As we all know, when using open 802.11b hotspots, by default all traffic is unencrypted. Exceptions are SSL encrypted (https) web sites and other applications that use encryption. Everything else is in the clear.
If you use most any of the popular Instant Messaging clients, your login, password and text of all of your chatting is sent in the clear. With various programs, and many are free, anyone can capture this information. This issue is not unique to wireless. If you use IM at work, it's very possible that your corporate IDS (Intrusion Detection System) is detecting and possibly logging all of the content of your IM session. The same goes for using IM for business purposes. Many people use IM for business communications all over the world. How do you know some foreign/domestic organization is not eavesdropping on your chat? A Google search turns up interesting information on this problem: Independent analysis of Trillian encryption: http://www.sans.org/rr/papers/20/1116.pdf AIM IM Encryption: http://enterprise.aim.com/products/aim/personalcerts/ http://www.aimencrypt.com Hushmail Messenger: https://www.hushmail.com So far I like the Hushmail product. As far as I know, they have a good reputation for security. Is anyone else using any tools to protect their Instant Messaging? Frank Keeney ---------------------------------- IM: Hush Messenger (Secure): [EMAIL PROTECTED] Yahoo: wlanparts AIM: wlanparts, MSN: [EMAIL PROTECTED] VOIP: Skype: wlanparts, FWD: 289372
