From nilclass at riseup.net Fri Dec 16 09:33:41 2011 From: nilclass at riseup.net (nilclass at riseup.net) Date: Fri, 16 Dec 2011 15:33:41 +0100 Subject: [OTR-users] pidgin OTR leaks presence information to unauthorized people Message-ID: Hi, Assume this situation: Alice and Bob both have an OTR enabled client. Alice has not approved that Bob may see her presence. They are both online. Bob starts a OTR conversation with Alice, sending some junk or whatever. Now if this weren't a OTR message, there would be no feedback from Alice, so no way for Bob to figure out whether Alice is currently online. With OTR enabled, Alice' client automatically performs the OTR handshake, which tells Bob that Alice is: 1) using a OTR enabled client 2) is currently online A possible solution would be not to filter messages through otrl_message_sending/otrl_message_receiving, unless the peer either has a valid presence subscription or Alice has manually requested/approved the OTR conversation or Alice has already participated in the conversation. '() From dap56 at cornell.edu Fri Dec 16 16:13:28 2011 From: dap56 at cornell.edu (Daniel Perelman) Date: Fri, 16 Dec 2011 13:13:28 -0800 Subject: [OTR-users] pidgin OTR leaks presence information to unauthorized people In-Reply-To: References: Message-ID: I am not sure if this is quite what you want, but most (all?) protocols have an option in the privacy settings to only accept IMs from users on your buddy list. - Daniel On Fri, Dec 16, 2011 at 06:33, wrote: > Hi, > > Assume this situation: > > Alice and Bob both have an OTR enabled client. > Alice has not approved that Bob may see her presence. > They are both online. > Bob starts a OTR conversation with Alice, sending some junk or whatever. > Now if this weren't a OTR message, there would be no feedback from Alice, > so no way for Bob to figure out whether Alice is currently online. > With OTR enabled, Alice' client automatically performs the OTR handshake, > which tells Bob that Alice is: > 1) using a OTR enabled client > 2) is currently online > > A possible solution would be not to filter messages through > otrl_message_sending/otrl_message_receiving, unless the peer either has a > valid presence subscription or Alice has manually requested/approved the > OTR conversation or Alice has already participated in the conversation. > > '() > > > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users From otr.users at bleeter.id.au Sat Dec 17 22:55:18 2011 From: otr.users at bleeter.id.au (Peter Lawler) Date: Sun, 18 Dec 2011 14:55:18 +1100 Subject: [OTR-users] Pidgin OTR, Purple Plugin Pack and Privacy Message-ID: <4EED6426.3080604@bleeter.id.au> Hi all, Just thought I'd drop a note to the list to let you know of a 'bug' in the Purple Plugin Pack as provided by the team at Guifications.org (well, technically, not a bug but a Request For Enhancement... but the side effect may be considered a 'bug' in the normal lingo of users) 'Last Seen should ignore OTR enabled buddies' https://www.guifications.org/issues/694 A few points: 1. I recommend OTR users ensure that they do NOT use LastSeen for now. 2. I believe it MAY be possible for Pidgin OTR to issue a warning if one disables logging on a buddy within OTR and LastSeen is enabled. However this will require a new release of Pidgin OTR, and maybe additional development of Pidgin itself. 'Watch this space', I guess. 3. I am going to try and write a quick and dirty hack in the next week or two so as to ensure LastSeen is AT LEAST OTR aware and have this committed to LastSeen. 'Watch this space'. 4. I am a 'retired Crazy Patch Writer' for Pidgin (see Help->Developer Information). I'm now seriously considering becoming a 'retired Retired Crazy Patch Writer' for Pidgin to take up the work of where the Pidgin 'Privacy Rewrite' was left off in the Google Summer of Code project in 2009. This will be a much longer task, so please do not think that it's currently 'abandoned'. It's just going to take some time to get back up to speed. I appreciate any patience that users may be able to find for the task at hand. I'm of the firm belief that fixing up the internals of Pidgin's privacy is the RIGHT place to correct this, however past analysis indicates it's going to be 'A Big Job' to make sure Privacy is 'Done Right' looking into the future. Summary: If you use the Guifications Plugin Pack with OTR, ensure LastSeen is disabled. This can best be done by deleting the plugin file on your system and ensuring that if/when you update your Purple Plugin Pack, you don't add the file back in unless you explicitly notice a fix in the changelog. Hopefully I'll remember to send a notice to this list when I get it fixed :) Regards, Peter 'Bleeter' Lawler. From ian at cypherpunks.ca Sun Dec 18 11:49:27 2011 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 18 Dec 2011 11:49:27 -0500 Subject: [OTR-users] Pidgin OTR, Purple Plugin Pack and Privacy In-Reply-To: <4EED6426.3080604@bleeter.id.au> References: <4EED6426.3080604@bleeter.id.au> Message-ID: <20111218164927.GV27624@yoink.cs.uwaterloo.ca> On Sun, Dec 18, 2011 at 02:55:18PM +1100, Peter Lawler wrote: > Hi all, > Just thought I'd drop a note to the list to let you know of a 'bug' in > the Purple Plugin Pack as provided by the team at Guifications.org > (well, technically, not a bug but a Request For Enhancement... but the > side effect may be considered a 'bug' in the normal lingo of users) > > 'Last Seen should ignore OTR enabled buddies' > https://www.guifications.org/issues/694 Welcome aboard, Peter! I'm a little unclear on what exactly "Last Seen" does. From the sounds of it, it logs the last time your buddies were advertising that they are online? Or the last time you sent them an IM? Or the last time you received one from them? > 1. I recommend OTR users ensure that they do NOT use LastSeen for now. This depends on what you're concerned about, I guess. Many people just don't want the *contents* of their communications logged. The *fact* that you've communicated with someone is already known to at least the IM server (and anyone watching the network). But I grant that some certainly have potentially stricter privacy requirements. - Ian From otr.users at bleeter.id.au Mon Dec 19 08:09:06 2011 From: otr.users at bleeter.id.au (Peter Lawler) Date: Tue, 20 Dec 2011 00:09:06 +1100 Subject: [OTR-users] Pidgin OTR, Purple Plugin Pack and Privacy (Ian Goldberg) In-Reply-To: References: Message-ID: <4EEF3772.3070607@bleeter.id.au> On Sun, 18 Dec 2011 11:49:27 -0500, Ian Goldberg wrote: > I'm a little unclear on what exactly "Last Seen" does. From the sounds > of it, it logs the last time your buddies were advertising that they are > online? Or the last time you sent them an IM? Or the last time you > received one from them? >From the Plugin description: 'Logs the time of a last received message, what they said, when they logged in, and when they logged out, for buddies on your buddy list.' This hooks in before OTR in such a way that disabling logging of a buddy within OTR does not stop LastSeen from recording what the buddy last said. I believe (without being knee deep in code right now) that this is a limitation of the privacy subsystem in Pidgin. >> 1. I recommend OTR users ensure that they do NOT use LastSeen for now. > > This depends on what you're concerned about, I guess. Many people just > don't want the *contents* of their communications logged. As LastSeen records 'what they (last) said', it's a log. Albeit a very short and transient one, a user on a shared system with greater system privs than the OTR operator may be able to collect LastSeen logs and assemble a greater log of what one's Buddy has said to you. Regards, Pete.