[OTR-dev] Fwd: OTR integration

Tomasz Wasilczyk twasilczyk at pidgin.im
Tue Aug 27 04:22:49 EDT 2013


2013/8/26 Paul Wouters <paul at cypherpunks.ca>:
> On Mon, 26 Aug 2013, Jurre van Bergen wrote:
>
> Hi Tomek,
>
>> From: Jurre van Bergen <drwhax at 2600nl.net>
>> To: otr-dev at lists.cypherpunks.ca
>> Subject: [OTR-dev] Fwd: OTR integration
>>
>> FYI
>
>
>> I'm currently working on OTR integration into 3.0.0 tree. I see three
>> possible solutions for it:
>>
>> - enabling it by default: otr plugin seems to be well written and
>> doesn't cause crashes, so it won't be the new source of stability
>> problems. I just have one concern in mind: it will alter UI a bit, in
>> a way that vast majority of users won't utilize - it will be a clutter
>> for them
>
>
> Is it that much of a change? I think it is good that they see when a
> connection is insecure. Especially for inexperienced users.

The security indicator will be here independently of OTR being enabled
or not. I'm rather talking about all other controls.

>> - to track for "?OTRvxx?" tag (it indicates an OTR packet) in messages
>> and ask user, if he wants to enable the plugin. It would show up only,
>> when Pidgin was built with otr support. Also, after the first query,
>> it would set a hidden pref, so it won't ask the user again. I think
>> this will cover all use cases, because for incoming messages it will
>> be easy to set it up. User, who would like to start an outgoing OTR
>> conversation (for the first time), will be experienced enough to
>> enable it manually.
>
>
> The whole design of OTR has been to ensure that one does NOT have to be
> an "experienced user". That is the whole reason the world is in such a
> sad state of deploying crypto and why the NSA/GCHQ can have so much data
> about is.

By experienced user, I meant somebody, who is not afraid to read
dialogs appearing on the screen and click buttons. I don't think
browsing a plugins window and enabling a plugin needs that much of
skill. But somebody, who is frightened by three opened windows at the
moment, won't use OTR even if it occupy half of screen. Anyway, it's a
matter of discussion - that's why I posted this.

> Please keep the status of the OTR security of a connection visible so
> people can go from insecure to secure. It is not "clutter". It shows a
> deficiency in their conversion - someone is recording it without
> consent!

I think it should work just like that.

> Related, I don't know if the plugin can have precedence/ordering yet,
> but currently when one types "/me is accidentally leaking information"
> that gets leaked plaintext due to bad interaction between the irc plugin
> ("/me" is not a valid command, send it out unmodified) and the otr
> plugin.

This looks like a serious security issue. I'll investigate it.

Tomek



More information about the Devel mailing list