OK
https://otr.cypherpunks.ca/
Websites
Runtime: 916ms
On November 10, 2024, 01:54 PM UTC, https://otr.cypherpunks.ca/ was accessible when tested on AS6752 in Andorra.
Failures
HTTP Experiment
null
DNS Experiment
null
Control
null
DNS Queries
Resolver:
[scrubbed]
Query:
IN A otr.cypherpunks.ca
Engine:
system
Name
Class
TTL
Type
DATA
@
IN
A
198.96.155.5
TCP Connections
Connection to 198.96.155.5:443 succeeded.
HTTP Requests
URL
GET https://otr.cypherpunks.ca/
Response Headers
Content-Type:text/html; charset=utf-8Date:Sun, 10 Nov 2024 13:54:18 GMTServer:Apache/2.4.52 (Ubuntu)Vary:Accept-Encoding
Response Body
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Off-the-Record Messaging</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="Off-the-Record Messaging, Encryption, Authentication, Deniability, Perfect forward secrecy" /> <meta name="description" content="Off-the-Record Messaging" /> <meta name="robots" content="all" /> <link rel="stylesheet" href="main.css" type="text/css" /> </head> <body> <div id="title"> <!-- Donate button based on http://openclipart.org/detail/110275/glossy-button-with-3d-frame.-boton-brillante-con-marco-3d-by-ehecatl1138 --> <a href="donate.php"><img src="baseimg/donate_button.png" align="right" style="position:absolute; right:50px; top: 8px" alt="Donate!" /></a> <h1><a href="index.php" title="Home">Off-the-Record Messaging</a></h1> </div> <div id="nav"> <ul> <li><a href="index.php#news">News</a></li> <li><a href="index.php#downloads">Downloads</a></li> <li><a href="index.php#git">Source Code and Bugtracker</a></li> <li><a href="index.php#lists">Mailing Lists</a></li> <li><a href="index.php#docs">Documentation</a></li> <li><a href="index.php#faqs">FAQ</a></li> <li><a href="press.php">Press</a></li> <li><a href="software.php">Software</a></li> <li><a href="people.php">People</a></li> <li><a href="donate.php">Donate</a></li> </ul> </div> <div id="otr"> <p>Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing: </p> <dl> <dt><b>Encryption</b></dt> <dd>No one else can read your instant messages.</dd> <dt><b>Authentication</b></dt> <dd>You are assured the correspondent is who you think it is.</dd> <dt><b>Deniability</b></dt> <dd>The messages you send do <em>not</em> have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, <em>during</em> a conversation, your correspondent is assured the messages he sees are authentic and unmodified. </dd> <dt><b>Perfect forward secrecy</b></dt> <dd>If you lose control of your private keys, no previous conversation is compromised.</dd> </dl> </div> <h2><b>Primary download:</b> <a href="https://otr.cypherpunks.ca/binaries/windows/pidgin-otr-4.0.2.exe">Win32 installer for pidgin-otr 4.0.2</a> (<a href="binaries/windows/pidgin-otr-4.0.2.exe.asc">sig</a>) [<a href="#downloads">other downloads</a>]</h2> <div id="news"> <h2><a name="news">News</a></h2> <p class="date">9 Mar 2016</p> <dl> <dt>Security update: libotr version 4.1.1</dt> <dd><p>Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's machine.</p> <p>CVE-2016-2851 has been assigned to this issue.</p> <p>Please upgrade to libotr version 4.1.1 immediately.</p> <p>Users of libotr packages in Linux and *BSD distributions should see updated packages shortly.</p> <p>This security release includes the following updates: <ul><li>Fix an integer overflow bug that can cause a heap buffer overflow (and from there remote code execution) on 64-bit platforms</li> <li>Fix possible free() of an uninitialized pointer</li> <li>Be stricter about parsing v3 fragments</li> <li>Add a testsuite ("make check" to run it), but only on Linux for now, since it uses Linux-specific features such as epoll</li> <li>Fix a memory leak when reading a malformed instance tag file</li> <li>Protocol documentation clarifications</li></ul></p> </dd> <dt>pidgin-otr version 4.0.2 released</dt> <dd><p>This point release includes the following updates: <ul><li>Fix use-after-free issue during SMP</li> <li>Updated Spanish, German, Norwegian Bokmål translations</li> <li>New Danish translation</li> <li>The Windows binary has been linked with updated versions of libotr, libgcrypt, libgpg-error, and other supporting libraries</li></ul></p> </dd> </dl> <br style="clear: left;" /> <p class="news_more"><b><a href="news.php">More News...