[Bug 600449] Re: New and added Jabber accounts are insecure by default
nh2
600449 at bugs.launchpad.net
Wed Aug 18 22:21:56 UTC 2010
Reopening this bug as this is super insecure.
Imagine a user who does not even know what SSL/TLS is. He/She _will_
leave the default as is. He/She will use just the same password as for
his/her e-mail, social networking, or online payment account with high
probability.
Empathy does not even notify the user that his sensitive data might be
read by anyone in the network. This should be not the default setting
for the default messaging client.
I strongly suggest to turn "Encryption required" on as default and in
case the server does not support that, open a "This will send you
password unencrypted - do you really want to continue" message box.
--
New and added Jabber accounts are insecure by default
https://bugs.launchpad.net/bugs/600449
You received this bug notification because you are a member of
Telepathy, which is subscribed to empathy in ubuntu.
More information about the Ubuntu-telepathy
mailing list