christophebiocca / network_clipboard Goto Github PK

The Usage section talks about joining a "newtwork" (unless this is a Monty Python reference)

Put it in $XDG_CONFIG_HOME or $HOME/.config/ instead of polluting my home dir. See http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html

For OSX: http://stackoverflow.com/questions/3373948/equivalents-of-xdg-config-home-and-xdg-data-home-on-mac-os-x

Even with authentication (see #3), a MitM can observe valid message across the wire and then proceed to spam it repeatedly. Since there is only one shared clipboard on the receiver, the attacker can continuously overwrite the clipboard with old values preventing legitimate clients from functioning.

One possible solution: employ a monotonic ratchet on a per client basis. Since sessions are synchronous, both the sender and receiver should know the sequence number of the next message. The MitM shouldn't know the PSK, and so cannot advance the ratchet themselves. Messages not matching the expected sequence number can be discarded.

Specifically, once a connection is established, any new message is simply decrypted and shoved into the clipboard.

A MitM can observe the client handshake and then proceed to inject garbage into the receiver's clipboard. MAC'ing the individual messages (after encryption!) and verifying the MAC before decryption should do the right thing here.

A more sophisticated attacker can exploit mallaebility to alter known plaintexts. I'm struggling to come up with a good threat model for this specific scenario though :P