Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Selling AIM Gateway/Listener To Employers

Posted by ryuzaki0 on from the no-we-must-hear-all dept.

PizzaFace writes "After pushing free instant messaging to more than 100,000,000 users, AOL is now selling AIM-monitoring software to businesses that want to monitor and control the messaging of their employees. AIM Enterprise Gateway will reportedly sell for about $35/employee/year."

27 of 267 comments (clear)

  1. Yet another reason to use Trillian by Anonymous Coward · · Score: 5, Insightful

    Because you can encrypt your messages.

    1. Re:Yet another reason to use Trillian by MrFredBloggs · · Score: 5, Funny

      Yeah, right.

      "Hey boss, Karen in Accounts sent out 54 megs of messages last month"
      "What were they about?"
      "Dunno, they were all just squiggly characters"
      "Ok, well lets just assume its work related. After all, like all other companies, we use pokey messaging software to talk to clients. Let me know when it looks like she's wasting my time and money."

    2. Re:Yet another reason to use Trillian by Tassach · · Score: 5, Informative

      That is why you open a SSH tunnel to a trusted outside server with access to a squid proxy, and set your AIM proxy to point to the forwarded port on localhost: ssh -L 3128:proxyhost:3128 trusteduser@trustedhost Substitute plink for ssh if using Windows.

      --
      Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
    3. Re:Yet another reason to use Trillian by Zeinfeld · · Score: 5, Interesting
      Because you can encrypt your messages.

      Odd thing is that the actual AOL announcement was actually about trolling out precisely this kind of service. The Washington post take on AOL's move is kinda wierd, employers can already monitor AIM use, what was announced was the encryption piece. The Wash post mentions this, but only mid way through:

      Instead, AOL plans to offer private companies and federal agencies a premium version of the service early next year that will enable employees to send encrypted instant messages that can only be read by designated, registered recipients. America Online is developing the encrypted system in partnership with VeriSign Inc., an online security firm.

      --
      Looking for an Information Security student project suggestion?
      Try http://dotcrimeManifesto.com/
  2. Why a big deal? by NightRain · · Score: 5, Interesting
    Employers already monitor staff's email etc, why is this any different? I mean you're on their time, I can sort of understand why they won't want you wasting it on your own thing.

    AOL is just catering for that market. I don't see anything insidious, evil, or otherwise overly noteworthy about this...

    Ray

    1. Re:Why a big deal? by sirket · · Score: 5, Interesting

      It is a big deal because AOL went through a LOT of trouble to make AOL a pain in the ass to filter with a firewall.

      Now they come up with a solution designed to do exactly that? That bothers me.

      (You can block access to AOL's login servers, or configure a proxy to block it, but that is not easy when they keep changing the protocol and servers. The fact that AIM operates over port 80 makes it even more difficult to block. MSN and ICQ are worse though because there are more servers to block and they can use almost any port.)

    2. Re:Why a big deal? by Ponty · · Score: 5, Insightful

      It's a big deal because it's brilliant! It's a fantastic business plan and a wonderful idea. Get everyone to use your program such that it becomes a scourge, and make people pay to get rid of it. I love it.

      They even made it so that they could be the only ones to kill it.

      Brilliant! It makes me laugh out loud, what a wonderful move this is for AOL!

    3. Re:Why a big deal? by Inda · · Score: 5, Insightful

      This sort of argument always goads me and I'll tell you why.

      I was surfing around on my home PC last week and found an interesting application that could save me some time at work. I downloaded it, put it on a floppy disk, took it to work next day, installed it and saved myself 20 minutes work for the week. This was on my time; I would never have been surfing at work to find it. I have saved my boss two days work this year, and next year, the year after and so on.

      Should I charge my boss for this? It doesn't really seem worth to me. It only took me a minute.

      Should I complain that my work life is interfering with my home life because I sometimes think about the job even when I'm not there? I think he might laugh at me. This is the year 2002 and the boundaries, rightly or wrongly, between home and work are close.

      If a company cannot trust its staff to make the odd instant message or personnel phone call then they probably are doomed. If they have the money to spend spying on staff like this then there is something terribly wrong with their attitude and I wouldn't want to work for them. If someone in the company is not pulling their weight because they are chatting all day then it will show - you don't need spying software for this.

      It's about a bit of give and take. Not spying on conversations with the missus.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    4. Re:Why a big deal? by stinky+wizzleteats · · Score: 5, Interesting

      Employers already monitor staff's email etc, why is this any different?

