Bug #6347
Pidgin IRC Protocol responds to DCC SEND?
0%
Description
Lately it was discussed that pidgin answers to some CTCP requests (see https://labs.riseup.net/code/issues/5823). DCC (Direct client-to-client) should also be disabled, because it can leak to much identifying information. I’m not firm enough to understand the difference or how DCC interacts with CTCP (or if this is maybe already done), but i tried to send a DCC SEND request with XChat to another user with Tails/IRC. Even though the file transfer itself didn’t work, he got a request to accept this file which means DCC isn’t disabled at all. Maybe it’s the firewall which is blocking here, but i am not sure how much information is leaking out. Please clarify this!
Subtasks
Related issues
Related to Tails - Feature #6117: Audit Pidgin | Confirmed | ||
Related to Tails - |
Rejected | 2013-09-19 | |
Related to Tails - Bug #8573: Hopefully replace Pidgin some day | In Progress | 2015-01-07 |
History
#1 Updated by mercedes508 2013-10-09 02:03:11
- Status changed from New to Confirmed
- Type of work changed from Discuss to Research
First should be to search for what kind of info Pidgin leaks trough DCC request. Then discuss if we care about those.
#2 Updated by BitingBird 2014-03-24 04:05:10
- QA Check deleted (
Info Needed)
#3 Updated by intrigeri 2014-08-12 13:54:47
- Category set to 213
#4 Updated by BitingBird 2015-01-04 02:50:54
- related to Feature #6117: Audit Pidgin added
#5 Updated by Anonymous 2018-08-19 08:37:50
- related to
Bug #5823: Pidgin answers CTCP ping and version added
#6 Updated by Anonymous 2018-08-19 08:40:53
- Priority changed from Normal to Low
#7 Updated by Anonymous 2018-08-19 08:41:11
- related to Bug #8573: Hopefully replace Pidgin some day added