27 Sep
2015
27 Sep
'15
8:57 a.m.
the bad: - written in C and passing things around potentially unsafely. see the address parsing in network.c, the DHT code. needs a good audit. - poor network performance primitives with UDP - ok, not a problem because this won't need that scale - beauty of decentralization! :) - DHT is trivial to DoS. a known issue, but if you need survivability i'd chose pond over tox.
last time (more than a year ago) i checked they also send along the long-term signing keys of the communication participants making traffic analysis between peers quite possible. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt