PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward

DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...

Identity Spoofing

libp2p-secio is vulnerable to identity spoofing. The library doesn't ensure that the PeerId from the DstPeer matches the one obtained from the crypto handshake, allowing attackers to pretend to be other people...

Identity Spoofing

Overview Affected versions of libp2p-secio does not correctly verify that the PeerId of DstPeer matches the PeerId discovered in the crypto handshake, resulting in a high severity identity spoofing vulnerability. Recommendation Update to version 0.9.0 or later. References - PR 95 - GitHub Advisor...