jjohn Posted November 17, 2006 Share Posted November 17, 2006 This chat script feature... 1. acknowledge recipient for incoming call 2. require recipient to accept call 3. no server required, call directly to recipient 4. encrypted message using random encryption key, both parties have no idea what key is used in runtime It's been tested for a while, please let me know if you still find any bugs, thanks. Chat42.au3 Link to comment Share on other sites More sharing options...
sheck Posted November 18, 2006 Share Posted November 18, 2006 This chat script feature...1. acknowledge recipient for incoming call2. require recipient to accept call3. no server required, call directly to recipient4. encrypted message using random encryption key, both parties have no idea what key is used in runtimeIt's been tested for a while, please let me know if you still find any bugs, thanks.Nice app, but some suggestions : 1. No server config is fine is some cases, but when say one is behind a firewall and doesn't have Admin Rights to reconfigure it then one cannot get any calls. Would be nice if ur program was firewall compatable with would mean it needs a server to accept incomming connections.2. Random keys sound like a good idea against hacking, but it's sent over the net which defeats the purpose of encryption, cause if I have the key then I can decrypt the message.Maybe if you can program it to generate identical keys on both ends somehow at the time of connection, but keys are not sent over the net that would be more secure.Just my 2 cents. Live and Learn, 'cause Knowledge is Super Power. Link to comment Share on other sites More sharing options...
jjohn Posted November 18, 2006 Author Share Posted November 18, 2006 Nice app, but some suggestions : 1. No server config is fine is some cases, but when say one is behind a firewall and doesn't have Admin Rights to reconfigure it then one cannot get any calls. Would be nice if ur program was firewall compatable with would mean it needs a server to accept incomming connections.2. Random keys sound like a good idea against hacking, but it's sent over the net which defeats the purpose of encryption, cause if I have the key then I can decrypt the message.Maybe if you can program it to generate identical keys on both ends somehow at the time of connection, but keys are not sent over the net that would be more secure.Just my 2 cents.Thanks for your suggestions, to make this script more compatible with firewall, and if firewall is only blocking ports, change the port in script from 8000 to 80 or 8080 (most web browser port), if the firewall is blocking by software and/or by ports, than I must admit there is nothing I know to get around it.I like your innovative idea of generating key by script for each connection, with that unless people have a copy of your script and break it, it's much harder to hack into the message.FYI, this script will not sending any key out, it only send the key number, and it is lumped with the ip address on acceptance of call, so no key can be intercepted on transmission. The 9 encryption keys and strength of encryption can be changed as you got the script, so with all these security variables in hand, it certain increase the strength of protection against many hackings. Link to comment Share on other sites More sharing options...
sheck Posted November 18, 2006 Share Posted November 18, 2006 (edited) FYI, this script will not sending any key out, it only send the key number, and it is lumped with the ip address on acceptance of call, so no key can be intercepted on transmission. The 9 encryption keys and strength of encryption can be changed as you got the script, so with all these security variables in hand, it certain increase the strength of protection against many hackings.I'm sorry. I missed that. Then it means that users have to set the same encryption keys on both sides, which is a bit inconvienient when you have several people on the list. Tha's why I suggested some sort of automatic way to generate keys on both sides; to make it easier to use.P.S. I'm not trying to says that the program is useless or offend you in any way, just so you know. I'm trying to point out some issue (I think they are issues) that (I think) need to be fixed. Edited November 18, 2006 by sheckandar Live and Learn, 'cause Knowledge is Super Power. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now