On Wed, Jan 26, 2011 at 11:57 PM, ANDY <siral...@gmail.com> wrote: > So if I understand the help/faq correctly, in a nutshell - none of the major > IMs (Yahoo, MSN, Facebook) use SSL security other than to authenticate the > session at best?
I think that's more accurate that not. I think logins for AIM, Facebook, Google Talk, ICQ, MSN, and Yahoo are all either encrypted with SSL/TLS or use some sort of digest such that your password is not sent in the clear. Full encryption of all data should happen for Google Talk and also maybe for AIM/ICQ (see the settings on the Advanced tab when changing the settings for your IM account). > Aside from some great effort that casual/novice users are unlike to make, > things such as SILC is the only option? I guess I should point out that if you're concerned about ISPs being forced to log IMs, the encryption you're asking about probably isn't going to help you much. The encryption discussed above only deals with encrypting traffic from your computer to the IM provider. At which point the IM provider can log your IMs all day long. If you want your communication to be private then you need an end-to-end encryption solution, like OTR. > [The republicans in congress are soon proposing that ISPs be required to > retain 2 years of logs for all customer logins, email/IM and IP > destinations. Although casual net use wasn't a concern until now, I'm > starting to lock down my communications with HTTPS.] I feel compelled to state that I think this will never happen. It's kind of an absurd requirement. This would be a tremendous burden upon a lot of people, and the gain is marginal at best. If people know their communication is being monitored then they'll start using end-to-end encryption, in which case the monitoring is useless and you're just inconveniencing everyone. I also can't imagine people being ok with this from a "I live in a free country" point of view. --Mark _______________________________________________ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
