Anabolics
Search More Than 6,000,000 Posts
Results 1 to 20 of 20

Thread: AIM Encryption

  1. #1
    PTbyJason's Avatar
    PTbyJason is offline Retired Admin
    Join Date
    Feb 2002
    Location
    TX
    Posts
    70,179

    AIM Encryption

    This is a great addition to your chat programs. It is called AIM Encryption ( http://www.aimencrypt.com/ )

    It is a long 20 step process, but I really think it is a good thing if you want to keep your chatting secure.

    Why do I want AIM Security?
    AIM is known to not have the best security, or any for that matter. If someone on your network is using a "packet sniffer" or other type of traffic analyzing tool they can see your AIM conversations and read them word for word. AIM Security using SSL Certificates makes your conversation appear much like trash to anyone analyzing what you type much like "Sw43jg73js7HSkg8Skeq3k65" instead of "Hello Friend". This certificate encodes the message so only the sender and the receiver can read the message. But still please use common sense and don't send credit card numbers, etc. over IM, this should only make you about "this" much safer on the internet, and make you feel cool having a padlock next to your name.
    download it at AIM Encrypt

  2. #2
    mass junkie's Avatar
    mass junkie is offline banned
    Join Date
    Dec 2002
    Location
    on the net
    Posts
    8,849
    Quote Originally Posted by PTbyJason
    This is a great addition to your chat programs. It is called AIM Encryption ( http://www.aimencrypt.com/ )

    It is a long 20 step process, but I really think it is a good thing if you want to keep your chatting secure.



    download it at AIM Encrypt
    Have you tried the chat client called Trillian....it combines AIM,Yahoo messenger,ICQ,and MSN all in one platform

  3. #3
    Shredz is offline Respected Member
    Join Date
    Nov 2001
    Location
    The Rink!!
    Posts
    3,169
    Quote Originally Posted by mass junkie
    Have you tried the chat client called Trillian....it combines AIM,Yahoo messenger,ICQ,and MSN all in one platform
    Got a download for that one MJ?

  4. #4
    mass junkie's Avatar
    mass junkie is offline banned
    Join Date
    Dec 2002
    Location
    on the net
    Posts
    8,849
    Quote Originally Posted by Shredz
    Got a download for that one MJ?
    http://www.ceruleanstudios.com/downloads/

  5. #5
    PTbyJason's Avatar
    PTbyJason is offline Retired Admin
    Join Date
    Feb 2002
    Location
    TX
    Posts
    70,179
    is trillian secure?

  6. #6
    mass junkie's Avatar
    mass junkie is offline banned
    Join Date
    Dec 2002
    Location
    on the net
    Posts
    8,849
    Quote Originally Posted by PTbyJason
    is trillian secure?
    yes.....it gives you the option to enable or disable...........

  7. #7
    PTbyJason's Avatar
    PTbyJason is offline Retired Admin
    Join Date
    Feb 2002
    Location
    TX
    Posts
    70,179
    very nice, thanks bro.

  8. #8
    wrstlr69sdnl's Avatar
    wrstlr69sdnl is offline Senior Member
    Join Date
    Oct 2002
    Location
    California
    Posts
    1,820
    Bump good thread Pt Just installed it

  9. #9
    Sicilian30's Avatar
    Sicilian30 is offline Respected Member
    Join Date
    Sep 2001
    Location
    There is no place like ho
    Posts
    3,690
    I think you guys should read my other posts about encription and how the DEA and FBI is find ways of getting around this. Not to say that encription is a bad thing, but if the FBI or DEA wants to get your info, believe me they can. Bottom line, encription is not as safe as most people think it is now. It is misleading to a point.

  10. #10
    wrstlr69sdnl's Avatar
    wrstlr69sdnl is offline Senior Member
    Join Date
    Oct 2002
    Location
    California
    Posts
    1,820
    heres also another one itsfast and you dont have to do so many stepps

    http://www.secway.fr/products/simpli...hp?PARAM=us,ie

  11. #11
    hoss827's Avatar
    hoss827 is offline Banned
    Join Date
    May 2003
    Location
    Somewhere in cyberspace..
    Posts
    1,330
    Trillian is very good. Ive used it for a year but wasnt aware that it encrypted all of your instant messages by default. Man I fell fuckin stupid. lol

  12. #12
    bedrocked is offline Junior Member
    Join Date
    Aug 2003
    Posts
    94
    Quote Originally Posted by hoss827
    Trillian is very good. Ive used it for a year but wasnt aware that it encrypted all of your instant messages by default. Man I fell fuckin stupid. lol
    i know by default trillian does not encrypt aim but i'm sure there's a way to import a cert in there somewhere. you need a cert/key to do any encryption. aimencrypt is basically the same technology as pgp.

