On Wed, Apr 26, 2006 at 08:57:14PM -0300, Jose Tavares wrote: > hmm.. > I sniffed my own home network and dsniff decrypted my Licq pass.. That > was so direct that I thought there was no encryption at all.. :)
Then dsniff is one of those tools then. > I was always comparing ICQ protocol with MSN protocol and Licq with > aMSN .. I think I wasn't clear in my first email.. Well, that's comparing apples and oranges. You can compare protocols, but you can't compare the clients of different protocols. > aMSN offers 2 ways to connect. With SSL and without SSL. Licq only offers SSL with the MSN protocol. > As I captured my Licq pass so easily with dsniff and due to a friend of > mine had told me that ICQ "could" login securely, I thought there was 2 > ways to authenticate with ICQ too.. And I thought Licq wasn't using > crypto as dsniff picked my pass.. :) I haven't seen any secure logins with ICQ unless AOL just added it to the protocol. AIM and ICQ have insecure logins... it's been that way from the 1st day of each protocol and looks like it always will be. The OTR and GPG plugins that will be made can make some security. Currently there is GPG in Licq, but not very well documented. Jon -- ________________________________________________________ Jon Keating ICQ: 16325723 [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] http://www.licq.org GPG: 2290A71F http://www.thejon.org HOME: Minamiashigara, Japan
pgpWuqpTRn30Q.pgp
Description: PGP signature
