Reopening this bug as this is super insecure. Imagine a user who does not even know what SSL/TLS is. He/She _will_ leave the default as is. He/She will use just the same password as for his/her e-mail, social networking, or online payment account with high probability.
Empathy does not even notify the user that his sensitive data might be read by anyone in the network. This should be not the default setting for the default messaging client. I strongly suggest to turn "Encryption required" on as default and in case the server does not support that, open a "This will send you password unencrypted - do you really want to continue" message box. -- New and added Jabber accounts are insecure by default https://bugs.launchpad.net/bugs/600449 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to empathy in ubuntu. -- desktop-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