</a></b></p> </div> <div id="downloads"> <h2><a name="downloads">Downloads</a></h2> <div class="download download_left"> <h3>OTR library and toolkit</h3> <p>This is the portable OTR Messaging Library, as well as the toolkit to help you forge messages. You need this library in order to use the other OTR software on this page. [Note that some binary packages, particularly Windows, do not have a separate library package, but just include the library and toolkit in the packages below.] The current version is 4.1.1. </p> <p class="readme"><a href="README-libotr-4.1.1.txt">README</a></p> <p class="readme"><a href="UPGRADING-libotr-4.1.1.txt">UPGRADING</a> from version 3.2.x</p> <dl> <dt>Source code (4.1.1)</dt> <dd><a href="libotr-4.1.1.tar.gz">Compressed tarball</a> (<a href="libotr-4.1.1.tar.gz.asc">sig</a>)</dd> </dl> <h3 style="margin-top:4ex">Java OTR library</h3> <p>This is the Java version of the OTR library. This is for developers of Java applications that want to add support for OTR. End users do not require this package. It's still early days, but you can download <a href="java-otr-0.1.0.tar.gz">java-otr version 0.1.0</a> (<a href="java-otr-0.1.0.tar.gz.asc">sig</a>).</p> </div> <div class="download"> <h3>OTR plugin for Pidgin</h3> <p>This is a plugin for Pidgin 2.x which implements Off-the-Record Messaging over any IM network Pidgin supports. The current version is 4.0.2. </p> <p class="readme"><a href="README-pidgin-otr-4.0.2.txt">README</a></p> <dl> <dt>Source code (4.0.2)</dt> <dd><a href="pidgin-otr-4.0.2.tar.gz">Compressed tarball</a> (<a href="pidgin-otr-4.0.2.tar.gz.asc">sig</a>)</dd> <dt>Windows (4.0.2)</dt> <dd><a href="binaries/windows/pidgin-otr-4.0.2.exe">Win32 installer for pidgin 2.x</a> (<a href="binaries/windows/pidgin-otr-4.0.2.exe.asc">sig</a>)<br /> <a href="binaries/windows/pidgin-otr-4.0.2.zip">Win32 zipfile (manual installation) for pidgin 2.x</a> (<a href="binaries/windows/pidgin-otr-4.0.2.zip.asc">sig</a>) </dd> </dl> </div> <div class="download"> <h3>OTR localhost AIM proxy</h3> <p class="notice">This software is no longer supported. Please use an IM client with native support for OTR.</p> <!-- <p class="notice">Notice to Tiger iChat users: You need to be using OS X version 10.4.2 or later. Earlier versions have a bug that prevents iChat from connecting to an HTTP proxy. </p> --> <p>This is a localhost proxy you can use with almost any AIM client in order to participate in Off-the-Record conversations. The current version is 0.3.1, which means it's still a long way from done. Read the README file carefully. Some things it's still missing: </p> <ul> <li>Username/password authentication to the proxy</li> <li>Having the proxy be able to use <em>outgoing</em> proxies itself</li> <li>Support for protocols other than AIM/ICQ</li> <li>Configurability of the proxy types and ports it uses</li> </ul> But it should work for most people. Please send feedback to <a href="https://lists.cypherpunks.ca/mailman/listinfo/otr-users/">the otr-users mailing list</a>, or to <a href="mailto:otr@cypherpunks.ca">the dev team</a>. You may need the above library packages. <p class="readme"><a href="README-otrproxy-0.3.1.txt">README</a></p> <dl> <dt>Source code (0.3.1)</dt> <dd><a href="otrproxy-0.3.1.tar.gz">Compressed tarball</a> (<a href="otrproxy-0.3.1.tar.gz.asc">sig</a>)</dd> <!