What is Digg?59 Comments
- tchawla, on 10/12/2007, -1/+22Please note that both the person sending and the person receiving must be running gaim and both have the plugin installed.
- hode, on 10/12/2007, -0/+2155% of diggers make up false statistics.
- Easty, on 10/12/2007, -1/+2199% of people who download this won't have anything worth intercepting.
- MikeDawg, on 10/12/2007, -0/+18Gaim-OTR (Off-The-Record) works a little better. I thought gaim-encryption plugin was dead anyways. . .
http://www.cypherpunks.ca/otr/ - webcrumb, on 10/12/2007, -1/+12And 83% of those are lying.
- hansamurai, on 10/12/2007, -1/+12Encrypt your brain waves with a tin foil hat.
- inactive, on 10/12/2007, -1/+12i've seen too many people share passwords over aim. it's pretty bad thing to do in a college environment with wireless.
- hotstyle765, on 10/12/2007, -0/+8GAIM encryption is great...
Colleges just love to snoop in on IM conversations these days.
I say use OTR, its supposed to be a little better.
http://www.cypherpunks.ca/otr/
From their website:
"How is this different from the gaim-encryption plugin?
The gaim-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past gaim-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!" - webcrumb, on 10/12/2007, -4/+12Bah. The article lost credibility when I read this:
"the latest stable version which, as of writing, is 1.5. Make sure you skip the 2.0 beta; the encryption plugin won't work with it."
Then how come I'm using it with 2.0beta5? I use the 3.0beta of the plugin. Gaim 2.0beta is so much better than 1.5 it's scary. And it crashes about as often. - hotstyle765, on 10/12/2007, -0/+7Guess whats built into Adium??
OTR
But yes it is nice not having to compile it. - ahill7, on 10/12/2007, -0/+6and OTR comes standard with the fedora repos of gaim 2.0 beta5
- DrScott, on 10/12/2007, -2/+7Foley need not apply.
- kilmer, on 10/12/2007, -0/+5Believe me nobody on the net wants to see you naked...that's all the security you need.
- webcrumb, on 10/12/2007, -0/+5Good. Safety in numbers. :)
- slut, on 10/12/2007, -0/+52.0.0 beta 6 is out now :D
- americamatrix, on 10/12/2007, -2/+6Guys - why would use a plugin? Thats a terrible article -
Why not just use Scatterchat ?
http://www.scatterchat.com
From the website -
"ScatterChat is a secure instant messaging client designed for non-technical users who require secure and anonymous communications. Our typical end-users include human rights and democracy advocates operating in hostile territory. ScatterChat is also a valuable tool for anyone requiring secure communications.
It is based upon the Gaim software, provides end-to-end encryption, integrated onion-routing with Tor, secure file transfers, and easy-to-read documentation.
ScatterChat's security features include resiliency against partial compromise, immunity from replay attacks, and limited resistance to traffic analysis... all reinforced through a pro-actively secure design."
Scatterchat FTW! - dagr8tim, on 10/12/2007, -5/+8Trillian Prefs -> identities -> choose identity and click "change" -> click Misc tab and check atleast the top 2 of the 3 check boxes in the bottom section. IIRC, it only works with AIM & ICQ.
- wampl3r, on 10/12/2007, -0/+3SuSE has the OTR plugin as well... And, if you're using Trillian Pro there is an experimental OTR plugin that communicated fine with the Gaim version. (at least it was in the Trillian plugin list last time I looked..)
And apparently, as a poster below mentioned, OTR is in Adium as well... - seandfeeney, on 10/12/2007, -6/+9you are just coming across this now? This has been around for a long time.
- Thors1982, on 10/12/2007, -6/+8Trillian also does this
- kigol, on 10/12/2007, -8/+10cool. i love gAIM
- Textbook, on 10/12/2007, -1/+3Does it fix the lasting problems with AIM file transfer, AIM direct connections, or (most) IRC file transfers? Yes, I have all proxies turned off, and even if both people are using the same version of GAIM, the files don't transfer. I use GAIM for Windows on 3 computers and GAIM for Linux on 1 computer. It does this with all of them. I use GAIM everyday, but it could definitely be better. I hope they can fix some of the bugs with the program.
