[Gajim-devel] Anonymous mode

Yann Leboulanger asterix at lagaule.org
Mon Sep 19 14:45:51 CEST 2016


You are considered as SPAM because your IP is blacklisted:

IP XX.XX.XX.XX blacklisted by list.blogspambl.com [2], all.s5h.net [2], 
dnsbl.tornevall.org [163]

for your questions:

1/ Yes, for your contacts to know which feature your client support, we 
send the identity of the client. see XEP-0115 [0].

The Gajim_ in the id is indeed not really needed, we could implement 
things differently.

2/ ft_send_local_ips is used when you send a file to a contact. It is 
supposed to be a p2p connection, so yes, Gajim, by default, send your 
local IP so that your contact can connect to your machine. You can 
disable that in the advanced configuration editor.

3/ I don't really understand what you mean. Log encrypted messages is 
used by Gajim to locally log (write to db) your chat when it is 
encrypted by GPG or E2E.

4/ The thing is that you think it's not usefull for functionality, but 
it is. Of course we can still chat without sending that, but then FT 
will not work correctly, and many many other things because many 
protocoles depend on XEP-0115. So your paranoid mode also means a client 
with very few features. Gajim also asks for a few things to server on 
connection to know if it support some features, and just asking that in 
the particular order Gajim asks is enough for the server to know you use 
Gajim.

[0] http://xmpp.org/extensions/xep-0115.html

-- 

Yann

Le 19/09/2016 à 13:55, growl at airmail.cc a écrit :
> Could not create ticket (registered, confirmed my e-mail, solved 2 
> captchas and still considered as spammer, wtf? I'm just using Tor), so 
> i try to post here:
>
> = problem =
> Gajim 0.6.15 sends more info than needed for privacy-oriented users.
> = analysis =
> 1. If I turn off all options that sends info about os and client, 
> Gajim does send info about itself, it is seen in XML console, like:
> ... node='http://gajim.org' ver='blah-blah-blah' hash='sha-1'/>
>
> <identity category="client" type="pc" name="Gajim" />
>
> ...type="get" id="Gajim_big-id-number">
>
> And maybe more. Those values above is hard-coded in 
> connection_handlers.py as I can see, so there is no easy way to change 
> it.
>
> 2. I have 3 accounts with the same account options. But eventually I 
> find from advanced options editor that one has ft_send_local_ips set 
> to True. If I understand it correctly, this enables sending local ip 
> address, and that is pretty terrible news :( And there is no way in 
> GUI to control it, or I didn't find such option.
>
> 3. I'm not quite sure how that happened, but one day I found that "Log 
> encrypted messages" option is turned on. Maybe I miss-clicked it 
> somehow, but for me it is strange indeed, considering that hidden 
> ft_send_local_ips option enabled for just one account.
>
> 4. So I assume that there are other "leaks" that sends info that has 
> nothing or little to do with functionality.
> = enhancement recommendation =
> It will be great if Gajim will have '''one''' option, maybe hidden, 
> per account like "paranoid_mode", so I am sure that there are no such 
> leaks in any way.
>
> Thanks.
> _______________________________________________
> Gajim-devel mailing list
> Gajim-devel at gajim.org
> https://lists.gajim.org/cgi-bin/listinfo/gajim-devel



More information about the Gajim-devel mailing list