AIM Encryption

[PTbyJason]

This is a great addition to your chat programs. It is called AIM Encryption ( http://www.aimencrypt.com/ )

It is a long 20 step process, but I really think it is a good thing if you want to keep your chatting secure.

Why do I want AIM Security?
AIM is known to not have the best security, or any for that matter. If someone on your network is using a "packet sniffer" or other type of traffic analyzing tool they can see your AIM conversations and read them word for word. AIM Security using SSL Certificates makes your conversation appear much like trash to anyone analyzing what you type much like "Sw43jg73js7HSkg8Skeq3k65" instead of "Hello Friend". This certificate encodes the message so only the sender and the receiver can read the message. But still please use common sense and don't send credit card numbers, etc. over IM, this should only make you about "this" much safer on the internet, and make you feel cool having a padlock next to your name.

download it at AIM Encrypt

[mass junkie]

This is a great addition to your chat programs. It is called AIM Encryption ( http://www.aimencrypt.com/ )

It is a long 20 step process, but I really think it is a good thing if you want to keep your chatting secure.



download it at AIM Encrypt

Have you tried the chat client called Trillian....it combines AIM,Yahoo messenger,ICQ,and MSN all in one platform

[Shredz]

Have you tried the chat client called Trillian....it combines AIM,Yahoo messenger,ICQ,and MSN all in one platform

Got a download for that one MJ?

[mass junkie]

Got a download for that one MJ?

http://www.ceruleanstudios.com/downloads/

[PTbyJason]

is trillian secure?

[mass junkie]

is trillian secure?

yes.....it gives you the option to enable or disable...........

[PTbyJason]

very nice, thanks bro.

[wrstlr69sdnl]

Bump good thread Pt Just installed it

[Sicilian30]

I think you guys should read my other posts about encription and how the DEA and FBI is find ways of getting around this. Not to say that encription is a bad thing, but if the FBI or DEA wants to get your info, believe me they can. Bottom line, encription is not as safe as most people think it is now. It is misleading to a point.

[wrstlr69sdnl]

heres also another one itsfast and you dont have to do so many stepps

http://www.secway.fr/products/simpli...hp?PARAM=us,ie

[hoss827]

Trillian is very good. Ive used it for a year but wasnt aware that it encrypted all of your instant messages by default. Man I fell fuckin stupid. lol

[bedrocked]

Trillian is very good. Ive used it for a year but wasnt aware that it encrypted all of your instant messages by default. Man I fell fuckin stupid. lol

i know by default trillian does not encrypt aim but i'm sure there's a way to import a cert in there somewhere. you need a cert/key to do any encryption. aimencrypt is basically the same technology as pgp.

I think you guys should read my other posts about encription and how the DEA and FBI is find ways of getting around this. Not to say that encription is a bad thing, but if the FBI or DEA wants to get your info, believe me they can. Bottom line, encription is not as safe as most people think it is now. It is misleading to a point.

i don't want to call people out on this but it takes a MASSIVE amount of time and effort to reverse engineer encrypted code and sorry they're not going to waste their time doing that much work on things related to sauce. they 1) have to take the time and effort to get a warrant to sniff your traffic, then take that and decode the conversation. and even tho this key is public, it's NOT as easy as you think to crack it. i think it is more misleading to cause unneccesary paranoia. it's one thing to be safe, it's another to make people worry unneccesarily.

bottom line, no you are not bulletproof (tho it's very easy to make it so, but it costs), but aimencrypt offers a drastic improvement over regular chat.

[skid]

I'm not that hot for Trillian ... tried it but felt I lost some of the functionality I got with the true clients ...

another encryption option are the products from SecWay, which are very easy to install, and pretty much invisible ... they establish unique encryption keys for each user

http://secway.fr/products/simplite_a...hp?PARAM=us,ie

they also have encryption for MSN, Yahoo, and ICQ

[Adrock]

AIMEncrypt does not make it impossible for others to read your IMs, it just makes it harder. Everyone downloads the same certificates, basically what this means is everyone can get the key you encrypt your messages with, which means everyone can decrypt your messages. The only way to ensure your IMs are secure is to either buy a personal certificate from a company like VeriSign or use another IM client which allows you to set an encryption key (you'll have to exchange this key through some secure channel, like face to face). I guess you only really have to worry about this if you are really worried about people reading your IMs, but I thought everyone should know this isn't going to protect them from a determined person.

[Sicilian30]

i don't want to call people out on this but it takes a MASSIVE amount of time and effort to reverse engineer encrypted code and sorry they're not going to waste their time doing that much work on things related to sauce. they 1) have to take the time and effort to get a warrant to sniff your traffic, then take that and decode the conversation. and even tho this key is public, it's NOT as easy as you think to crack it. i think it is more misleading to cause unneccesary paranoia. it's one thing to be safe, it's another to make people worry unneccesarily.

bottom line, no you are not bulletproof (tho it's very easy to make it so, but it costs), but aimencrypt offers a drastic improvement over regular chat.