- ahill7, on 10/12/2007, -0/+2but isn't that the case with all keys/fingerprints/signatures/etc? Once you have someone's cert, the only way to verify is to authenticate via another medium. True, it would be easier to verify if it were a public key methodology. But I've had nothing but success using OTR and GAIM
- indicas, on 10/12/2007, -1/+3I have never had any issues with 1.5 and this plugin. This plugins great, my only (serious) qualm with it is that it doesn't seem to support chat. I hope they offer chat encryption support in the future.
- picaro, on 10/12/2007, -1/+2Is there a plug-in to auto-encrypt logged conversations?
- Kazanoe, on 10/12/2007, -0/+1You know, its people like you whom I actually enjoy hitting the "Show Comment" button, simply to digg you down
- emiles, on 10/12/2007, -2/+3Yeah, I don't know why you are getting dugg down. This is like creating a story called "See Visualizations of Your Music with WinAMP".
- SystmBetatester, on 10/12/2007, -0/+1too bad for it to work, both people need the encryption enabled. but other then gaim i think trillian has encryption as well.
- karamba_kid, on 10/12/2007, -0/+1I also prefer Gaim-OTR and in Ubuntu it's as easy as aptitude install gaim-otr.
- rudy23, on 10/12/2007, -0/+1not sure why you are being dugg down but that was funny.
- scottious, on 10/12/2007, -0/+1mmmm don't get your hopes up too much, it's not fully secure. As far as I know, GAIM encryption is susceptible to man-in-the-middle attacks. There is no (easy) way of verifying if the public keys you are getting are actually from who you think they're from.
- martypal2005, on 10/12/2007, -0/+1"Not really useful to most people, but still, interesting."
Who are you to judge what should be encrypted and not. An encryption protocol should be standardized a long time ago for all IM protocols. Then it's just up to the different vendors to implement it into their clients. It's about time some of the big corps takes some responsibility. It shouldn't be up to the end consumer whether or not to encrypt. This is ridiculous.
Its like saying we doing really need airport security. Because you don't have anything to hide. - americamatrix, on 10/11/2007, -0/+1@mmkassem
FTA: [http://www.scatterchat.com/documentation.html]
Why isn't ScatterChat a Gaim plugin?
ScatterChat contains several security features that cannot be implemented using Gaim's API. For example, to frustrate traffic analysis, typing notifications are turned off when encryption is enabled, file transfers are encrypted when the conversation is in secure mode, and integrated Tor support was added. More advanced features are forthcoming.
ScatterChat is a friendly-fork of Gaim such that periodically it will be re-synchronized with the upstream sources. The ScatterChat project does not do any general development on the Gaim sources, and so it is not competing against Gaim.
The project maintainer is very open to the idea of merging ScatterChat back into Gaim, though this task is not prioritized. Please contact him if you are interested in doing this. Maintaining a fork is lots of hard work!
If you care about the new features in Pidgin 2.0 - fine - use that on a normal basis - and use this when you need to be more secure.
I don't understand your point of view cause its obvious you didn't do your homework and read up on scatterchat before you spoke... - yathosho, on 10/12/2007, -1/+2isn't the real problem of IM encryption, that everybody uses a different client anyway? i use gaim and its encryption is not compatible with miranda's for instance.
- martypal2005, on 10/12/2007, -0/+1This is exactly the kind of ignorance and "easy goingness" they want people to have. Probably you have in fact been watched by some kind of federal instance.
- MattyLite, on 10/12/2007, -1/+2Say what? What college is it that you go to?
- martypal2005, on 10/12/2007, -1/+1You probably dont know this but all isp's in the US are required to have boxes that record all traffic going through. These are placed there by federal government. These are part of the tools that are used to track down criminals and is part of the patriot act. Your unencrypted chatting will be logged at several places: 1) at the isp 2) at the chat servers and god knows where else. You have no rights as far as how these logs are used or by who its being read. FBI uses these kind of tools for profiling and tracking down criminals and terrorists.
