On 02/27/2012 11:23 PM, devnull@xxxxxxxxxx wrote: > > I believe that clarification is in order. Indeed it is. The original post mentions a same-user attack vector which is very misleading as to what the real problem here is. And it boils down to this: Once a process sends private info over DBUS there is no way to control where this ends up (which apps are the qualified receivers) or what the receivers do with it. So, if for example the user selects not to log OTR plaintext (so that this sensitive information doesn't touch the hard drive) another application on the other end of DBUS might choose to do something different (and not by malicious intent). There is no way to enforce the same security policy on the sender and the receivers. How this could be exploited by attackers or what forensic evidence DBUS snooping leaves are of much less importance than the above privacy issue. There is a very good discussion on the pidgin ticket page: http://developer.pidgin.im/ticket/14830 Also, I've made some updates to our post, to make it clearer as to what this issue is about: http://census-labs.com/news/2012/02/25/libpurple-otr-info-leak/ If there are still questions, I'll be happy to answer them. Hope this clarifies things a bit, Dimitris
