Sunday, April 29, 2007

Still using YM, AOL or Gtalk? Think again

Before starting on what are the disadvantages of using these let me give you a brief intro on how the internet works. The internet is a group of small networks which are connected together into the internet. Whenever we send data the data passes through various routers (controlled by different organizations and individuals) to reach the destination.
internet topologyINTERNET TOPOLOGY

The messengers we use don't provide any support for encryption. The initial login details used are encrypted to some extent but the rest of the data is not encrypted at all. People who have access to the routers can simply use a packet sniffer like wireshark to see the data. As an example let us see what appears in the sniffer after i have sent the string "How are you :)" on yahoo messenger.


Clearly, a user who cares about his privacy would not like this kind of stuff to happen as this allows other people to steal the private data which users are careless enough to share on these messengers.

The alternative to this would be use third party encryption addons to these softwares like rocksyahoo , aim encryption . However, there are several problems with these approach. Two of the main problems are.
  1. You would have to seperate a seperate plugin for each of the seperate messengers you use.
  2. These types of plugins are not available for all the messengers (eg. gtalk).
The alternative would be to you use a simple, multi-protocol, multi-platform and very famous open source messenger known as Pidgin along with the encryption plugin. This extension adds a secure encrypted layer over all the protocols supported by pidgin. Thus a user can communicate with other people securely. There are various other benefits of using this messenger which a person comes to know after using it. You would also like to add the guification plugin which is a must have for it.

  1. You might have to enable the encryption plugin through the plugin menu. Click Tools -> Plugins -> Pidgin-encryption to do that.
  2. Whenever chatting simply click the little lock on the upper right corner of the window to enable encryption.
  3. If the other user doesn't have the plugin he will see the following message ” *** Encrypted :: Send Key”. You would have to disable encryption at that time.