Securing Your Instant Messages

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Second
    Ne me blessez pas
    • Dec 2004
    • 319
    #1

    Securing Your Instant Messages

    Came across this, and thought it was interesting. Seems like a good idea, although both sides need the plug-in which less experienced users might not be comfortable with, or a proxy server if they just have AIM. Apologies if it's old news. What do you guys think?

    :)
    Answering easy questions since 1987
    Si Dieu est pour moi, qui peut ĂȘtre contre moi?
    Tags: None
    • Voltage Spike
      Ce n'est pas un personne
      • Jun 2004
      • 1049
      #2
      Just so that we are clear, this is not simply another system for encryption of instant messaging. What this plug-in brings to the table is that, like SSH, the encryption keys are destroyed upon completion of the session. This concept is nice in theory since it prevents an attacker from capturing conversations over a period of time in the hope that they will eventually obtain the key. It may not be useful in practice because it assumes that none of the participating parties are logging the conversation.

        Comment

        • kallahar
          Goon Like Object
          • Jan 2003
          • 571
          #3
          I've been using Jabber and tunneling it through SSH out to my outside box for a while now. While it doesn't encrypt end-to-end, it does prevent my employer from reading my messages, which is who I really care about.

          Incidentally, I also tunnel IRC and HTTP through it too ;)
          --- The fuck? Have you ever BEEN to Defcon?

            Comment

            • Voltage Spike
              Ce n'est pas un personne
              • Jun 2004
              • 1049
              #4
              Originally posted by kallahar
              I've been using Jabber and tunneling it through SSH out to my outside box for a while now. While it doesn't encrypt end-to-end, it does prevent my employer from reading my messages, which is who I really care about.

              Incidentally, I also tunnel IRC and HTTP through it too ;)
              Ahh, but what do you tunnel SSH through? Personally, I prefer DNS.

                Comment

                • beetle
                  The Shmoo Group
                  • Sep 2004
                  • 12
                  #5
                  The GUI version of the otrproxy was released at CodeCon--including a nifty one for iChat users. Download, launch otrproxy, set iChat proxy to localhost and port 8080, and voila, end-to-end secure IM with plausible deniability.

                  http://www.cypherpunks.ca/otr/#downloads

                  Sincerely,

                  Beetle

                    Comment

                    • MidnightViper
                      Member
                      • Sep 2004
                      • 29
                      #6
                      For secure IM conversations, I also tunnel through IRC. Other wise, I just bite the bullet and watch what I say while on AIM, even though legally AOL can't check your AIM conversations anyhow.

                        Comment

                        • Second
                          Ne me blessez pas
                          • Dec 2004
                          • 319
                          #7
                          Originally posted by MidnightViper
                          even though legally AOL can't check your AIM conversations anyhow.
                          That's not entirely true. For awhile, they could freely check your IM's, but now it can only be done under special circumstances

                          :)
                          Answering easy questions since 1987
                          Si Dieu est pour moi, qui peut ĂȘtre contre moi?

                            Comment

                            Previous template Next
                            Working...