Modern instant messengers claims about security and privacy. And users trusts them. But companies that delivers such services sometimes fails protecting their users privacy. The point is, that user doesn’t have any control over confidentiality of his private conversations – the service provider does it. Continue reading →

Previous libpurple version suffers from poor HTTP implementation. Ordinary user won’t notice that, because plugins tries to fill the hole. However, when every single component that uses HTTP have to deal with the same issues, there must be some mess left.

Nearly a year ago, I’ve decided to put some effort here and implement new, flexible HTTP API. Now, I’ve came even deeper, replacing existing implementations with my new tool. Continue reading →

The Pidgin’s master password branch, which engaged me for the last two months is now ready to show to the public eye. Moreover, it depended on the other security-related task: taking care of Windows build – this one is also mostly done now. Today, I would like to present the current results of my work. Continue reading →

Some time ago, Google contacted me regarding security concerns related to Pidgin. After a long discussion, they decided to make a donation to Instant Messaging Freedom foundation, which was then able to sponsor some work related to Pidgin’s security improvements.

Therefore, I will periodically publish here news about work being done (of course, containing only the non-sensitive information). Continue reading →