Re: [kde] [Okular-devel] [Bug 267350] filling out a PDF form saves data to some file i ~/.kde/share/apps/okular/docdata/
On 1/13/2012 9:03 AM, Dan Armbrust wrote: Dan, I understand you are frustrated. But this here doesn't help to solve the problem. In fact it makes it a lot less likely that Albert or one of the other Okular developers will work on it. So ultimately you are hurting your case. Now let's move this forward constructively, please. There are several ways to do this: * Work on it yourself if you have the skills. * Convince someone else to work on it. * Wait until Albert or one of the other Okular developers finds time for it. I am sure they have registered by now that this is important to you. Cheers Lydia -- Lydia Pintscher KDE Community Working Group / KDE e.V. board member http://kde.org - http://about.me/lydia.pintscher I'm really sorry that no one reading this thread seems to be able to comprehend the dis-service that KDE and Ocular are doing to their users. Okular is behaving almost as badly as a virus. This should be treated as a security issue. And it should be handled as one. And fixed. Quickly. Instead, we have Albert denying that it is a problem... or, ignoring is, since hey, there are all of these other ways that people could steal data, what harm will one more do? Even if someone else fixed it, he probably wouldn't accept the patch, since he considers it a feature. This bug doesn't impact me. Because I uninstalled Okular 2 years ago, when I discovered the problem. This bug impacts everyone else that ever uses Okular - they just don't know it. So, I'm advocating for them, since no one else seems to care. I reported this issue to the developers two years ago. I even suggested a number of ways that it could be addressed. The most trivial of fixes would have taken a developer about 2 minutes - simply turn off the damn feature - or redirect it to /dev/null. But, no one will turn it off. So, we remain at a stalemate. With Okular behaving like a virus. And Albert calling it a feature. No one else with the power to fix it cares, and the users get the shaft. What a sad state. ___ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html. Dude.. if you spent half as much time submitting a patch, as you did complaining about the issue, it would be fixed yesterday.. Quit complaining, you aren't paying for this software. Fix it yourself, or stop using it. No one cares just because you want to whine like a spoiled little brat. ___ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html.
Re: [kde] [Okular-devel] [Bug 267350] filling out a PDF form saves data to some file i ~/.kde/share/apps/okular/docdata/
Dude.. if you spent half as much time submitting a patch, as you did complaining about the issue, it would be fixed yesterday.. Quit complaining, you aren't paying for this software. Fix it yourself, or stop using it. No one cares just because you want to whine like a spoiled little brat. Same goes to the developers. They could have fixed it in about 2 minutes, 2 years ago. If you actually read the e-mails in this thread, you would see that I have stopped using it. I'm continuing to make noise about it because Okular is exposing personal data of every other unsuspecting user that ever touches it. The developers of Okular don't seem to care. Perhaps someone higher up at KDE who understands a security issue when they see one, will. ___ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html.
Re: [kde] [Okular-devel] [Bug 267350] filling out a PDF form saves data to some file i ~/.kde/share/apps/okular/docdata/
When introducing a new party to a converstation, in this case the KDE user mailinglist, it is usually very helpful to provide context to said new party. When the discussion has happened on one mailinglist so far, a good way to do that is to provide a link to the discussion start in the original mailinglist's archive. On Friday, 2012-01-13, Dan Armbrust wrote: Dude.. if you spent half as much time submitting a patch, as you did complaining about the issue, it would be fixed yesterday.. Quit complaining, you aren't paying for this software. Fix it yourself, or stop using it. No one cares just because you want to whine like a spoiled little brat. Same goes to the developers. They could have fixed it in about 2 minutes, 2 years ago. If you actually read the e-mails in this thread, you would see that I have stopped using it. I'm continuing to make noise about it because Okular is exposing personal data of every other unsuspecting user that ever touches it. Assuming that was the reason for including this support mailing list, having basically no information about the problem does more harm than good. Given the tiny pieces of information so far (exposing personal data) I have to assume that Okular is attaching some kind of user input history to documents? Is it attaching itself (behaving like a virus) to the document? The developers of Okular don't seem to care. Perhaps someone higher up at KDE who understands a security issue when they see one, will. You mean the Okular maintainer? No idea who that currently is but did that person participate in the discussion on the Okular list? Cheers, Kevin -- Kevin Krammer, KDE developer, xdg-utils developer KDE user support, developer mentoring signature.asc Description: This is a digitally signed message part. ___ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html.
Re: [kde] [Okular-devel] [Bug 267350] filling out a PDF form saves data to some file i ~/.kde/share/apps/okular/docdata/
On Fri, Jan 13, 2012 at 11:06 AM, Kevin Krammer kevin.kram...@gmx.at wrote: When introducing a new party to a converstation, in this case the KDE user mailinglist, it is usually very helpful to provide context to said new party. When the discussion has happened on one mailinglist so far, a good way to do that is to provide a link to the discussion start in the original mailinglist's archive. Apologies, I thought I included the kde list in the initial posts, which had the summary info. It must not have gone through. Here is the bug report in question: https://bugs.kde.org/show_bug.cgi?id=267350 I also reported this to the developer list about 2 years ago: http://mail.kde.org/pipermail/okular-devel/2010-February/006386.html In short,if you: Download a PDF. Fill in personal information. Print it. Close it. Never once even hitting save... Okular dumps every bit of data that you typed into a clear text file in a hidden directory. At a minimum, its really bad behavior. At worst, on say, a library terminal, it is opening up every unsuspecting user to having their information stolen. There is no warning, notice, or any such clue within ocular that it is doing this. Its a pretty basic user-interface paradigm that you shouldn't store data like that without the users permission. Especially in an application that handles PDF files, which are used for private and personal stuff all the time. ___ This message is from the kde mailing list. Account management: https://mail.kde.org/mailman/listinfo/kde. Archives: http://lists.kde.org/. More info: http://www.kde.org/faq.html.