Re: [Gaim-devel] libyahoo2 integration?

[Luke S. <lsc...@re...>]

On Thu, Jul 25, 2002 at 01:10:40PM -0500, Aaron Schumacher wrote:
> > Privacy in Gaim is being reworked entirely.
> 
> Since it seems to be actually-use-the-gaim-devel-mailing-list-time, and
> since this comment reminded me of it, I'll ask:
> 
> Passwords for messaging ID's are stored in plaintext (.gaimrc) when
> saved...  (Correct me if I'm wrong, but they are on my machine...) 
> Would it be possible/is it already being worked on to encrypt them
> somehow (maybe like real passwords)?  Or something else?  Just thought
> I'd throw that out there.

I agree with Sean, its a horrible idea. if someone can see your .gaimrc file, 
encrypting it won't help. they'll just copy it and use gaim itself, or a decrypter based
on gaim's decryption of the passwds to read your passwords anyway. you should not be using
gaim on machines from which you cannot trust the security of the unix permissions. encrypting
.gaimrc would only provide a FALSE sense of greater security.

luke

-- 
-This email is made of 100% recycled electrons.
-If something can go wrong.... FIX IT!
 If it's Microsoft...delete it.
-There are three ways to get something done:
   (1) Do it yourself.
   (2) Hire someone to do it for you.
   (3) Forbid your kids to do it.