When tools>preferences>logging>"log all instant
messages" is turned on, encrypted conversations are
stored in the filesystem in plain text. If a machine
was comprimised after a conversation then the contents
of the encrypted conversation could be discovered. I
don't know if this is a bug or if it was intentional
but it seems like it might deserve an option in the
plugin configuration to not log encrypted conversations.