    I think you guys should read my other posts about encription and how the DEA and FBI is find ways of getting around this. Not to say that encription is a bad thing, but if the FBI or DEA wants to get your info, believe me they can. Bottom line, encription is not as safe as most people think it is now. It is misleading to a point.
    i don't want to call people out on this but it takes a MASSIVE amount of time and effort to reverse engineer encrypted code and sorry they're not going to waste their time doing that much work on things related to sauce. they 1) have to take the time and effort to get a warrant to sniff your traffic, then take that and decode the conversation. and even tho this key is public, it's NOT as easy as you think to crack it. i think it is more misleading to cause unneccesary paranoia. it's one thing to be safe, it's another to make people worry unneccesarily.

    bottom line, no you are not bulletproof (tho it's very easy to make it so, but it costs), but aimencrypt offers a drastic improvement over regular chat.

  13. #13
    skid's Avatar
    skid is offline Banned
    Join Date
    May 2002
    Location
    orange county, CA
    Posts
    369
    I'm not that hot for Trillian ... tried it but felt I lost some of the functionality I got with the true clients ...

    another encryption option are the products from SecWay, which are very easy to install, and pretty much invisible ... they establish unique encryption keys for each user

    http://secway.fr/products/simplite_a...hp?PARAM=us,ie

    they also have encryption for MSN, Yahoo, and ICQ

  14. #14
    Adrock is offline Junior Member
    Join Date
    Aug 2002
    Posts
    86
    AIMEncrypt does not make it impossible for others to read your IMs, it just makes it harder. Everyone downloads the same certificates, basically what this means is everyone can get the key you encrypt your messages with, which means everyone can decrypt your messages. The only way to ensure your IMs are secure is to either buy a personal certificate from a company like VeriSign or use another IM client which allows you to set an encryption key (you'll have to exchange this key through some secure channel, like face to face). I guess you only really have to worry about this if you are really worried about people reading your IMs, but I thought everyone should know this isn't going to protect them from a determined person.

  15. #15
    Sicilian30's Avatar
    Sicilian30 is offline Respected Member
    Join Date
    Sep 2001
    Location
    There is no place like ho
    Posts
    3,690
    Quote Originally Posted by bedrocked
    i don't want to call people out on this but it takes a MASSIVE amount of time and effort to reverse engineer encrypted code and sorry they're not going to waste their time doing that much work on things related to sauce. they 1) have to take the time and effort to get a warrant to sniff your traffic, then take that and decode the conversation. and even tho this key is public, it's NOT as easy as you think to crack it. i think it is more misleading to cause unneccesary paranoia. it's one thing to be safe, it's another to make people worry unneccesarily.

    bottom line, no you are not bulletproof (tho it's very easy to make it so, but it costs), but aimencrypt offers a drastic improvement over regular chat.
    I agree here totally, but Feds and DEA are way smarter than that. There is something called the "Magic Box" which actually taps directly into your computer, and keylogs your keystrokes before they are encripted. FBI and DEA have keyloggers and key sniffers that are used as you type, before data is encripted across the wire. FBI and DEA are well aware of Encription and how hard it is to break it. That is why they don't try and counteract it that way, they get it at the source. I have an interesting post with links to how this technology works. They brought down Nikki Scarfo with this technology even though he was using encription to send out message via email.
    Trust me, the FBI and DEA are well aware of the path's people take to beat the system, for everything that is out there to counteract spying and hiding information there are counter technologies to counter that. I see it everyday.
    NOthing I mean nothing is safe... if the fbi wants you trust me they can get you.

  16. #16
    spywizard's Avatar
    spywizard is offline AR-Elite Hall of Famer~
    Join Date
    Dec 2003
    Location
    In the Gym, if i could
    Posts
    16,350
    Tooooooo Funny....

    Want me to show you how i can hijack your email.. and send you an email from you through your ISP//or yahoo, or Hushmail or whatever.. and the header and ip will all say it was sent by you in the first place.. that i one of the reasons email and IM are such a security risk.. unless you have a secure tunnel.. and even that can be compromised, at least enough to show possible cause of corruption in the data.

    the hard they try the easier it gets..
    The answer to your every question

    Rules

    A bigot is a person obstinately or intolerantly devoted
    to his or her own opinions and prejudices, especially
    one exhibiting intolerance, and animosity toward those of differing beliefs.


