Re: [coldsync-hackers] Ritual Packets and origination of long arguments

["Cliff L. Biffle" <cbiffle at safety dot net>]

On Wednesday 06 March 2002 10:11 am, you wrote:
> 	The next question is, can you hack up a ritual exchange that
> reliably works for you? (Possibly after doing great violence to the
> code.)

Working on that now.  The Clie, it seems, will respond with an 'invalid 
packet' error to an initial sysinfo request that -doesn't- include the 
mystery block.

I do need some advice in regards to USBSnoopy's dumps, though.  Between every 
couple of packets that I can identify as being DLP is a 6-byte packet with 
what looks like a serial number (of the frame -- i.e. increases by one for 
each 16 bytes of the message) and a size (which is sometimes wrong).  Is this 
traffic from one of the encapsulating protocols, or is this a DLP feature?  I 
haven't been able to find any obvious distinguishing features (flags set, 
etc.).

> 	Can it then be fixed to work for others? If this is in fact a
> large-arguments version of DLP, can this stuff be generalized? And,
> well, further questions.

I'll go back over the list and look at dumps from other PalmOS 4 units, but I 
don't have access to any locally.

This whole ritual exchange is beginning to look rather like some sort of 
challenge-response, except that no challenge-response protocol in its right 
mind would just reverse the byte order of the challenge and pass it back. :-)

More on this later.

-Cliff Biffle

-- 
This message was sent through the coldsync-hackers mailing list.  To remove
yourself from this mailing list, send a message to majordomo@thedotin.net
with the words "unsubscribe coldsync-hackers" in the message body.  For more
information on Coldsync, send mail to coldsync-hackers-owner@thedotin.net.