AOL Selling AIM Gateway/Listener To Employers

PizzaFace writes "After pushing free instant messaging to more than 100,000,000 users, AOL is now selling AIM-monitoring software to businesses that want to monitor and control the messaging of their employees. AIM Enterprise Gateway will reportedly sell for about $35/employee/year."

Why a big deal?

[NightRain]

Employers already monitor staff's email etc, why is this any different? I mean you're on their time, I can sort of understand why they won't want you wasting it on your own thing.

AOL is just catering for that market. I don't see anything insidious, evil, or otherwise overly noteworthy about this...

Ray

Re:Why a big deal?

[sirket]

It is a big deal because AOL went through a LOT of trouble to make AOL a pain in the ass to filter with a firewall.

Now they come up with a solution designed to do exactly that? That bothers me.

(You can block access to AOL's login servers, or configure a proxy to block it, but that is not easy when they keep changing the protocol and servers. The fact that AIM operates over port 80 makes it even more difficult to block. MSN and ICQ are worse though because there are more servers to block and they can use almost any port.)

Re:Why a big deal?

[stinky+wizzleteats]

Employers already monitor staff's email etc, why is this any different?

Ease off the throttle there, Captain Capitalist. A few points to discuss:

• Your employer does not assume ownership of your rights of person during business hours. You can take a non-business related phone call and use the bathroom during business hours, and it is illegal for them to monitor any of those activities.
• While monitoring IM's doesn't yet fall under the protection of wiretap laws, there is something tragically ironic about a company which provides a free chat tool which will port scan your firewall to find a way out to the internet, and then sell the managers a tool to monitor its activities. If you think this is respectable business practice, I bet you can't wait to see the egress!

Re:Why a big deal?

[eyeball]

It's a big deal because it's brilliant! It's a fantastic business plan and a wonderful idea. Get everyone to use your program such that it becomes a scourge, and make people pay to get rid of it. I love it.

They even made it so that they could be the only ones to kill it.

Brilliant! It makes me laugh out loud, what a wonderful move this is for AOL!


This reminds me of the Telco telemarketer story on /. a short time ago (selling call blocking to customers, then selling a method to defeat that to the telemarketers, then selling...)

So AOL gives away IM service, makes it impossible to block, but then sells a sniffer. What's next? They'll sell super-encrypted service for a fee to the user base, then a few years down the road, they'll sell an unencryption ad-on to the sniffer, then...

Create the Drug, then the antidote...

[EminenceFront]

Now there's a pretty good subscription based service! Get people hopped up on IM'ing, then monitor their every move for lude and lavicious comments. Every Human Resources person must be loving the potential of this. No more 'downsizing' excuses, or we've eliminated the position.' Now is just, 'remember that comments you made two years ago...''

Are you thinking what I'm thinking?

[iamwoodyjones]

That people already have been encrypting their messages through reverse engineered AIM protocol clients which aren't the standard one that AIM allows people to download.

And on the flip side, people already have been snooping on AIM conversations through the regular sniffing tools that come with any standard linux distribution.

But! If you make it official that you will remain in control of your protocol instead of opening it up, and roll your own equivalent tools up, and sell them at a decent price, then they will bite. I agree.

However, at 35 bucks a head a year at a large company, I'd be tempted to just have the employees use a stock client distribution with/without encryption abilities and hire a technie to take care of the snooping if I care to do that. Or just ditch AOL and use one of those others ones like jabber with all the same abilites.

But hey, sometimes you just get that knack to spend your corporate money you know?

More Secure?

[PhoenixK7]

"A new, more secure version of AOL Instant Messenger, or AIM, will enable businesses to read instant messages sent by employees"

How, under any definition of security does this make it more secure?

side note: does slashdot seem very slow to anyone else today?

Jabber's a cheaper way of doing this.

[cduffy]

I can appreciate the need to do this -- but Jabber seems a better solution.