I've heard it too many times: But why would they suspect me. I have nothing to hide. Bla bla. I guess you don't mind the feds listening to your phone calls either.
The reason why encryption has not yet been standardized by the big corporations yet like Microsoft, AOL etc. is mainly because of lobbying and the government don't want them to. Standardizing an encryption protocol for Internet traffic such as instant messaging would have been very easy. They have no problem implementing it for example when it comes to Internet banking and online gambling.
If you are still not convinced check out an interview with Bob Kahn, http://www.pbs.org/cringely/nerdtv/shows/, one of the inventors of the TCP/IP protocol in the 70's. They had in fact big plans of standardizing an encryption scheme namely for this protocol. But they were stopped. By who, the US government. - izomiac, on 10/12/2007, -0/+0At my old boarding high school packet sniffing was incredibly simple. I used to spy on the people in my unit until I realized that 99.5%+ of their messages weren't interesting enough to warrant the effort. Ditto for e-mail.
Personally, I'd be glad to encrypt my IM's, but since I don't control the software my friends use, I can't. - KevinWPeters, on 10/12/2007, -1/+1As does Kopete, and it uses your GnuPG key to encrypt with. Honestly, I've been using Gaim with encryption for 4 years and just moved over to Kopete. there's nothing new about this.
- martypal2005, on 10/12/2007, -1/+1It's not whether or not you share your banking information or your paypal passwords that is the problem. (well relatively small problem) Even though it should be stolen there are ways to fix this.
This is nothing:
Compared to the federal surveillance and exploitation of hundreds of millions of people! - VegasGene, on 10/12/2007, -1/+1do any of these encrypt video chats?
- levi, on 10/12/2007, -2/+2I use Gaim its a great program. The problem is just like any other IM client both sides have to have the same program. You cant encrypt an IM between Gaim and aim or trillian and Gaim. And I'm not going to get my mom to use gaim.
- Flathom, on 10/12/2007, -1/+0PSI has been doing this for quite awhile via GNUPG, why bother with gaim-encryption?
- ahill7, on 10/12/2007, -2/+1Its more like, messages are sent in clear-text and people tend to send stuff like passwords, bank information, etc, over instant message. Therefore, I could sit on a wireless network or whatnot and capture all the IM messages and do some nasty stuff.
Another reason would be to be in compliance with certain regulations...(Sarbanes-Oxley, CISP/PCI, etc.) - KillerJ59J, on 10/12/2007, -4/+3Who spells it gAIM? Seriously, it's gaim or Gaim.
This is really old and as levi pointed out... it's really not that useful for normal use. :p - mmkassem, on 10/12/2007, -1/+0It does not support the new features added to GAIM 2.0 and even if it will, that's just a waste of time. May be, it could have been better if scatterchat was a GAIM plugin and contributed in GAIM development that has lot more to add yet better than repeating what was already done.
You could use TOR in GAIM using the proxy/socks settings found in the account (Modify Account > Advanced)
Making a new product name just to add few features that could be added as plugins only means more bugs and incompatibilities, less security and less features.
The only feature that it has over GAIM currently is the file encryption, which could be added as a plugin too. - Bleach00, on 10/12/2007, -2/+1Not really useful to most people, but still, interesting. Gaim is awesome, the only problem I have with it it's inability to cope with my msn-using school friends' custom emotes. And yes, I know you can turn them off. Anyway, I'm off to download 2.00beta6, with hope it soon will be stable so the plugins can finally catch up.
- MattyLite, on 10/12/2007, -3/+2This is good, because I've recently been being watched by poorly-skilled CIA computer specialists.
- Kylem87, on 10/12/2007, -2/+1I'll probably get dugg down loads for saying this but why would you want to 'encrypt' your conversations? My conversations aren't being tapped into by the CIA and frankly if they were i wouldn't give a damn. My conversation logs are encrypted on my computer by MSN plus because it is shared but that's about it.
"Please note that both the person sending and the person receiving must be running gaim and both have the plugin installed." - So yeah, it's useless then. - tomvendetta, on 10/12/2007, -5/+3"Then how come I'm using it with 2.0beta5?"
Because your too leet. -
Show 51 - 59 of 59 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is