    If you get scammed by an UGL listed on this board or by another member here, it's all part of the game and learning experience for you,
    we do not approve nor support any sources that may be listed on this site.
    I will not do source checks for you, the peer review from other members should be enough to help you make a decision on your quest. Buyer beware.

    Why the Police will Kick your ass

  17. #17
    bermich's Avatar
    bermich is offline Anabolic Member
    Join Date
    May 2003
    Posts
    4,808
    Hackers honestly scare me. I wish I could be a hacker.

  18. #18
    Crimson is offline New Member
    Join Date
    Jan 2004
    Posts
    1
    i didnt like the aimencrypt.com message to be looking at me all the tmime so i found another better site: http://www.infestednexus.co.nr/Infes...AIMEncrypt.zip this one looks coooler and it has less steps to do it, insctructiosn are in a notpead file.

  19. #19
    Sicilian30's Avatar
    Sicilian30 is offline Respected Member
    Join Date
    Sep 2001
    Location
    There is no place like ho
    Posts
    3,690
    Quote Originally Posted by spywizard
    Tooooooo Funny....

    Want me to show you how i can hijack your email.. and send you an email from you through your ISP//or yahoo, or Hushmail or whatever.. and the header and ip will all say it was sent by you in the first place.. that i one of the reasons email and IM are such a security risk.. unless you have a secure tunnel.. and even that can be compromised, at least enough to show possible cause of corruption in the data.

    the hard they try the easier it gets..
    Yup I deal with spoofing and spamming every day too. This is a pretty big problem now a days, and with the new laws changing about spammers and hackers, now ISP are going to have to log these types of activities. I will give you a perfect example. A friend of mine who happens to be a female, was just innocently surfing about kids and how to teach them about sex. A child pornography site she accidently clicked on she found in a search engine, and the next day her ISP emailed her saying that they reported her activity to the authorities. This really happened she showed me the email. So you can encript data till you are blue in the face. I deal with Internet security every day all day, I have seen some things that hackers and other people have done that will amaze you.
    I also know of one case, to where a guy from here, was using encripted mail, and FBI were able to go to the ISP who had his account info (yes one of the more popular online email companies) and supena his account and guess what? that company had to turn over all documents and emails that they had in their system. Helped bust this guy. And yes, he was using a secure email with encription.
    Hince once again I say, "if the FBI or DEA wants to get you they can, no matter how much encription you use". They have ways of getting around it. So keep on believing that you are safe. That is what they want you to believe. False sense of security, that is how many drug dealers and criminals are brought down.
    Again Jason I am not sayin that product isn't any good by no means. I use encription as much as I can. But once again, for those people who posted here, who depend on it and think that they are really safe from prying eyes, there are ways around it.
    Oh and by the way I thought I would take the liberty of sifting thru my long drawn out discussion in my other threads and just give you the link that kind of describes how this new technology works to get around encription:
    http://www.corpwatch.org/news/PND.jsp?articleid=1092
    __________________
    Last edited by Sicilian30; 01-12-2004 at 08:16 PM.

  20. #20
    sylikc is offline New Member
    Join Date
    Mar 2004
    Posts
    1

    AIM Encrypt is insecure, DIY

    AIMEncrypt.com's certificate or any other that anyone can download is a very insecure way to do encryption in AIM. Knowing the internals of public-key cryptography, everyone with the same key really isn't secure. You can do encryption with OpenSSL securely instead.

    Creating certificates with OpenSSL on Linux/Unix platforms are quite easy. But if you're using Windows, not all hope is lost. I've looked everywhere for instructions to create your own self-signed certificate, and since there isn't really a page out there that did it, I wrote my own.

    Here are some instructions to create your own self-signed certificate for AIM. You don't need anything special, I put up the binary that allows you to do it with OpenSSL. You can use any OpenSSL binary, I provide instructions on how to use your own binary as well. If the instructions scare you, there will be a program provided that can do it all for you. It asks you for some info you want in your certificate, and with a few clicks, you'll be on your way.


    Then, after you create the .p12 package that AIM accepts, just import it and tell me what you think


    URL is at:

    http://secure.sylikc.net:8080/self_signed/
    or just http://sylikc.net/?secure, and find the HOWTO on the bottom.

    Now then you won't have to use a freely downloadable (insecure) certificate, just DIY.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •