Encryption and OTR in Pidgin

According to last month's user survey, "encrypted messages" was one of the most popular feature requests- 55% of users say it's important to them. That's huge.

To put this in perspective, only video chat is more popular at 57%.

Pidgin already has plugin support for encrypted messages. However, it helps if all your buddies have it installed too.

Thus, I asked the developers what they thought of installing encryption by default. Here's what we agreed on:

• OTR (Off The Record): OTR is the most secure encryption protocol available for Pidgin, and is already a default for Adium users. While promising, it has some usability bugs that need work. Ian Goldberg, the professor who created OTR, told me he would love to have people contribute patches.
  
  
• Pidgin Encryption: Pidgin Encryption has no private method of key exchange and verification, which can create a false sense of security.
  
  
• Pidgin Paranoia: Pidgin Paranoia uses a form of encryption that is strong on paper, but in practice is vulnerable to attacks.
  
  
• XMPP/PGP: XMPP/PGP isn't as secure as OTR, but is a published protocol standard. The developers will welcome a well written patch for this.

Long story short, we won't be including encryption in Pidgin despite how popular it is. Sorry. This may be reconsidered when improvements have been to the plugins.

I hope this gives some good insight into decisions that are being made. Feel free to ask if you want more clarification on what I wrote here.

Pidgin 2.5.4 (No more freezing on exit)

Pidgin 2.5.4 has been released, which contains a number of fixes.

If Pidgin froze or hung when you tried to close it, this release will take care of that.

Also, the MSN connection problems have been resolved by Microsoft.

No more brainstorming

As some of you have already noticed, the Brainstorm site was taken down not long after the launch (for those of you subscribed to the Pidgin feed, apologies for the redundancy).

This is not a post for debating why this happened. If you want to learn more, read the development mailing list and maybe even send an email.

In lieu of Brainstorm, you can now vote on individual issues on the development site.

I'm interested in knowing what you think you think of the alternative (since comments are disabled in the other posts). If it's better, great! If not, why?

If you did not see Brainstorm, here's an identical example.

Brainstorm and vote on ideas for Pidgin!

Today Pidgin is launching a new community for users. Brainstorm, the centerpiece of this site, features a voting system for discovering the most popular Pidgin-related ideas.

With this, the developers will hopefully get a good sense of what is important. Brainstorm will also track when submitted ideas are finally implemented.

The benefits aren't limited only to the developers. Plugin developers and patch writers will be able to get some inspiration too.

Many thanks to the guys who made Ubuntu Brainstorm, which forms the backbone of Pidgin Brainstorm. Also needing recognition: Vadim Peretokin and maxious, who suggested an ideas board on my blog post about building a better community. This was all put together in less than 72 hours (notwithstanding some New Year's celebrations).

Please comment on what you think about the new site, and how it compares to the old system.

So get on out there and start submitting ideas for your favorite chat client!