On Tue, Apr 25, 2006 at 03:38:57AM -0300, Jose Tavares wrote: > Is there a way to make Licq connect without sending the password in > plain text?
Well, what you are asking about is the protocol... Licq supports AIM/ICQ and MSN so I'm gonna assume you are asking about ICQ. The ICQ protocol does not send passwords in plain text for... many years now. It is however trivial to decrypt the password if you sniff the packets. In fact, I bet you can google for it and find such software very quickly. ICQ as a protocol doesn't support truly safe password encryption. It's a major flaw in the protocol, which all clients must obey (otherwise we can't login). > It's a contradiction Licq offering a secure conversation channel and > sending plain password.. If someone get my pass, he/she will be able to > connect to anyone on my list using a secure connection.. :) He/she will > not see my conversation, but will be able to make the other party talk > about confidencial topics.. Well, that's what GPG or the forthcoming OTR plugin is for. > Comparing to msn, I loaded amsn in this open wifi net and the login was > secure but the conversation was plain.. Well, let's see what you are talking about ICQ != MSN. If you are talking about the MSN protocol plugin of Licq, then yes, your password is sent over an SSL connection to the MSN server. That is part of the protocol and once again, all MSN clients must obey this. > Question: Do you have plans to support a secure login in icq? I remember > that years ago I was on this list and there were people asking this > question that time ... Please ask AOL that question, we can't control the ICQ servers or ICQ protocol. Jon -- ________________________________________________________ Jon Keating ICQ: 16325723 [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] http://www.licq.org GPG: 2290A71F http://www.thejon.org HOME: Minamiashigara, Japan
pgp6H62cA0f5x.pgp
Description: PGP signature
