Bug 58849

Summary: Encrypted messages are stored as plaintext in History
Product: [Applications] kopete Reporter: Thorben Kröger <ThorbenKroeger>
Component: Cryptography PluginAssignee: Kopete Developers <kopete-bugs-null>
Status: RESOLVED INTENTIONAL    
Severity: normal CC: schnitzelkuchen
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:

Description Thorben Kröger 2003-05-23 15:14:02 UTC
Version:           CVS 23.05.2003 (using KDE KDE 3.1)
Installed from:    Compiled From Sources
Compiler:          GCC 2.95.3 
OS:          Linux

Using the Cryptography and History Plugin sent and received messages are stored as plaintext in the logfiles.

Wouldn't it be better (and more secure) to store the messages encrypted and decrypt them on the fly after having asked for the GPG passphrase?
Comment 1 Stefan Gehn 2003-05-23 15:41:05 UTC
AFAIK the encryption is meant to secure the data "on the wire" and not on your disk. 
Comment 2 Olivier Goffart 2003-05-23 15:53:20 UTC
Eh... aren't you precisely the reporter of the bug #58632 ? 
 
This is a problem because theses two plugins are (currently) no way to communique. 
That mean the crypto plugin can't know message from the history, and the history 
can't decrypt messages. 
 
I think an interesting option would be to encrypt the whole history, then, even root 
can't read what you said. 
 
Anyway, i think it is a lot of more interesting to encrypt text wich travel onto the 
internet, than encrypt local files.  
Encrypted partitions are made for this. 
If you want to keep secret what yopu said, encrypt (or delete) local files 
 
That mean i will not fix this and i'll close this bug with WONTFIX. 
 
Comment 3 Martijn Klingens 2003-05-24 16:40:24 UTC
Subject: Re: [Kopete-devel]   Encrypted messages are stored as plaintext in History

On Friday 23 May 2003 15:53, Olivier Goffart wrote:
> Anyway, i think it is a lot of more interesting to encrypt text wich travel
> onto the internet, than encrypt local files.
> Encrypted partitions are made for this.
> If you want to keep secret what yopu said, encrypt (or delete) local files
>
> That mean i will not fix this and i'll close this bug with WONTFIX.

While I agree that this particular issue doesn't really need fixing I think 
the bug is more general than just encryption and should still be fixed.

If I'm using other plugins that modify the text before sending, like spell 
check or translator then also the original message would be stored instead of 
the modified message.

I think we should instead store in history the message as it *really* went 
over the wire, since that is after all plugins have had their opportunity to 
modify the text.

Comment 4 Michael 2008-08-03 13:53:56 UTC
*** Bug 168205 has been marked as a duplicate of this bug. ***