Security

Hi all,

 

I'd like to know how much attention has been put into making electricsheep safe (making sure neither sheep computation nor replay can be hijacked, whatever).

I'm thinking about this because replay is done by mplayer, that had (and will have again for sure) security issues...

Thanks for your attention,

Pierre.

I am careful, but we do

I am careful, but we do depend on curl and mplayer so DNS spoofing is possible.  Back in 2005 we were subject to a security audit and the results were:

The vendor was notified on November 18, 2005. The vendor was extremely
responsive and cooperative in regards to these security issues. All
issues are fixed in the CVS HEAD of Electric Sheep client development
and will be included in the next release.


The new Windows/Mac client has not been audited and may be buggier, but so far there's no evidence of any exploits.  Please let me know if you find any problems.


User login