On the CoyIM site it says: "Not yet audited. Do not use for anything sensitive."
>Because they had a code exec vuln in 2017?
No. Look at the code, it’s scary! Pidgin and libPurple were not built with security in mind.
Coyim is being built ground up in an effort to avoid the numerous issues surrounding Pidgin/libOTR.
I think you absolutely should not use either, but if you’re going to use one at least use Coyim.
>Because they had a code exec vuln in 2017?
No. Look at the code, it’s scary! Pidgin and libPurple were not built with security in mind.
Coyim is being built ground up in an effort to avoid the numerous issues surrounding Pidgin/libOTR.
I think you absolutely should not use either, but if you’re going to use one at least use Coyim.