-- <dt>Linux/x86 (0.2.0)</dt> <dd><a href="binaries/debian/otrproxy_0.2.0-1_i386.deb">Debian testing/unstable</a></dd> <dd><a href="binaries/fedora/3/i386/otrproxy-0.2.0-1.i386.rpm">Fedora Core 3 RPM</a></dd> <dt>Linux/x86_64 (0.2.0)</dt> <dd><a href="binaries/fedora/3/x86_64/otrproxy-0.2.0-1.x86_64.rpm">Fedora Core 3 RPM</a></dd> --> <dt>Windows (0.3.1)</dt> <dd><a href="binaries/windows/otrproxy-0.3.1.exe">Win32 installer</a> (<a href="binaries/windows/otrproxy-0.3.1.exe.asc">sig</a>)</dd> <dt>OS X (0.3.1)</dt> <dd><a href="binaries/osx/otrproxy-0.3.1.dmg">OS X package</a></dd> </dl> </div> <br style="clear: left;" /> </div> <div id="git"> <h2><a name="git">Source Code Repository and Bugtracker</a></h2> <p>You can find a git repository of the OTR source code, as well as the bugtracker, on <a href="https://otr.im">the otr.im community development site</a>:</p> <ul><li>libotr git repo: <a href="https://bugs.otr.im/git/libotr.git">https://bugs.otr.im/git/libotr.git</a> ; <a href="git://git.otr.im/libotr.git">git://git.otr.im/libotr.git</a> </li> <li>pidgin-otr git repo: <a href="https://bugs.otr.im/git/pidgin_otr.git">https://bugs.otr.im/git/pidgin_otr.git</a> ; <a href="git://git.otr.im/pidgin_otr.git">git://git.otr.im/pidgin_otr.git</a> </li> <li>Bugtracker: <a href="https://bugs.otr.im">https://bugs.otr.im</a></li> </ul> <!-- Old information: <a href="http://sourceforge.net/p/otr/_list/git">the OTR sourceforge site</a>. You can also clone the repositories directly with <tt>git clone git://git.code.sf.net/p/otr/PROJECT</tt>, where <tt>PROJECT</tt> is one of <tt>libotr</tt>, <tt>pidgin-otr</tt>, <tt>java-otr</tt>, or <tt>otrproxy</tt>.</p> --> </div> <div id="mailing_lists"> <h2><a name="lists">Mailing Lists</a></h2> <p>If you use OTR software, you should join at least the <a href="https://lists.cypherpunks.ca/mailman/listinfo/otr-announce">otr-announce</a> mailing list, and possibly <a href="https://lists.cypherpunks.ca/mailman/listinfo/otr-users">otr-users</a> (for users of OTR software) or <a href="https://lists.cypherpunks.ca/mailman/listinfo/otr-dev">otr-dev</a> (for developers of OTR software) as well. </p> </div> <div id="documentation"> <h2><a name="docs">Documentation</a></h2> <h4>Installation and Setup Guides</h4> <p> <a href="https://securityinabox.org/en/pidgin_securechat">pidgin-otr tutorial from the Security-in-a-Box project</a><br /> <a href="http://www.youtube.com/watch?v=aV6-s9o9bVw">Video OTR tutorial</a> (by Niels)<br /> <a href="http://www.binaryspa.de/jabber-off-the-record/">Adium, Pidgin & OTR</a> (auf Deutsch, by Christian Franke)<br /> <a href="http://www.entartete-kunst.com/icq-verschluesselung-mit-otr/">Miranda, Pidgin, Kopete & OTR</a> (auf Deutsch, by Missi)<br /> <!-- <a href="http://rotz.org/archives/2005/05/otr_trillian.html">Trillian with OTR proxy</a> (<a href="http://www.project-porno.de/modules/icontent/index.php?page=12">German translation</a>, from HennR)<br /> --> <a href="http://chris.milbert.com/AIM_Encryption/">Adium X with OTR</a><br /> <a href="http://chris.milbert.com/AIM_Encryption/">OTR proxy on Mac OS X</a><br /> <a href="gentoo-install/otr-setup.html">pidgin-otr on gentoo</a> (from "X")<br /> <a href="debian-install/otr-setup.html">gaim-otr on Debian unstable</a> (from Adam Zimmerman)<br /> <a href="win-install/otr-setup.html">gaim-otr on Windows</a> (from Adam Zimmerman)<br /> <a href="ubuntu-install/otr-setup.html">gaim-otr 3.0.0 on Ubuntu</a> (from Adam Zimmerman). Note that Ubuntu breezy has gaim-otr 2.0.2 in it, and all you should have to do is "apt-get install gaim-otr".<br /> </p> <p><em>We would greatly appreciate instructions and screenshots for other platforms!