January 21, 2009 at 19:04About what happened to ICQ today (part 1)
So, at the request of Shoohurt, I’m telling everything that is known to us (the Miranda IM development team) at the moment about AOL tricks.
Today, at about 13:00 Moscow time, almost all users of unofficial clients, after entering the network and downloading the contact list, received from the user with UIN 1 a message that the version of the client being used was not used and was unauthorized. A message appeared on the official website right on the main one stating that from now on only official versions of programs are supported, which can be downloaded right here.
Users who were already on the network did not feel any changes and were not disconnected from the server. For those who tried to connect in the first hour and a half, it turned out with varying success: this is because the icq network is distributed and consists of many servers, and even after logging in you can be transferred to another one, and apparently the changes were applied to them take turns.
Some technical details. The login procedure proceeds quite normally: the protocol is initialized, capabilities are sent, the server contact list and its own data are loaded. Around this time, a message comes from number one, and after that it becomes impossible to get anything from the server.
Having decided that the situation was repeated on December 8, when clients stopped working due to the fact that they identified themselves as icq5.1 and earlier versions during login, we tried to identify ourselves as icq6.5 of the latest model. It did not bring any results. It became clear that this time AOL went through a deep defense - apparently, the sent caps (capabilities, information about protocol chips supported by the client) have already begun to be taken into account. Indeed, replacing their set with the one that uses icq6 helped, but only during the first login - if you reconnect after that, then this will not help. Apparently, some changes were made to the login and initialization sequence, if not performed, the client is considered an alternative. QIP developers have suggested that the server needs some additional key, which can either be simply wired to the client, or be calculated based on the information received from the server. They are currently also working hard to find the cause of the client’s failure.
I hope in the coming days - two we will find the reason.
In addition, I want to note an interesting fact - these changes affected only residents of the CIS countries. When I contacted our developers from the Czech Republic and Germany, they were slightly at a loss - everything worked perfectly for them. In addition, we were able to successfully connect from Miranda using an American proxy server, so there are suspicions that this is a targeted blocking of alternative messengers being developed in Russia.
UPD:Now the developer of QIP, INF, shared with me the idea that the whole point is in the used initial value of the sequence identifier for the sent packets. All unofficial clients generate them randomly, and this may be the same key. The main problem is to find out the algorithm for generating it.
Another small UPD: for clarity, you can compare the screenshots of icq.com given to Russian and American visitors.
Discussion of what is happening is in the jabber, in the icq_stop@conference.jabber.ru
conference. UPD2: According to Shoohurt, tomorrow, perhaps during the day there will be comments from gentlemen directly related to the Russian version of ICQ (Rambler-ICQ). Keep for updates.
UPD3: Now we have found a correlation between the entry time and the sequence number used, so there is a clue that some random number is still used for generation, but this version needs to be checked. As it turned out, all old clients connect, even icq2003b, and TestBuddy 2002. Plus, there are several reports that some providers in Omsk are working fine. In general, now the final conclusion is that the “Acechniks” have found a radical difference between the official client and all the clones and are actively using it.
It seems that the QIP development team has found a solution to the problem, working builds are already availableQIP Infium 9022
As promised - a fixed version of the Miranda IM ICQ + plugin - download
Lord, please be patient. Today I am exhausted and have not been sleeping for more than a day. Tomorrow I will lay out all the code and explain the essence of my decision. It is quite trivial, and is based on the fact that the initial assumption about seq id is correct. In general, it is slightly on the props.
Today, at about 13:00 Moscow time, almost all users of unofficial clients, after entering the network and downloading the contact list, received from the user with UIN 1 a message that the version of the client being used was not used and was unauthorized. A message appeared on the official website right on the main one stating that from now on only official versions of programs are supported, which can be downloaded right here.
Users who were already on the network did not feel any changes and were not disconnected from the server. For those who tried to connect in the first hour and a half, it turned out with varying success: this is because the icq network is distributed and consists of many servers, and even after logging in you can be transferred to another one, and apparently the changes were applied to them take turns.
Some technical details. The login procedure proceeds quite normally: the protocol is initialized, capabilities are sent, the server contact list and its own data are loaded. Around this time, a message comes from number one, and after that it becomes impossible to get anything from the server.
Having decided that the situation was repeated on December 8, when clients stopped working due to the fact that they identified themselves as icq5.1 and earlier versions during login, we tried to identify ourselves as icq6.5 of the latest model. It did not bring any results. It became clear that this time AOL went through a deep defense - apparently, the sent caps (capabilities, information about protocol chips supported by the client) have already begun to be taken into account. Indeed, replacing their set with the one that uses icq6 helped, but only during the first login - if you reconnect after that, then this will not help. Apparently, some changes were made to the login and initialization sequence, if not performed, the client is considered an alternative. QIP developers have suggested that the server needs some additional key, which can either be simply wired to the client, or be calculated based on the information received from the server. They are currently also working hard to find the cause of the client’s failure.
I hope in the coming days - two we will find the reason.
In addition, I want to note an interesting fact - these changes affected only residents of the CIS countries. When I contacted our developers from the Czech Republic and Germany, they were slightly at a loss - everything worked perfectly for them. In addition, we were able to successfully connect from Miranda using an American proxy server, so there are suspicions that this is a targeted blocking of alternative messengers being developed in Russia.
UPD:Now the developer of QIP, INF, shared with me the idea that the whole point is in the used initial value of the sequence identifier for the sent packets. All unofficial clients generate them randomly, and this may be the same key. The main problem is to find out the algorithm for generating it.
Another small UPD: for clarity, you can compare the screenshots of icq.com given to Russian and American visitors.
Discussion of what is happening is in the jabber, in the icq_stop@conference.jabber.ru
conference. UPD2: According to Shoohurt, tomorrow, perhaps during the day there will be comments from gentlemen directly related to the Russian version of ICQ (Rambler-ICQ). Keep for updates.
UPD3: Now we have found a correlation between the entry time and the sequence number used, so there is a clue that some random number is still used for generation, but this version needs to be checked. As it turned out, all old clients connect, even icq2003b, and TestBuddy 2002. Plus, there are several reports that some providers in Omsk are working fine. In general, now the final conclusion is that the “Acechniks” have found a radical difference between the official client and all the clones and are actively using it.
It seems that the QIP development team has found a solution to the problem, working builds are already availableQIP Infium 9022
As promised - a fixed version of the Miranda IM ICQ + plugin - download
Lord, please be patient. Today I am exhausted and have not been sleeping for more than a day. Tomorrow I will lay out all the code and explain the essence of my decision. It is quite trivial, and is based on the fact that the initial assumption about seq id is correct. In general, it is slightly on the props.