We decided to audit libotr to gauge its general maturity. This post shares some of our work from the audit, and also some recommendations for software security relevant to the EFF Secure IM Scorecard work.
Journey of hunting for bugs in the WAG54G routers http daemon. The end goal of this research is to find a way to remotely flash C&C firmware (pre-auth), while learning a thing or two along the way... hey, we'd never actually touched MIPS assembly before this!
First part in a series of reviews against IM clients promoted by the EFF secure messaging scorecard, drawing from real examples to demonstrate the dependency between privacy and security. Findings have been patched in the latest release of RetroShare.