I’m probably just being paranoid, but some people have said some things to me that make me think they may have been eavesdropping on my IMing. So I’m wondering: are Yahoo/AIM/MSN instant messages encrypted before they’re sent, or are they transmitted in plain text?
If plain text, how hard would it be for a network administrator to read someone’s IMs? And is there any IM software that supports encryption?
It’s unencrypted and very easy to eavesdrop on.
There’s a prog to encrypt (both sides must have it), but I can’t recall the name. I do recall that it’s a French company that makes it, so hopefully someone will know what I’m trying to think of.
Here we go:
http://www.secway.fr/
The “SimpLite” versions are free IIRC.
Or you can just use Skype to IM since its encrypted.
If they’ve got a keylogger on your machine, encrypted IMs won’t make a bit of difference.
No keylogger—I’m using my personal laptop on other people’s wireless networks.
Can you elaborate on how it would be done? I have a network in my apartment (3 computers on a NAT box/router), but I don’t know how I would go about eavesdropping on my own IMs.
I don’t know about very easy – you need to be on the same network segment as one of the parties (easy if you’re right there), or have access to a network between them (far less likely.) Then it’s just a matter of using a freely available packet sniffer to watch the network traffic.
Of course, as ultrafilter mentions, a keylogger makes the whole point moot.
As friedo mentions, you’d have to be on the same network segment. Then, all you’d need is packet sniffer (also mentioned by friedo) like ethereal, which is freely downloadable. I’ve never used it for IM sniffing, but I’ve used if for other things and it’s pretty easy to use for someone with network experience (like your network administrator). There’s likely already filters included for the big IM systems.
Trillian is a IM client interface that works with AIM, Yahoo, ICQ, IRC and MSN and includes an encryption option. The price is right, too.
Thanks, everybody.
Sorry if this is too old to bump, but I only recently discovered Gaim encryption.
Gaim is prog that connects to pretty much every network, and I’ve been using it for years already. http://gaim.sourceforge.net/
Here’s the encryption plugin: http://gaim-encryption.sourceforge.net/
All free and open-source.
A lot of cell phones have instant messaging built in these days (in addition to regular SMS text messaging, that is). Are there any encryption-capable programs that would work on a cell phone?