Announcement

Collapse
No announcement yet.

Securing Your Instant Messages

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Securing Your Instant Messages

    Came across this, and thought it was interesting. Seems like a good idea, although both sides need the plug-in which less experienced users might not be comfortable with, or a proxy server if they just have AIM. Apologies if it's old news. What do you guys think?

    :)
    Answering easy questions since 1987
    Si Dieu est pour moi, qui peut ĂȘtre contre moi?
    Tags: None
  • #2
    Just so that we are clear, this is not simply another system for encryption of instant messaging. What this plug-in brings to the table is that, like SSH, the encryption keys are destroyed upon completion of the session. This concept is nice in theory since it prevents an attacker from capturing conversations over a period of time in the hope that they will eventually obtain the key. It may not be useful in practice because it assumes that none of the participating parties are logging the conversation.

    Comment

    • #3
      I've been using Jabber and tunneling it through SSH out to my outside box for a while now. While it doesn't encrypt end-to-end, it does prevent my employer from reading my messages, which is who I really care about.

      Incidentally, I also tunnel IRC and HTTP through it too ;)
      --- The fuck? Have you ever BEEN to Defcon?

      Comment

      • #4
        Originally posted by kallahar
        I've been using Jabber and tunneling it through SSH out to my outside box for a while now. While it doesn't encrypt end-to-end, it does prevent my employer from reading my messages, which is who I really care about.

        Incidentally, I also tunnel IRC and HTTP through it too ;)
        Ahh, but what do you tunnel SSH through? Personally, I prefer DNS.

        Comment

        • #5
          The GUI version of the otrproxy was released at CodeCon--including a nifty one for iChat users. Download, launch otrproxy, set iChat proxy to localhost and port 8080, and voila, end-to-end secure IM with plausible deniability.

          http://www.cypherpunks.ca/otr/#downloads

          Sincerely,

          Beetle

          Comment

          • #6
            For secure IM conversations, I also tunnel through IRC. Other wise, I just bite the bullet and watch what I say while on AIM, even though legally AOL can't check your AIM conversations anyhow.

            Comment

            • #7
              Originally posted by MidnightViper
              even though legally AOL can't check your AIM conversations anyhow.
              That's not entirely true. For awhile, they could freely check your IM's, but now it can only be done under special circumstances

              :)
              Answering easy questions since 1987
              Si Dieu est pour moi, qui peut ĂȘtre contre moi?

              Comment

              Previous template Next
              Working...
              X