« ACLU Keeps FiSA Story Alive | Main | Google Supports "Comprehensive Federal Privacy Law." Should You? »

June 9, 2008

IM Survey: Half of Major Providers Encrypt Entire Session

A CNET survey found that half of the instant messaging services covered provide encryption from the first login to signout:

“We found that only half of the services provide complete encryption: AOL Instant Messenger, Google Talk, IBM’s Lotus Sametime, and Skype do. To their credit, not one service says it keeps logs of the content of users’ communications (a certain lure for federal investigators or snoopy divorce attorneys). For connection logs, Microsoft alone said it keeps none at all—though Google and Skype said their logs were deleted after a short time.”

Not to pick too many nits, but …

Though Google may not store something called “joesmithschats.log” on its servers, if you don’t take care to toggle a conversation held over Talk as “off the record,” a copy is kept in both participants’ Gmail accounts, accessible under “Chats” within Gmail. Google says as much in its response to this survey, as well as its help page on the subject.

As a general rule, whether a chat service keeps a log around or not is hardly a deterrent to the hypothetical federale or divorce attorney: Most IM software keeps some sort of conversation log, as Congressman Foley learned (and as I got to explain to the nation on the Kojo Nnamdi show at the time.) Therein lies the value of OTR:

“OTR is designed to make past communications unencryptable (even if a key is eventually compromised) as well as provide the ability to authenticate that a message is coming from the right person without being able to prove such in the future. OTR’s authors liken the privacy it offers to a conversation held between two people in a secure room: Free from prying outsiders, authenticated in a way only face-to-face communications can offer, and without any proof other than the other participant’s word about the specifics of the conversation.”

(Link)

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 8:03 PM | Add Comment

Leave a comment











Type the characters you see in the picture above.

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers