Skip to content

GitLab

Closed
Created by import-from-Redmine@import-from-Redmine

Pidgin Protocol Review

Originally created by Tails on #5986 (Redmine)

Tails-dev Pidgin Protocols Safe?: https://mailman.boum.org/pipermail/tails-dev/2012-October/001830.html

Without encryption, the exit node can see the contact list, all messages, file transfers, audio/video.

The server can always see all those things. If you are connected to a number of people you know, it’s obvious who you are.

OTR would only encrypt the messages. Everything else is still visible (depending on encryption) (to the server).

Would be nice if all that were documented.

AIM

Encryption

default: use encryption if available

enforce: available

Misc

Always use AIM/ICQ proxy server for file transfers and direct IM (slower, but does not reveal your IP address) - default: unchecked

adrelanos comment: the AIM/ICQ proxy would only be a single hop proxy, it’s a weak protection to hide IP. Only safe it would go through Tor first. Unknown.

Bonjour

Encryption

no encryption settings

Facebook

Encryption

default: use encryption if available

enforce: available

Misc

Has voice and video features.

Gadu-Gadu

Encryption

default: don’t use encryption

enforce: not available

Google Talk

Encryption

default: require encryption

Misc

file transfer proxy - default: proxy.eu.jabber.org connect port / connect server / BOSH URL (whatever that is) - default: empty

Has voice and video features.

Group Wise

Encryption

no encryption settings

ICQ

Encryption

default: use encryption if available

enforce: available

Misc

Same as AIM.

IRC

Encryption

SSL optionally available.

MSN

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

Allow direct connections - default: checked in

MySpaceIM

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

SIMPLE

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

SAMETIME

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

Hide client identity not checked by default, whatever that means.

XMPP

Encryption

default: require encryption

Misc

file transfer proxy - default: proxy.eu.jabber.org connect port / connect server / BOSH URL (whatever that is) - default: empty

Has voice and video features.

Yahoo / Yahoo JAPAN

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

Misc

File transfer server - default: filetransfer.msg.yahoo.com

Use account proxy for HTTP and HTTPS connections - default (whatever that means): unchecked

ZEPHYR

Encryption

No encryption settings. Doesn’t mean, it’s not encrypted by default. Unknown.

file transfer server - default: filetransfer.msg.yahoo.com

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information