a rankup port sniffing tool could break foldit encryption (if any)
|Opened on:||Saturday, June 23, 2018 - 15:11|
|Last modified:||Saturday, June 23, 2018 - 17:27|
A recently noticed identical autosave solutions on my 1535 Puzzle
A malicious actor utilizing a network monitoring tool and or port sniffing tool could monitor foldit traffic for a rankup msg embedded within a downstream packet. the actor could then decode said packet (if encrypted), adding a malicious payload, to be downloaded on the end-users computer as an auto-save solution, unbeknownst to the end user. Effectively bypassing any proxy or NAT router. A so-called Man-in-the-Middle, or MIMs attack.
All downstream packets should be encrypted and hand-shaked.