</em></p> <h4>About OTR</h4> <p>Here are some documents and papers describing OTR. The <a href="otr-codecon.pdf">CodeCon presentation</a> is quite useful to get started. </p> <ul> <li><a href="Protocol-v3-4.1.1.html">Protocol description (version 3)</a></li> <li><a href="Protocol-v2-3.1.0.html">Protocol description (version 2)</a></li> <li><a href="http://www.cypherpunks.ca/~iang/pubs/otr_userstudy.pdf">Our SOUPS 2008 paper</a></li> <li><a href="http://www.cypherpunks.ca/~iang/pubs/impauth.pdf">Our WPES 2007 paper</a></li> <li><a href="otr-wpes.pdf">Our WPES 2004 paper</a></li> <li><a href="otr-wpes.ppt">Our WPES presentation (Powerpoint)</a></li> <li><a href="otr-wpes-present.pdf">Our WPES presentation (PDF)</a></li> <li><a href="otr-codecon.pdf">Our CodeCon presentation (PDF)</a></li> </ul> </div> <div id="faqs"> <h2><a name="faqs">Frequently Asked Questions</a></h2> <dl> <dt><b>What implementations of Off-the-Record Messaging are there?</b> </dt><dd>Please see our <a href="software.php">OTR-enabled software</a> page. The OTR functionality is separated into the Off-the-Record Messaging Library (libotr), which is an LGPL-licensed library that can be used to (hopefully) easily produce OTR plugins for other IM software, or for other applications entirely. </dd><dt><b>What is the license for the OTR software?</b> </dt><dd>The Off-the-Record Messaging Library is licensed under version 2.1 of the <a href="http://www.fsf.org/licenses/lgpl.txt">GNU Lesser General Public License</a>. The Off-the-Record Toolkit, the pidgin-otr plugin, and the OTR proxy are licensed under version 2 of the <a href="http://www.fsf.org/licenses/gpl.txt">GNU General Public License</a>. </dd><dt><b>How is this different from the pidgin-encryption plugin?</b> </dt><dd>The pidgin-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your <em>past</em> pidgin-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation! </dd><dt><b>How is this different from Trillian's SecureIM?</b> </dt><dd>SecureIM doesn't provide any kind of authentication at all! You really have no idea (in any kind of secure way) to whom you're speaking, or if there is a "man in the middle" reading all of your messages. </dd><dt><b>How is this different from SILC?</b> </dt><dd>SILC uses a completely separate network of servers and underlying network protocol. In some environments, such as firewalled or corporate setups, where a local proprietary IM protocol may be in use, SILC may not be available. Further, in its normal mode of operation, all SILC messages are shared with the SILC servers; if you want to send messages that can only be read by the person with whom you're communicating, you need to either (1) arrange a pre-shared secret in advance (which hampers perfect forward secrecy), or (2) be able to do a direct peer-to-peer connection to the other person's client, in order to do a key agreement (which may not be possible in a NAT or firewall situation). <!-- reference: http://silcnet.org/docs/draft-riikonen-silc-spec-08.txt section 4.6 --> </dd></dl> <p>Is your question not here? Ask on the <a href="https://lists.cypherpunks.ca/mailman/listinfo/otr-users">otr-users</a> mailing list! </p> </div> <div id="footer"> <div style="float:right; text-align:right"> <a href="http://validator.w3.org/check?uri=https://otr.cypherpunks.ca/"><img src="valid-xhtml10-blue.png" alt="Valid XHTML 1.0 Transitional" height="31" width="88" border="0" /></a><br /> <span style="font-size:smaller">Website design by Ekrem Erdem</span> </div> <address> <a href="http://www.cs.uwaterloo.ca/~iang/">Ian Goldberg</a> and <a href="people.php">the OTR Development Team</a> [<a href="gpgkey.asc">GPG release signing key</a>] </address> </div> </body> </html>
Resolver
Resolver ASN
AS6752
Resolver IP
[scrubbed]
Resolver Network Name
ANDORRA TELECOM, S.A.U.
Report ID
20241110T135335Z_webconnectivity_AD_6752_n1_PFEL0mmzzUAzoB5a
Platform
windows
Software Name
ooniprobe-desktop (3.9.8)
Measurement Engine
ooniprobe-engine (3.23.0)