Thanks for the statement! We, or I, pushed the thread because we didnt get any reply, i think this is a quite understandable situation that we push aggain and aggain until we get one. Dont you think?...

Why was the thread closed? The situation is not resolved and its known since atleast 1 1/2 years... cmon teamspeak.. Stop ignoring us! Atleast give us a feedback if you will do something about it at...

It seems like either Teamspeak did something aggainst this one server in particular (its not serverS, it was ALL one fake server on all screenshots) or they removed it by themeselve.

Lets see what...

@dante696

Can we get an offical statement on this?

It cant be that hard to fix.

Here is my idea:
Combind the licence-server and weblist. Check whatever licence and slots a IP has and check...

Its not only about this one server in particular but hopefully youre right.

So check this out:

18225

this is ALL one big fake server.

WTF is this?

*pushing* this aggain.

Why is this problem known but nothing done aggainst it? ATM many servers are flooding the list aggain. TS3Public.de for example got like 15 Servers in the list.. all fake...

Die Isolation sollte beim select in dem Fall keine Rolle spielen, da es sich um unterschiedliche Connections handelt.
Querry bleibt natürlich dennoch die bessere Wahl.

Siehe...

Das sind deutlich zu wenig Infos um konkret zu werden aber vom Prinzip in etwa:

1) Auslesen der Daten (https://www.tutorialspoint.com/sqlite/sqlite_select_query.htm)
2) Aufbereiten der Daten...

Well this kernel is so damn old :D

I know its offtopic that theese are just CVE critical enough to get a livepatch:...

+1

The message you have entered is too short. Please lengthen your message to at least 10 characters.

Thats basically it. But SHA-1 should still be replaced.




Since permissions are assigned based on the UID, it is a cryptography part in the chain.

The rest you posted is nothing new.

Finally some common sense.




there is enough stuff on github.

I gotta end it here. Good to see that you guys want to change the function, even tho a proper timeschedule would have been...

Thats not satisfying.



Thats a great explanation.. If you want to point out that you still need a valid private key for public key and this is almost impossible, yes i get that, thats something...

What is your point then?


Cant say that this is true. If you dont rub some salt in the wound, nothing will change.




we indeed thought about switching to mumble and will probabbly do so...

Since i didnt reverse engineered the software this is something i cant confirm but cant deny either.

Either way the function is obeselete and there simply is no reason a usage in 2019 is legit.
...

I know that the public key itself is longer, but the SHA1 hash has to be used internally, otherwise you couldnt add permissions based on the id.
And if this is the case, it does matter how long...

i fully understand that.
This is exactly the reason WHY i want them to start asap. Because it will take much work.

If you start "at some point in the future" they will star to create plans...

Sry but an undfined point in the future is not really a great goal.

You forget that attacks will be more and more efficient over time.
So there are 2 choices: switch now or wait until a...

So, first of all: the encryption is completely unaffected by that flaw since SHA1 is no encryption algorithm.

Secondly: i know that a exploit (e.g. creating a specific public id for a private key...

What kind of content? Music? voice? Voice might be fine with 72kbs but music you can clearly tell a differents. 64,128,320 and 1200+ lossless are quite easy noticed ;)

Thats good news, but a little more information is necessary.

What are you migration plans? When do you migrate? What happens to the existing identities? How will you mitigate the problems Chris...

The HASH-Function is broken, and its known since 14 Years, Teamspeak messed up by not switching years ago, and it seems like they tend not todo so in the near future and you say thats its fine?
Get...

BTW: The first theoretical attacks papers were published in 2005 and the NIST listed SHA-1 deprecated in 2011.. That was in Beta-Server times if i remember correctly?

Misstakes can happen and...

For me it looked like you try to cover stuff up, my bad. But next time think about messanging a user when you delete his post to clarify it for both parties.




So basically you say that legacy...

Why was my post about the used hash function deleted?

Does or does teamspeak not use SHA-1 for any kind of public/private key hashing?

Just deleting the post is not helpfull for anybody
...

Please tell me that teamspeak is not using a broken hash function for cryptograhpicly assigning permissions...

https://shattered.io/

You let it sound like 11,87kibs is more, but it equals 94,96kbps so its defenitly less.

However this is just the used bandwith which does not equal to quality since the used codec and compression...

Try disabling DTS (for now until its fixed)

Happy to help :) Thanks for investigating.

Id like to ask one more question for the opus update.

What is needed to that the clients benefits from it?
Does the server need a minimum version?...

Update: it seems to be related to 5.1 audio. Everything works fine when i connect via headset but as soon as i "pull the plug" (--> 5.1 audio in use) the client crashes.

regards

Update2: It...

Thanks.

I dont see anything special there, i will send you the log via PM.

regards

Where can i find the logs?

Cheers to the Opus 1.3 update :)

unfortunately, i get instant crash when i try to join a channel with opus music as codec.

any help?

regards

Was about to post the answer i got from support today.. noticed you allready answered here.

Thats great news. Hopefully we will see Version 5 soonish then.