[Pidgin] #8029: ICQ account hacked due to pidgin

Pidgin trac at pidgin.im
Thu Jan 8 01:21:37 EST 2009


#8029: ICQ account hacked due to pidgin
------------------------------------+---------------------------------------
 Reporter:  drohr                   |        Owner:  lschiere    
     Type:  defect                  |       Status:  closed      
Milestone:                          |    Component:  unclassified
  Version:  2.5.3                   |   Resolution:  invalid     
 Keywords:  hacked password stolen  |  
------------------------------------+---------------------------------------
Changes (by rekkanoryo):

  * status:  new => closed
  * resolution:  => invalid


Comment:

 The only way your password would have been stolen as a result of using
 Pidgin is if both of the following are true:
   * You saved your password in Pidgin
   * Your accounts.xml file was accessible to someone other than yourself

 Note that the accounts.xml file being accessible to someone other than
 yourself could happen if you're using Windows and were the victim of a
 virus or other malware.  There are, of course, other causes.

 If you feel the need to find another client, that is of course your
 prerrogative.  Note, however, that the vast majority of IM cleints in
 existance store passwords in either plain text (as we do) or in a very
 weakly encrypted manner which is trivially decrypted, which means your
 passwords aren't going to be any more secure.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/8029#comment:2>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list