“soon”: How soon is soon, this is the question. But now that there are motivated testers, stabilization of new features can indeed go much faster.
About pidgin there are open questions.
Tails randomizes IRC nickname at boot time. The script can be found here:
https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/lib/live/config/2010-pidgin
The critical part is…
sudo -H -u "${LIVE_USERNAME}" sed -i'' "s,XXX_NICK_XXX,${NICK}," "/home/${LIVE_USERNAME}/.purple/${file}"
This basically searches for XXX_NICK_XXX in their default pidgin config and replaces that string with a random nick. On new boot of Tails, XXX_NICK_XXX gets restored. This wouldn’t be the case in Whonix, since it’s persistent. Which means, this script wouldn’t work in Whonix without tweaks. Because Whonix would store.
Do we want random IRC nicks in Whonix? Or do we just omit this script and let the user choose it’s nick? Or ship with pidgin IRC disabled by default? I tend to the latter.
Tails Design, Pidgin:
https://tails.boum.org/contribute/design/#index42h3
In my opinion it is a good idea to learn from Tails. Eventually they closed any holes we don’t want to re-invert in Whonix.
When answering to CTCP requests, Pidgin does not leak any information apart from PING and VERSION (Purple IRC), which is deemed acceptable as there are probably other weirdness in how the protocol is implemented, that disclose as much.
So it means it does leak PING and VERSION. From fingerprinting perspective this is non-ideal.
Whonix already has an IRC client, namely XChat, that doesn’t leak anything.
I think it would be best to ship Pidgin with IRC disabled by default.
For those fit with git, I started a pidgin branch:
https://github.com/Whonix/Whonix/tree/pidgin
For your convenience, changes at time of writing include:
(The tails implementation https://git-tails.immerda.ch/tails/plain/config/chroot_local-hooks/09-remove_unsupported_pidgin_libs cannot be used, because when pidgin gets updated, these files would be recreated. Therefore they have to be moved out of the way using config-package-dev.)