Open
Issue #27
· created by
·
Letter sealing is not supported
As of this week, purple line reports the following message (translated from Italian):
This message cannot be viewed in this version of LINE. Upgrade and ask your friend to send it again.
Received and sent messages appear empty, and messages don't actually get sent. I'm using latest version from the debian repository (debian.altrepo.eu).
-
Interesting. I actually noticed this some days ago and thought it was maybe just a special message type. So all messages show up like this now?
I'll have to take a look into it. It could be just that they've deprecated the version number the plugin's using.
-
Unfortunately, yes, plain text messages as well are affected. Let's hope it's really just the version number!
-
All right, this seems to be the "letter sealing" feature again. Seems it's getting turned on by default in newer versions. The workaround is to turn "Letter sealing" off in the Chats & Voice Calls settings on your phone.
The encryption they use for this hasn't been documented anywhere AFAIK and I haven't really looked into it. Personally I think end-to-end encryption in a closed source application is a bit pointless. I don't have plans to support it at the moment. It is a bit of a usability problem though because the error message is less than ideal, or nonexistent in some cases.
-
Commit 2b9c3c86 adds an error message that explains what's going on. Actually implementing the letter sealing feature would take quite a bit of work and I don't have the motivation for that right now. Another workaround would be to make the Pidgin client automatically turn the feature off but that's not such a nice thing to do, although again, the closed nature of LINE makes the whole feature a bit pointless.
-
Yeah, I confirm the workaround actually works around the problem.
For a messaging service, implementing end-to-end encryption should mean they don't store neither plain text messages nor the decryption key, so hackers or government should not be able to get the content of messages from them. So this point is valid whether or not the application is open source. IMHO the real point, however, is that everybody else is providing end-to-end, so they must follow because marketing. Which again doesn't depend on the application being closed source :D
-
End-to-end encryption doesn't mean much if the platform is not trusted though, and closed source software cannot be adequately audited. It's too vulnerable to government subpoenas. All they need is to have Naver push an update that grabs all the keys and sends them who knows where - and nobody would know.
I don't really consider the stuff I talk about on LINE interesting enough for governments, so I don't mind using it.
It would be interesting to see if I could still implement the feature though. Or at least get of the annoying nag message.
-
Ah you were considering it from the user's perspective...then I can only agree with you, it's just a void promise!
Well, good luck with that, doesn't look like it's an easy challenge. Thanks for looking into this!
-
I got same message, but it is shown at login time. The Message was sent from "LINE" (information account), both of Pidgin and Android app received. Messages are able to send or receive.
-
Yes, when I have time I'll try to find out what causes the annoying message. That's something that should be easy to fix, as opposed to implementing the entire letter sealing feature.
Just updating the version number the client reports as wasn't enough.