If you will notice all/most of the news posted in here are backed up by facts. Would it not be better if you have posted a link/news in support of this claim?

BK

You probably don't need to explain what Trillian is to people on this forum. If they do need it explained then they shouldn't be here....

LosT

Heh-heh :-) I think BK wanted a link to the story of the security issue.

Yes, I do know Trillian but I dont use it :)
Cotman is right, I am looking for the link to the story of the security issue not that I can't google for it. I just thought it would be a "stronger" post if he included it.

My apologies if I came out as a prick.
BK

I read an article a while back posted on a website, which explained how easy it is to decrypt the passwords stored in the ini files for trillian. It was simplistic enough that it could be done mentally without much skill.

I believe the characters are stored in hex and then an offset for the entire password. Once you had the offset you just converted the hex and then added or subtracted the offset.

Trillian is far from really secure. I also read an article recently about the encryption for secure IM not functioning correctly on Trillian.

I didnt find the exact article I was looking for, but heres one on the simple decryption.

LOL ! ! !

Why are they making programs who are so badly secured???

Its like you dont lock youre door when you go home because you supose that nobody will try to get inside youre house because they probebly think the house is locked.

Wait, what? It's not like the developers decided they didn't want a secure program..

Sorry guys lol im new to this forum and i didnt know what you guys would expect for me to post with my topic from now on i will post backups towards my story.

Also lol im sorry for explaning to you guys what trillian is , i just wanted to make sure everyone was aware !

But why are they making it so easy

But why are they making the password so easy to crack.


Its like writing down the nuber to lock up you house door in letters.

Tife1: "OOO NO! they have a security lock on the door"
Tife2:"but what is this note on the door, The password to the keypad is Two, five, nine, seven"

Thats not very hard to crack that code and know that you shall punch in 2597 on the keypad and wola! the door is open.

Its easy to find out what a word will be in ASCII, you dont need mush brain.


So why are they making the program so easy to crack.....

Convenience vs security maybe? If the password wasn't stored on your computer at all, it'd be the best solution. But they need a way to allow users to save passwords, and in turn just send the server that password when they sign on instead of requiring one. This means they need to have it on your computer, and unfortunately, it can't be one way encryption, because they need to unencrypt it when sending it.
Unfortunately they picked a bad encryption algorithm, and they'll probably rework that on the next release.

No one way encryption is entirely safe, this was just, more unsafe than most.

d3ad ur right but i dont belive any Chatting Service provides such security, or even does one way encrypson. Or maby im wrong?

If you're talking about sending messages between computers, only one I can think of does; Hush messenger, which uses PGP encryption.
If you mean when saving passwords to not have to re-enter them everytime you login, every program does.

I used trillan once and it was crap.. (long time ago).
I've been using gaim for about.. 4 years or more now.. and it's great. Lately with the gaim encryption plugin or just tunnel its plenty secure for my 'chats'. Checkout SILC gaim/ SILC irssi for a great crypto and more chat protocol.

---"But why are they making the password so easy to crack. "
They arn't.... its just inherently insecure.

---"Why are they making programs who are so badly secured???"
A machine with good security is hard enough, when you introduce a network aspect.. the job is MUCH harder.

--"Its like you dont lock youre door when you go home because you supose that nobody will try to get inside youre house because they probebly think the house is locked."
Please take a critical thinking class...

I don't mean to make anyone look stupid.. But please think before you post.
Its like in grade school.... First ask your peers... Then ask your group, then you can ask the teacher....
Only here (and hopefully elsewhere)... Its First consult a friend, then ask google / wikipeida then if you still can't figure out your question/problem... post it here... [/rant]

I have nothing agesnt gaim just i dont like it when u click the 'x' on the contact list it closes the application.

But also i didnt like features but ill try to downlaod it again last time i used it was about ..... 1 year ago i belive :S !