too much.


I dont think anyone will be exchanging credit card details or national security issues over my program, any kind of decent security would be the most impractical thing since the windows operating system.



harry, its obvious to me that you have no understanding of ssl apart from "OMG it cumz up wiv unfunny bytes in wpe!"

you've been very irresponsible bumping this thread up, with your fail attempt at a humourous picture, and your incompetent suggestions.


</flame for bumping up a year old thread with a pointless suggestion>

Agreed.

What on earth could make you possibly think that bumping this thread was a good idea?

Smartzkid
05-25-2009, 11:33 AM
+1 Yak. Nuff said.

mastaraymond
05-25-2009, 10:22 PM
Yeah what's the matter with you Harry? YOU LOST YA MIND?