Closed Bug 1676025 Opened 4 years ago Closed 2 years ago

OTR Chat with GoogleTalk automatically encrypted - multiple device usage impossible

Categories

(Thunderbird :: Instant Messaging, defect)

Product:
Thunderbird
Component:
Instant Messaging
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: roland_schweiger, Unassigned)

References

Details

Attachments

(2 files)

the disabled chat-encryption-settings (here in the German version) which seem to have no proper effect
487.88 KB, image/jpeg
Details
fingerprint created automatically when chat from TB to TB is initiated
517.55 KB, text/plain
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36

Steps to reproduce:

Setup a CHAT Account with GoogleTalk. Instant message conversations go to recipients who use either Thunderbird, or an Android smartphone, or both. (on the android smartphone, Google Hangouts is used).
By setting up the chat account in thunderbird, i disabled the 3 checkboxes related to OTR encryption trying to prevent the messages from being encrypted.

Actual results:

The problem now is, Thunderbird still automatically creates a key and encrypts the messages.
This results IN THE ANNOYING AND UNWANTED effect that messages will be recieved at the recipients Thunderbird client.
But at the recipients smartphones, only "rubbish" will appear. There is aparantly no easy way to include the encryption into Hangouts hence a smartphone using googleTalk protocole.

Expected results:

Thunderbird SHOULD NOT ENCRYPT chat messages if the user does not want to. Thunderbird should also not ask the user for recipient verification if he does not want to.
The problem as described is that such encryption will only work from Thunderbird to Thunderbird. It renders the chat COMPLETELY USELESS if the recipient either uses a smartphone or Thunderbird or both.

Please provide a solution to this.

But you need to opt (should need, afaik) to manually start encrypted conversations - it would not happen automatically. Are you saying it starts without manual interaction? Are you sure you're looking at the right chat account?

(The encryption is not only between Thunderbirds, but could also be between Thunderbird and other OTR compatible applications.)

Component: Untriaged → Instant Messaging

yes i am convinced that encryption (with the "fingerprint" showing) did start automatically. Because when i was still on the thunderbird 68.x branch, i used the exact same chat account to communicate from A to B, where A und B used Thunderbird and an Android phone.
all messages arrived at Thunderbird as_well_as the phone.
Now with thunderbird 78.x starting a conversation from Thunderbird A to B, a fingerprint is created automatically and the conversation is encrypted.
This results in the problem that the messages are readable on Thunderbird ONLY. Whereas on the android phones, only garbage is shown.

I just sent a message from Thunderbird to another account and viewed in on the web. I didn't change any setting and the message could be viewed just fine through the web interface so must not have been encrypted.

The szenario: chat via "google talk protocol" (and google accounts) from person A to person B
Both people use Thunderbird + Android Phones (on the phones, in this case "Hangouts" is used for communication)
The goal was (and it had functioned for years) that if A sends a message and does not know where B is (at the PC and thunderbird, or outandabout at the phone), the message would arrive at Thunderbird, as_well_as on the phone and vice-versa.
Now when it comes to the initiation of a chat from Person A (from Thunderbird) and person B has Thunderbird open,
a FINGERPRINT is created atomatically (s. screenshot, sorry German version)
Thus, from Tb <----> Tb the communication works. But on both Android Phones, only rubbish is created...
If person A starts a chat and person B has no Thunderbird running, ONLY THEN is the conversation un-encrypted aparantly.

So please in a future version simply offer to the user to prevent the encryption.
Encryption is not the cure for every szenario ...

I forget how OTR is supposed to work with multiple devices, but it seems like maybe a bug in the XMPP or OTR implementations in Thunderbird.

You should be able to disable OTR completely via the config setting of "chat.otr.enable".

See bug 1779087

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → INCOMPLETE

I think bug 1645217 is really the one that we want to link to here.

Depends on: 1645217
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: