[jitsi-dev] Jitsi not a reliable OTR provider


#1

Hi,

I would like to note that Jitsi is recording chat messages in unencrypted form in the users data directory. It comes with the chat history option enabled by default. The problem is, on https://jitsi.org/Main/Features , there is a promise of deniability (one of the features of OTR). Considering that even if I disable Chat history on my side of the client, the chat messages get recorded on the other end (unless they know this defecit).

This is not true OTR, proven from your own webpage. A party has to listen to the unencrypted Jabber messages (evidence of which is in the packet logs made by Jitsi) and figure out both parties and go

To correct, this history option needs to be pulled out completely. Also the option to Log packets by default is ticked. There is no use of leaving these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

Please discuss.

Azhad.


#2

Hi there Azhad,

I am not on the development team, but I would like to draw your attention to the following relevant discussion on the users' mailing list beginning here: http://lists.jitsi.org/pipermail/users/2013-July/004722.html and continuing here: http://lists.jitsi.org/pipermail/users/2013-July/004737.html

From these discussions, it was decided that the history option will not be removed, and I believe a choice to set the defaults is being considered.

Hope that helps,
Nick

···

From: azhad@hotmail.com
To: dev@jitsi.org
Date: Fri, 16 Aug 2013 17:07:49 +0500
Subject: [jitsi-dev] Jitsi not a reliable OTR provider

Hi,

I would like to note that Jitsi is recording chat messages in unencrypted form in the users data directory. It comes with the chat history option enabled by default. The problem is, on https://jitsi.org/Main/Features , there is a promise of deniability (one of the features of OTR). Considering that even if I disable Chat history on my side of the client, the chat messages get recorded on the other end (unless they know this defecit).

This is not true OTR, proven from your own webpage. A party has to listen to the unencrypted Jabber messages (evidence of which is in the packet logs made by Jitsi) and figure out both parties and go

To correct, this history option needs to be pulled out completely. Also the option to Log packets by default is ticked. There is no use of leaving these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

Please discuss.

Azhad.

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev


#3

Hi Azhad,

I started a thread on the users list and there were a lot of opinions about this.

I wanted to summarize and make some presumptions and corresponding
propositions, but have been very busy.

Will do some thinking and writing about this on the week-end, so keep
looking at the users list.

Regards, Earl

···

On 16/08/2013 14:07, Ahmed Azhad wrote:

Hi,

I would like to note that Jitsi is recording chat messages in unencrypted form in the users data directory. It comes with the chat history option enabled by default. The problem is, on https://jitsi.org/Main/Features , there is a promise of deniability (one of the features of OTR). Considering that even if I disable Chat history on my side of the client, the chat messages get recorded on the other end (unless they know this defecit).

This is not true OTR, proven from your own webpage. A party has to listen to the unencrypted Jabber messages (evidence of which is in the packet logs made by Jitsi) and figure out both parties and go

To correct, this history option needs to be pulled out completely. Also the option to Log packets by default is ticked. There is no use of leaving these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

Please discuss.

Azhad.


#4

To correct, this history option needs to be pulled out completely. Also the option to Log packets by default is ticked. There is no use of leaving these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

I have to say, I absolutely agree with Ahmed on this. This is not only unnecessary but dangerous.

Was unable to find a ticket covering this major issue on trac. Imo, jitsi seriously needs to find a solution to this problem.


#5

Azhad,

Packet logging does not include message bodies. Even if it did, those would
be the encrypted ones ... but again, bodies are not kept.

Hope this helps,
Emil

--sent from my mobile

···

On 16 Aug 2013 15:21, "Ahmed Azhad" <azhad@hotmail.com> wrote:

Hi,

I would like to note that Jitsi is recording chat messages in unencrypted
form in the users data directory. It comes with the chat history option
enabled by default. The problem is, on https://jitsi.org/Main/Features ,
there is a promise of deniability (one of the features of OTR). Considering
that even if I disable Chat history on my side of the client, the chat
messages get recorded on the other end (unless they know this defecit).

This is not true OTR, proven from your own webpage. A party has to listen
to the unencrypted Jabber messages (evidence of which is in the packet logs
made by Jitsi) and figure out both parties and go

To correct, this history option needs to be pulled out completely. Also
the option to Log packets by default is ticked. There is no use of leaving
these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

Please discuss.

Azhad.

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev


#6

Steve,

Please have a look at the threads that Nick pointed to.

The history isn't going anywhere and the default isn't changing.

We do accept to make it easier to see whether it it enabled though and to
then disable it (e.g. a toggle button in the chat window).

--sent from my mobile

···

On 21 Aug 2013 14:16, "Steve" <stevebell@gulli.com> wrote:

To correct, this history option needs to be pulled out completely. Also
the option to Log packets by default is ticked. There is no use of leaving
these on by default for an end-user.

Hope these issues of security will be fixed in the next version.

I have to say, I absolutely agree with Ahmed on this. This is not only
unnecessary but dangerous.

Was unable to find a ticket covering this major issue on trac. Imo, jitsi
seriously needs to find a solution to this problem.

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev