Tor user and list lurker here. Pidgin for Linux does not[1] have out-of-the-box support for IRC SASL authentication, which is important to have (for example, [2]). (There are two Pidgin patches[3, 4] for SASL authentication support, but they are beyond my skill level to implement, which means they are out of reach for many, many people.) Thus I agree: Tails should have a proper IRC client!
:-Douglas 1. http://developer.pidgin.im/ticket/13270 2. http://pirateirc.net/post/14352148374/new-server-6lqaoo6bwnx5qmx6-onion 3. http://developer.pidgin.im/attachment/ticket/13270/pidgin-sasl.patch 4. http://developer.pidgin.im/attachment/ticket/13270/13270.patch On 08/11/2012 04:43 AM, pwnsa...@safe-mail.net wrote: > Please show your support and petition the Tails team to add a real IRC > client, other than the multipurpose Pidgin client. > > The discussion so far: > https://tails.boum.org/forum/IRC_Client:_Please_include_something_other_than_Pidgin/ > > or if the thread vanishes, create a new one: > https://tails.boum.org/forum/ > > Here is the story so far: > > ====================================== > > IRC Client: Please include something other than Pidgin > > Pidgin may work well for IMs and OTR, but it is disgusting as an IRC client. > > Please add a real client for IRC, thanks. > > ====================================== > > What do you mean by real client? Why disgusting? What functions does pidgin > not include that are necessary? While Tails should strive to become > intention-complete it would not do for it to become bloatware. > > Comment by Anonymous — Fri 10 Aug 2012 01:14:20 PM CEST > ====================================== > > "What do you mean by real client?" > > A client designed for IRC and not for multipurpose activities. It wouldn't > require too much extra space to include irssi or weechat. > > Some of the other, more newb friendly options require KDE libs, so I guess > those wouldn't be an option. > > "What functions does pidgin not include that are necessary?" > > In addition to (pidgin) having a number of curious security related fixes in > the past, it doesn't appear to be designed for a comfortable look and feel > for the purposes of IRC, IMO it's a multi-purpose mess. > > "While Tails should strive to become intention-complete it would not do for > it to become bloatware." > > Exactly why I suggested irssi or weechat. > > If you can include OpenOffice, video and audio editing tools on a privacy and > security LiveCD, there should be room for a properly designed IRC client. > > If it's bloat you're concerned with, you'd strip a number of programs which > have no reason being in such a distro and allow the .iso to fit on a blank > CD-R 700MB instead of users wasting a good blank DVD-R. > > Regarding 'bloat', most of the programs including codecs, extra language > formats, OpenOffice/video & audio editing, and many other utilities I'll > never use I strip out by marking them in Synaptic once with each new version > (of Tails), saving these markings to a single file which I reload and auto > remove unwanted packages with each fresh boot, removing most of what is > presented which IMO doesn't and shouldn't belong on a LiveCD like this. > Bloat? Were this such a terrible issue, the .iso would be much, much smaller. > > I've heard excuses here before about bloatware and lack of manpower, but the > less packages (especially large ones like OpenOffice) you have on a system, > the less work the maintainers of a distro have to perform, and the less > security issues for each extra package. > > While I appreciate the effort of Tails developers, I'm close to creating and > posting my own Tails based distro, using openbox without the non-essential > utilities. The users can add extra programs when they want, right? So the > 'bloat' is already here. I won't start on the many kernel modules (like > hamradio, can, batman, and others) this distro does not need. How many of > your users have reported using Tails (tor) over ham radio? What of the can > module(s), are you serious? > > Because of the 'trust no one' philosophy, I would be the only maintainer of > this modified openbox Tails distro. As much as people bitch about OpenBSD's > main man, there's something to be said for his devotion to security which is > lacking in a lot of Linux distributions, but that's another tired battle. > > One of the tiny oversights include this in my polipo logs following my > time/location configuration: > > Connect to weather.noaa.gov:80 failed: General SOCKS server failure > Connect to weather.noaa.gov:80 failed: SOCKS error: TTL expired > Connect to weather.noaa.gov:80 failed: Connection refused > Connect to weather.noaa.gov:80 failed: Connection refused > > It may not be connecting, or maybe it is, but it shouldn't exist, especially > not for checking a .gov domain! What's next, a .mil domain? > > There should be no option to use a browser or anything else outside of tor > mode, users could add this option themselves or boot from some other LiveCD. > > Whisperback is an insult and one I quickly discovered and marked for removal. > (and manually removing the remaining config file and key) A preloaded browser > page including a link to the forum is all that is required. > > Cups and all its friends shouldn't exist. There have been a number of vulns > with cups and why it's included baffles me. The avahi 'bonjour' is also > another non-essential I strip. > > Tails doesn't need a sound recorder and if compromised this could prove fatal > to security/privacy. > > I would remove usb installation options and anything persistent. For a distro > with security/privacy aims, it should be boot to a Live RO medium and never > retain settings of any sort! What if a user were to snag a rootkit or any > other type of malware? The limited reach of chkrootkit and rkhunter and tools > like it do not detect the many threats being added to malware cache sites > globally. The Evil Maid Attack, which you can Google, is another threat. > > Comment by Anonymous — Sat 11 Aug 2012 05:49:46 AM CEST > ====================================== > eof > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
