The IP leak one is really interesting to me. Considering the quip regarding the ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jdmichal on Dec 22, 2021 \| parent \| context \| favorite \| on: Microsoft Teams: 1 feature, 4 vulnerabilities The IP leak one is really interesting to me. Considering the quip regarding the fact that centralized servers are performing the link preview operation because it's not using E2E encryption... But if it was, and the client machine was generating the preview, then wouldn't that force exposure of the client's IP to the remote server?

cjbprime on Dec 22, 2021 [–]

Yes, these are the tradeoffs between client side and server side link previews. (If the sending client does it, they could lie; if the receiving client does it it's a privacy leak and attack surface increase; if the server does it then it sees private data.)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact