SD IM Tutorial Please

I suddenly have a use for an IM program. I concerned about security. I’ve been directed to Miranda and Trillian. I don’t care about audio/video conferencing etc.

Also, do I need to have an account somewheres with somebody? If so, who’s got the best re security and privacy?

I already have the usual assortent of security precautions and protocols in place (AV, anti-spyware, turned off unused services, firewalls, etc). Is there anything else that I’ll need to have or do to be reasonably safe?


Both parties need an account with a particular IM service (AIM, MSmessenger, Yahoo, etc). Trillian can combine all these and more into a single, slick (and encrypted) program. I’ve been using it for quite a while now, even though I use AIM exclusivly.

We use trillian at work because so many of our contacts used different services (AIM, MSN, Yahoo etc…) I can’t fault it so far. And I assume reducing four programs into one frees up some resources for the computer.

Are you saying that communication on Trillian is encrypted?

Do you know what kinds of security steps do you guys take for IM use?

Yes it can be. It’s a box you check in the configuration setup. Both users need ti be using Trillian. It’s kind of neat…when an incoming crypto message approaches, the window pops up and says something like ‘establishing secure tunnel’ and then ‘Secure IM session established with xxuserxx’.

You might consider using Jabber. You’ll be able to run your own server and can use transports to connect to other services, like Yahoo and AIM, through it. I’m not sure, but I believe it has encryption too.

I should have searched a little before posting. Jabber does support SSL encryption of messages, passwords, log files, and more. However, it’s only available with the enterprise version, and I’m not sure how much that costs. I doubt it’s much since the regular version is free.

More information at:

I use gaim, which can also connect to AIM, Yahoo, MSN, ICQ, and all other services that I can think of.

What are the security issues re IM esp w/ gaim?

This is beyond my needs.

I don’t even really anticipate needing encryption. I saw that it was mentioned by jnglmassiv and wondered. I mean, it’s cool and all, but I’m saying anything really worth eavesdropping on.

Mostly I"m interested in security concerns

Here’s the page describing the various security issues that gaim has.

I’m a fan of it because it is very minimalistic in its UI, and also open-source, if you like that kind of thing.

Is this sort of intercourse with the outside world protected the same way that web browsing is?

The issues on that page don’t seem to be about the security issue the OP is concerned about, which is the privacy of the connection.

I like GAIM too, but I have no idea if it can encrypt a connection.

I just want to know if I’m opening up a door for crackers and script kiddies.
And, if I am, how do I secure my machine so that I won’t get pwned by some fourteen year old.

You will not get pwned by instant messaging. The worst that could happen is that you have a conversation with someone who uses words like “pwned.”

I’ve taken the ususal, regular, reasonable precautions to secure my system (two firewalls- soft and hard, AV, anti-spyware, turned off unused services, activeX & java whitelists, intrusion prevention software). I’d hate to render that effort moot by creating an opening that I don’t know how to secure.

Are there any other security steps beyond the regular ones I should take?