Monday, April 23rd, 2007...2:25 pm

AIM encryption

Jump to Comments

I can’t believe I forgot to write about this sooner.

I received some official confirmation the other week that Boston University will intercept and monitor incoming and outgoing AIM messages sent to and from the BU internal network. Supposedly they only do this when they have, as Jim Stone puts it, “just cause”, but these seems very vague and basically amounts to monitoring anytime anybody who mentions your name in the context of illegal activity to the authorities. I don’t have any details on the process by which this occurs, so I don’t know what software they use to do this captures all of our AIM traffic all the time and is then filtered later to find a specific account, or if they must be targeted after receiving special permission from type of internal legal council. I have a close friend who was involved in an unfounded legal incident, and when she was brought in for questioning by the Boston University Police Department, they brought out pages of her monitored AIM conversations and interrogated her about them.
bupd.png
The first obvious precaution to take is to not share your AIM screen name publicly on your Facebook profile. The BUPD do monitor our Facebook profiles, but I doubt this is the only way they get their information on us. As a result, I suggest you take additional precautions in encryption. Here’s a quick outline of a few encryption solutions for clients I like.

First of all, don’t use the standard AIM client provided by AOL. It’s bloated and full of loud ads. And, according to Wikipedia, it is also packaged with lots of malware which spies on you and gums up your system. As an alternative, I suggest using Pidgin (formerly gAIM).
gaim-logo.png
There is an RSA-based encryption plugin availble for Pidgin called Gaim-Encryption. It makes the process very simple, automatically generates keys, and even detects if the people you are talking to have compatible encryption available.

For Trillian users, SecureIM is part of the software package. It uses 128-bit Blowfish encryption. Unfortunately, it only works if both people are Trillian users. As an alternative, Trillian Off-The-Record is available as a plugin, and provides better encryption and compatibility with other clients on other platforms.

Hopefully, now you’ll all be a bit safer when talking about whatever illicit activities you may-or-may-not be discussing online. In 2007, privacy is not a guarantee, it is your own responsibility. Time to take it into your own hands.

Don’t get caught!,
Rich.

Stumble! | Save This Page! | Add to Technorati Favorites

151 Comments

Filed under Misc, Freedom

Comments are closed.