On Sat, May 18, 2013 at 1:24 PM, mark seiden <[email protected]> wrote: > ... > there are numerous other IM systems that are server centric and do a lot of > work > to look for and filter "bad" urls sent in the message stream. > > this is intended to be for the benefit of the users in filtering spam, > phishing, malware links, > particularly those that spread virally through buddy lists of taken over > accounts. > sometimes these links (when believed to be malicious) are simply (and > silently) not > forwarded to the receiving user. > > this involves databases of link and site reputation, testing of new links, > velocity and > acceleration measurements, etc. the usual spam filtering technology. > > my impression is that almost all users thank us for doing that job of keeping > them safe. > they understand that IM is yet another channel for transmitting spam. > > the url filtering is aggressive enough (and unreliable enough) in some cases > that > you have to check with your counterparty in conversation if they got that > link you > just sent. so users are aware of it, if only as an annoyance. (once again, > spam filtering > gets in the way of productive communication) > > i am merely telling you how it is. obviously user expectations differ on > AIM, Yahoo Messenger, > etc. from those of users on Skype, some of whom believe there is magic fairy > dust sprinkled on it, and that > it is easier to use than something else with OTR as a plugin. Perhaps the user should be given a choice.
The security dialog could have three mutually exclusive choices: * Scan IM messages for dangerous content from everyone. This means <company> will read (and possibly retain) all of your messages to determine if some (or all) of the message is dangerous. * Scan IM messages for dangerous content from people you don't know. This means <company> will read (and possibly retain) some of your messages to determine if some (or all) of the message is dangerous. * Don't scan IM messages for dangerous content . This means only you and the sender will read your messages. Give an choice, it seems like selection two is a good balance. Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