I agree here totally, but Feds and DEA are way smarter than that. There is something called the "Magic Box" which actually taps directly into your computer, and keylogs your keystrokes before they are encripted. FBI and DEA have keyloggers and key sniffers that are used as you type, before data is encripted across the wire. FBI and DEA are well aware of Encription and how hard it is to break it. That is why they don't try and counteract it that way, they get it at the source. I have an interesting post with links to how this technology works. They brought down Nikki Scarfo with this technology even though he was using encription to send out message via email.
Trust me, the FBI and DEA are well aware of the path's people take to beat the system, for everything that is out there to counteract spying and hiding information there are counter technologies to counter that. I see it everyday.
NOthing I mean nothing is safe... if the fbi wants you trust me they can get you.

[spywizard]

Tooooooo Funny....

Want me to show you how i can hijack your email.. and send you an email from you through your ISP//or yahoo, or Hushmail or whatever.. and the header and ip will all say it was sent by you in the first place.. that i one of the reasons email and IM are such a security risk.. unless you have a secure tunnel.. and even that can be compromised, at least enough to show possible cause of corruption in the data.

the hard they try the easier it gets..

[bermich]

Hackers honestly scare me. I wish I could be a hacker.

[Crimson]

i didnt like the aimencrypt.com message to be looking at me all the tmime so i found another better site: http://www.infestednexus.co.nr/Infes...AIMEncrypt.zip this one looks coooler and it has less steps to do it, insctructiosn are in a notpead file.

[Sicilian30]

Tooooooo Funny....

Want me to show you how i can hijack your email.. and send you an email from you through your ISP//or yahoo, or Hushmail or whatever.. and the header and ip will all say it was sent by you in the first place.. that i one of the reasons email and IM are such a security risk.. unless you have a secure tunnel.. and even that can be compromised, at least enough to show possible cause of corruption in the data.

the hard they try the easier it gets..

Yup I deal with spoofing and spamming every day too. This is a pretty big problem now a days, and with the new laws changing about spammers and hackers, now ISP are going to have to log these types of activities. I will give you a perfect example. A friend of mine who happens to be a female, was just innocently surfing about kids and how to teach them about sex. A child pornography site she accidently clicked on she found in a search engine, and the next day her ISP emailed her saying that they reported her activity to the authorities. This really happened she showed me the email. So you can encript data till you are blue in the face. I deal with Internet security every day all day, I have seen some things that hackers and other people have done that will amaze you.
I also know of one case, to where a guy from here, was using encripted mail, and FBI were able to go to the ISP who had his account info (yes one of the more popular online email companies) and supena his account and guess what? that company had to turn over all documents and emails that they had in their system. Helped bust this guy. And yes, he was using a secure email with encription.
Hince once again I say, "if the FBI or DEA wants to get you they can, no matter how much encription you use". They have ways of getting around it. So keep on believing that you are safe. That is what they want you to believe. False sense of security, that is how many drug dealers and criminals are brought down.
Again Jason I am not sayin that product isn't any good by no means. I use encription as much as I can. But once again, for those people who posted here, who depend on it and think that they are really safe from prying eyes, there are ways around it.
Oh and by the way I thought I would take the liberty of sifting thru my long drawn out discussion in my other threads and just give you the link that kind of describes how this new technology works to get around encription:
http://www.corpwatch.org/news/PND.jsp?articleid=1092
__________________

[sylikc]

AIMEncrypt.com's certificate or any other that anyone can download is a very insecure way to do encryption in AIM. Knowing the internals of public-key cryptography, everyone with the same key really isn't secure. You can do encryption with OpenSSL securely instead.

Creating certificates with OpenSSL on Linux/Unix platforms are quite easy. But if you're using Windows, not all hope is lost. I've looked everywhere for instructions to create your own self-signed certificate, and since there isn't really a page out there that did it, I wrote my own.

Here are some instructions to create your own self-signed certificate for AIM. You don't need anything special, I put up the binary that allows you to do it with OpenSSL. You can use any OpenSSL binary, I provide instructions on how to use your own binary as well. If the instructions scare you, there will be a program provided that can do it all for you. It asks you for some info you want in your certificate, and with a few clicks, you'll be on your way.


Then, after you create the .p12 package that AIM accepts, just import it and tell me what you think


URL is at:

http://secure.sylikc.net:8080/self_signed/
or just http://sylikc.net/?secure, and find the HOWTO on the bottom.

Now then you won't have to use a freely downloadable (insecure) certificate, just DIY.