[jdev] Presence leak test suite

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Jul 9 11:09:48 CDT 2008

On Wednesday 09 July 2008 07:55:58 Kevin Smith wrote:
> On Wed, Jul 9, 2008 at 3:46 PM, Peter Saint-Andre <stpeter at stpeter.im> 
> >>> you also test presence leaks using guessed well-known resources like
> >>> client names (Psi, Gajim, Miranda, QIP, Adium etc.) or places (Home,
> >>> Work, School etc.)? I think it could push client authors to use
> >>> random-generated resource names.
> >>
> >> I don't understand why this would be something we'd want to push for.
> >
> > Because some people are paranoid?
> Paranoid people can use as random a resource as they want to - it
> doesn't mean the rest of us need to :)

And a random resource isn't necessary anyway, just good privacy control on the 
server.  (/me still wants a server that will bounce all iqs from people who 
don't have his presence.)


More information about the JDev mailing list