a rankup port sniffing tool could break foldit encryption (if any)

Started by Seagat2011

Seagat2011 Lv 1

A recently noticed identical autosave solutions on my 1535 Puzzle

A malicious actor utilizing a network monitoring tool and or port sniffing tool could monitor foldit traffic for a rankup msg embedded within a downstream packet. the actor could then decode said packet (if encrypted), adding a malicious payload, to be downloaded on the end-users computer as an auto-save solution, unbeknownst to the end user. Effectively bypassing any proxy or NAT router. A so-called Man-in-the-Middle, or MIMs attack.

SOLUTION
All downstream packets should be encrypted and hand-shaked.

Seagat2011 Lv 1

I just realized auto-save solutions are generated on my computer, and do not come from the server, so looks like the problem is solely on my end.