Bug #2034
conversation half encrypted
| Status: | Closed | Start date: | 10/08/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | v13 - October Oooya | |||
| Component: |
Description
Conversation between Android Gibberbot client and iOS 7 ChatSecure client showed "This chat is secure" but replies were sent in the clear. See screenshots of Gibberbot and Google+ Hangout both taken on the Android side of the conversation. Outgoing message from Gibberbot not visible in Hangout screen, returned messages visible in both.
This breaks the user expectation of secure two-way communications: Party A can say "tell me a secret, I see this chat is secure" and party B can divulge that secret in a non-OTR secured reply.
History
#1 Updated by devrandom over 4 years ago
Not completely clear if the plaintext sender here was iOS chatsecure or Android. The bug reports seems to say iOS, but the screenshot shows the messages appearing on right, which I thought was the local user in CS Android V11.
#2 Updated by n8fr8 over 4 years ago
Was there another app somewhere logged into the Hangout/Gmail app you were chatting with?
Just trying to understand how the OTR session was init'd in the first place.
#3 Updated by n8fr8 over 4 years ago
- Target version set to v13 - October Oooya
#4 Updated by n8fr8 about 4 years ago
- Status changed from New to Resolved
Testing with latest ChatSecure Android and iOS releases has not been able to reproduce this state.
There was previously an issue with OTR session init'ing between the apps that has been resolved, which could have caused the problem.
#5 Updated by n8fr8 over 2 years ago
- Status changed from Resolved to Closed