Feature #5986

Pidgin Protocol Review

Added by Tails 2013-07-18 07:49:03 . Updated 2013-07-19 01:45:25 .

Status:
Resolved
Priority:
Low
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Tails-dev Pidgin Protocols Safe?: https://mailman.boum.org/pipermail/tails-dev/2012-October/001830.html

Without encryption, the exit node can see the contact list, all messages, file transfers, audio/video.

The server can always see all those things. If you are connected to a number of people you know, it’s obvious who you are.

OTR would only encrypt the messages. Everything else is still visible (depending on encryption) (to the server).

Would be nice if all that were documented.

AIM

Encryption

default: use encryption if available

enforce: available

Misc

Always use AIM/ICQ proxy server for file transfers and direct IM (slower, but does not reveal your IP address) - default: unchecked

adrelanos comment: the AIM/ICQ proxy would only be a single hop proxy, it’s a weak protection to hide IP. Only safe it would go through Tor first. Unknown.

Bonjour

Encryption

no encryption settings

Facebook

Encryption

default: use encryption if available

enforce: available

Misc

Has voice and video features.

Gadu-Gadu

Encryption

default: don’t use encryption

enforce: not available

Google Talk

Encryption

default: require encryption

Misc

file transfer proxy - default: proxy.eu.jabber.org connect port / connect server / BOSH URL (whatever that is) - default: empty

Has voice and video features.

Group Wise

Encryption

no encryption settings

ICQ

Encryption

default: use encryption if available

enforce: available

Misc

Same as AIM.

IRC

Encryption

SSL optionally available.

MSN

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

Allow direct connections - default: checked in

MySpaceIM

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

SIMPLE

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

SAMETIME

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

Hide client identity not checked by default, whatever that means.

XMPP

Encryption

default: require encryption

Misc

file transfer proxy - default: proxy.eu.jabber.org connect port / connect server / BOSH URL (whatever that is) - default: empty

Has voice and video features.

Yahoo / Yahoo JAPAN

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

File transfer server - default: filetransfer.msg.yahoo.com

Use account proxy for HTTP and HTTPS connections - default (whatever that means): unchecked

ZEPHYR

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

file transfer server - default: filetransfer.msg.yahoo.com

Subtasks

History

#1 Updated by intrigeri 2013-07-19 01:34:08

  • Status changed from Confirmed to Resolved

We’ve stopped shipping support code for that many protocols.

#2 Updated by intrigeri 2013-07-19 01:45:25

  • Type of work set to Research

Type of work: Research