Gajim is a python based XMPP + OTR instant messenger. Its more secure compared to the complex libpurple partly because its written in a memory safe language and supports one protocol instead of a dozen.
Last year there was a bug where encryption wasn’t applied to uploads using httpupload even when OMEMO was applied. This has been fixed in version 0.4. Stretch includes 0.4.1 so its covered.
The plugininstaller is annoying and actively pushes users to update and install code over CA TLS which is broken in our threat model.
The DNS problem can be considered a “protocol leak” but in the context this page describes this (using the bittorrent example), its not relevant Whonix since it can’t leak that info.
Its up to you if you want to go forward with this given this info.
Right. As a short term unclean solution: This is currently documented on how to disable it. This solution could also be automated in the security-misc package.
check if above makes sense - gajim might intelligently set a Tor socks user name per account already and manually setting a user name might worsen that
Depends on what upstream answers. Does Gajim set the socks user name different per account? If it does, torsocks might kill the DNS leak, but would also kill the per account socks user name isolation.
torsocks can only be a solution, if it’s known that the application is known to play well with torsocks, i.e. long term tested, mentioned in TorifyHOWTO, audited by somene. This is not the case with gajim.
uwt is just automating torsocks. Cannot surpass torsocks in terms of leak prevention. The first question to ask isn’t uwt, but torsocks.
bindp is only useful for applications using incoming Tor hidden services, that are opening local listeners on localhost 127.0.0.1 that should rather listen on eth0.
My god … can anyone tell me the instruction in the documentation for whonix is suitable? I can just do what’s written there step by step and everything?
Preferences -> Advanced -> global proxy -> mange -> Tor -> check Use proxy authentication -> set username to gajim -> set password to gajim/
It means that I have to write there my nickname, which I use for communication? And the password I used to register on the jabber server for this nickname?
How to change the language?
Meanwhile I have a suggestion on how Gajim’s traffic can be forced to use stream isolation. What if it is installed under its own user account and then you can use bindp to force all traffic for that user over its own isolated stream? Does that make sense? Can it fix things?
Another idea is to setup a local DNS server to forward requests to the port that we want (for the gajim user specifically). In that case you must be careful to disable caching so requests don’t stand out.
Other ideas in the same area: using lxc containers, namespaces or apparmor profiles to manipulate per application network settings.