Company runs its own Jabber server. Everyone there has a user@yourcompany.com address. Internal messages between folks in the company never go outside. Admins who want to do monitoring or whatever can do that. Users who want interoperability with AIM or whatever can do that -- *if* the admins decide to install the AIM connector on the server. And it sure doesn't cost $35/seat.

Secure IM for government?

[drunkrussian]

Ritter anticipates that encrypted instant messaging will appeal greatly to federal agencies that want secure, interagency instant messaging. "Our military and intelligence customers are more interested in the secure version," Ritter said.

This is certainly at least a little bit of an exaggeration. You can't put classified information on any system that has any kind of communications software or hardware on it. You have to physically disconnect all connections before starting in classified mode. The only exception is machines on a network that has only classified systems and uses some form of secure line for transport between the nodes in the network. There are only a handful of such networks, and you won't have one on your desk. There will most likely be only a few such machines per facility.

There already is a system for the transmission of classified data between different personnel in the government. It's called, to use technical terms, the "secure telephone." For documents, you can use a technology called the "courier" - an organic system that has advanced intelligence functions and is capable of defense through the use of an integrated firearm.

Much of the unclassified stuff is transmitted in the same way as classified information. There are also secure networks that are used for the transmission of unclassified but sensitive information.

If it's anything that requires encryption, it will be transmitted over a secure network, or will be handled through other procedures. This IM system really has no application to the military or intelligence communities.

Simple solution

[L0neW0lf]

As a network sysadmin, I generally don't want anything on the computers I work on that I didn't put there. Simple solution: user rights. My users cannot install any software without oversight. Limited privileges = no instant messaging software = no viruses transferred through IM software, pr0n, mp3's, etc. =no need to govern over IM use in the first place. Problem solved.

Re:From my company's employee handbook...

[fishbowl]

"find a company that supports employee privacy on company equipment over covering its own ass. Good luck, because I've never heard of one."

My previous career was as a legal secretary.

One very nice thing about that job was that you could very safely assume that you had privacy while working, using the equipment, phones, faxes, etc. Reason? EVERYTHING you touch has Attorney-Client privilege and is either employee- or company- confidential. Anyone who is not supposed to be privy to your data, communication, files, etc., would be putting the company at risk by snooping, and no-one, not an IT manager, not the president, has authority that supersedes an attorney's requirement for privacy.

So, if you work anywhere in the legal field, you won't have to put up with this kind of thing (routine transcripts of your commo without clear accountability at every step.)

What a great way...

[Alethes]

to demonstrate a company talking from both sides of its mouth.

In April 2001, AOL filed a motion to quash Nam Tai's subpoena, arguing it should not be required to reveal subscriber information because it would "infringe on the well-established First Amendment right to speak anonymously."

Is AIM comparable to a virus?

[jpetts]

This story immediately put me in mind of anti-virus software companies, although in this case it appears to be a matter of the company that sells the solution having caused the problem in the first place.

I'm sure that AOL did not have that in mind* when they first developed AIM but I can't believe that they are not relishing the opportunity to generate even more cash from the monster they created.

*Or am I not being paranoid enough?

I'd rather fall off Ilustrada than ride any other horse

Brilliant

[nurb432]

Create a wide spread business problem, then sell the solution to the problem...

Who ever thought that one up gets 2 points..

10 years ago it would have been called a fraud.. but in todays world....

Re:Yet another reason to use Trillian

[Zeinfeld]

Because you can encrypt your messages.

Odd thing is that the actual AOL announcement was actually about trolling out precisely this kind of service. The Washington post take on AOL's move is kinda wierd, employers can already monitor AIM use, what was announced was the encryption piece. The Wash post mentions this, but only mid way through:

Instead, AOL plans to offer private companies and federal agencies a premium version of the service early next year that will enable employees to send encrypted instant messages that can only be read by designated, registered recipients. America Online is developing the encrypted system in partnership with VeriSign Inc., an online security firm.