On Wed, Feb 20, 2013 at 10:27 PM, Micah Lee <[email protected]> wrote: > I just wrote a blog post that people here might find interesting about > using Gajim, a chat client written in python, and Gajim's OTR plugin, a > purely python implementation of the OTR standard, instead of Pidgin and > libotr.
Uh. Writing something in python does not make it magically secure. It often trades one set of security issues for another— in higher level languages programmers often have no idea what the underlying machine is doing, and surprising behavior can easily slip in. E.g. I've seen programs python programs that could be triggered to run arbitrary commands on the system, for example, because some library they called n levels deep passed arguments to an os.system(). The mistakes you need to avoid to write secure C code are more easily made but there are generally fewer ways to fail. Personally, I run pidgin in a selinux sandbox in a KVM that I use for other internet access. I'd like to also run it inside valgrind modified to exit on error, but pidgin is thoroughly and depressingly valgrind unclean and with all the white-listing required I'm not sure how much marginal value that would provide (and Openssl itself for that matter, though for stupid reasons). Perhaps Gajim is an improvement of pidgin, but the criteria for that is auditing and experience— not the language its written in. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
