What is Reddit's opinion of
Finch?
From 3.5 billion Reddit comments
22 reviews of this app found across Reddit:
I agree with that:
>"Lastly, you can not store passwords at all. This is Purple's default, and by far the most secure of all of the options."
As for the pidgin issue: http://developer.pidgin.im/ticket/7202
>Tools - Privacy. Says: Allow all users to contact me. THIS IS WRONG! >You just need to change it to: Allow only users below.
Check out Serverless XMPP (also called "Bonjour IM" or "link-local messaging") as a starting point. It uses mDNS (a.k.a. Apple's "Bonjour") to find and automatically interact with other compatible chat clients on the same LAN.
It's supported by Adium/Pidgin, as well as iChat. Just add a new account of type "Bonjour," and pick a username you'd like to use (though, Googling it, it looks like on Windows, you may have to install Bonjour for Windows first to have Bonjour available – it should work out of the box on desktop Linux distros with Avahi and on OS X). Since usernames are self assigned, this is pseudonymous. You should see an up-to-date list of everyone else on your LAN who has Bonjour chat enabled. This is also a great way to chat if you can get on wifi but the venue's Internet connection is down.
Note though, as always, other users on your LAN who are communicating with your computer can of course see your IP and hostname, and can scan for other services running on your computer. Link-local messaging doesn't affect this negatively or positively.
I've often seen strangers on public wifi networks, especially at tech heavy places like conferences and co-working spaces. If you really want to make auto-configured local communications more feasible, I'd work on getting common chat clients to ship with link-local messaging turned on by default. That way, it would "just work" without having to bug non-technical users about enabling it.
> It's great internally, but if you put it out there in the wild, you spend a ton of time dealing with dupes, posts that aren't a bug, feature requests, incomplete submissions, lengthy flamewars clotting up a potentially valid report, attention-seekers that are otherwise currently relegated to twitter and reddit, etc.
I can support your statement (particularly the bold portion) with a couple of good examples, both from a single open source project. Optionally, also this, which serves as an ongoing example of using a bug tracker to submit requests or patches that aren't well-aligned with the developers' plans.
If you have a mac your password should be saved in the keychain. Run Keychain Access, find the entry associated with the account, and check the box that says "show password". Enter your admin password and your AIM password should appear.
This obviously doesn't work if your password has been changed, or if you don't use OSX, though maybe windows has something similar.
Actually, googling a bit it seems pidgin stores the passwords in plain text. That's worth having a look at if you just want to see your old password which may or may not still work. Your login info is stored in accounts.xml.
Didn't pidgin get in a shitstorm for storing the user's password unencrypted? I seem to recall that being why Ubuntu doesn't ship with it anymore. Shame, pidgin seems really solid otherwise.
Edit: Yep
In posix we have the ability to make these files read/write user only, I've never understood what's insecure about this. I've always been with the Pidgin guys. Any solution other than a keyring is giving an illusion of security without having security for real.
This argument kind of reminds me of the oft repeated "never write your password down" conventional wisdom that is taken as truth until someone like Bruce Schneier or Randall Monroe questions it.
Isn't it: wm = /usr/lib64/gnt/irssi.so ? That's what it is on my gentoo install at least :)
You might also want to checkout the patches for finch in: http://developer.pidgin.im/ticket/12169 http://developer.pidgin.im/ticket/12208
Yes, I have. The author of that page seems to have completely ignored the first bullet point there, because that's how many keychain programs work, and they work just fine for that purpose. They mention it as a small aside further down the page, and this is all they have to say about it:
> There was a Google Summer of Code project that made progress in this direction, but the code was not merged into the main developer branch (im.pidgin.pidgin).
There's a link in there that points to a fairly empty 2-paragraph page explaining what they want to do, with no real explanation on why it hasn't been done or why it's not a priority at all.
I don't use pidgin, but look in the settings if there's anywhere to set an encoding (you want UTF-8, almost certainly, but experiment). More likely, however, this is just something they handle poorly. Try reporting a bug to the developers.
These have been fixed since 2.8.0.
From the changelog: > proxy: Add new "Tor/Privacy" proxy type that can be used to restrict operations that could leak potentially sensitive data (e.g. DNS queries). (#11110, #13928)
The pidgin developers conducted a thorough security audit and such leaks should no longer be possible. Whether you trust the audits is, of course, up to you, but you can always take a look at the code yourself if you have questions.
... and don't forget about additional protocol plugins, such as microblog-purple for Twitter support.
Rockmelt may be a more complete solution.
You'll most likely not find many applications supporting Google Plus due to a lack of official API.
Yes, that documentation is for applications built upon libpurple and plugins for those applications. The D-Bus API is apparently undocumented, which is why the D-Bus tutorial links to those pages.
Here is the C plugin tutorial: http://developer.pidgin.im/wiki/CHowTo
Common problem, not news worthy. I reported bugs like this in Pidgin 4 years ago:
http://developer.pidgin.im/ticket/7399
http://developer.pidgin.im/ticket/6465
Every software project in existence has a problem with maintaining up-to-date 3rd party libraries and this is nothing new or shocking. Also, fairly certain that there are vulnerabilities even in up-to-date 3rd party libraries too.
Unfortunately this is true :( - Until iChat gets ported to Windows, I'm stuck with Pidgin or Miranda. For some reason, I love Kopete on Linux, but haaaate Miranda with a passion.
Documentation of available signals says it is possible to modify the values.
Or is this limited to plugins only? If so, could you point me to a nice tutorial?
I don't think you're not going to be able to manipulate pidgin like that from an external process. The DBus API will only let you retrieve information, so I'm pretty sure you need to write a plugin.
I'm getting this from http://developer.pidgin.im/wiki/DbusHowto :
> In an external D-Bus script, the only use of these signals is for getting information. In a plugin loaded by Pidgin, if you register a function as listening to a particular signal, your function will be called at the time the signal is emitted, and in some cases Pidgin might use the return value of your function to decide what to do.
I feel slightly retarded, but I cannot get this working on my Ubuntu install. Pidgin 2.7.3/Ubuntu 10.04. Followed all the instructions here to no avail. I tried the deb package which shows up installed in my Software Center but there's no plugin listed in Pidgin and the protocol isn't listed if I go to add a new account.
I tried compiling from source but I'm pretty terrible at that and I'm not surprised if I did it wrong. I followed the instructions above with all the dependencies installed but couldn't seem to generate anything.
Finally I just extracted the .so file from the deb package and manually copied it to the location. No dice.
Halp?
Upon further investigation, you can likely use a dbus script in pidgin (reference) to listen for pithos' song-changed dbus message and then act appropriately. It'll probably require some digging into pithos' guts to find out what it does exactly, but I think it does send a song-changed notification via dbus that you can listen for.
I've never tried it myself, but it was added in 2.6
> Voice & Video support with Jingle (XEP-0166, 0167, 0176, & 0177), voice support with GTalk and voice and video support with the GMail web client.
http://developer.pidgin.im/wiki/ChangeLog#version2.6.008182009
Yeah, I should have guessed you'd have got IE5 from there, d'oh! I think the AOL thing might be protocol changes, they seem to keep tweaking that and it causes problems for third-party clients like Pidgin, as this bug report shows.
If you can tweak where it connects to try login.oscar.aol.com on port 5190 as per the bug linked above, but if the protocol has changed you might be out of luck :(