      Ease off the throttle there, Captain Capitalist. A few points to discuss:

      • Your employer does not assume ownership of your rights of person during business hours. You can take a non-business related phone call and use the bathroom during business hours, and it is illegal for them to monitor any of those activities.
      • While monitoring IM's doesn't yet fall under the protection of wiretap laws, there is something tragically ironic about a company which provides a free chat tool which will port scan your firewall to find a way out to the internet, and then sell the managers a tool to monitor its activities. If you think this is respectable business practice, I bet you can't wait to see the egress!
    5. Re:Why a big deal? by eyeball · · Score: 5, Interesting

      It's a big deal because it's brilliant! It's a fantastic business plan and a wonderful idea. Get everyone to use your program such that it becomes a scourge, and make people pay to get rid of it. I love it.

      They even made it so that they could be the only ones to kill it.

      Brilliant! It makes me laugh out loud, what a wonderful move this is for AOL!

      This reminds me of the Telco telemarketer story on /. a short time ago (selling call blocking to customers, then selling a method to defeat that to the telemarketers, then selling...)

      So AOL gives away IM service, makes it impossible to block, but then sells a sniffer. What's next? They'll sell super-encrypted service for a fee to the user base, then a few years down the road, they'll sell an unencryption ad-on to the sniffer, then...

      --

      _______
      2B1ASK1
    6. Re:Why a big deal? by Anonymous Coward · · Score: 5, Funny

      So AOL gives away IM service, makes it impossible to block, but then sells a sniffer. What's next? They'll sell super-encrypted service for a fee to the user base, then a few years down the road, they'll sell an unencryption ad-on to the sniffer, then...

      Is it just me, or does that business plan sound familiar?

  3. Privacy = Bye Bye by docstrange · · Score: 5, Funny

    *friendly aol voice speaking*
    "You Got Fired!"

    --
    Remember that you are unique, just like everybody else.
  4. This explains a lot by georgeha · · Score: 5, Funny

    I thought it was just an unfortunate coincidence when my boss and HR popped into my cube when my pants were down around my ankle due to that hot chat with an 18/f Solaris admin.

    1. Re:This explains a lot by Neon+Spiral+Injector · · Score: 5, Funny

      Solaris admins? Freak. Why can't you just be into feet like everyone else on the Internet?

  5. Jabber's a cheaper way of doing this. by cduffy · · Score: 5, Interesting

    I can appreciate the need to do this -- but Jabber seems a better solution.

    Company runs its own Jabber server. Everyone there has a user@yourcompany.com address. Internal messages between folks in the company never go outside. Admins who want to do monitoring or whatever can do that. Users who want interoperability with AIM or whatever can do that -- *if* the admins decide to install the AIM connector on the server. And it sure doesn't cost $35/seat.

  6. Insert Subject Here by Veovis · · Score: 5, Funny

    My managers are listening to my phone calls

    My managers are reading my e-mail

    My managers are reading my IMs

    My managers are monitoring what candy I get from the vending machine

    You know for someone who is supposed to be in charge of managing a department/whatever, has work (or should have) of their own to do, he's taking a really big interest in what I'm doing back here.

  7. From my company's employee handbook... by Gruneun · · Score: 5, Insightful

    Employees should have no expectation of privacy for any information placed into the business equipment of the Company/government... This policy shall serve as notice to any and all that Company/government equipment may be monitored without further notice.

    There is plenty of other text that details this, but that's the meat of it. Companies have a right to monitor any traffic to protect their interests. If you don't want your AOL messages watched, find a company that supports employee privacy on company equipment over covering its own ass. Good luck, because I've never heard of one.

    I think it's kind of shady on AOL's part to suddenly roll over on its user base. However, there are a lot companies that don't allow IM because it's more difficult to keep an eye on than email. AOL may benefit from more acceptance as a result of this move.

  8. But.. by WiredOni · · Score: 5, Insightful

    The companies can still get around this, don't assume that they are that inept and encryption will protect you. One thing they can do is install and hide key logging software, software that takes screen shots of what you are writing, etc.

  9. The emoticons are a plus on the battfield. by iamwoodyjones · · Score: 5, Funny

    But with AIM you could write very important messages across the battefiled such as

    Solider5554: Sarge! We're under fire! We need help! :-(

    Sarge0034: Hang in there. You're doing a great job solider :-)

    Solider5554: Arrrghhh!!!! I've been hit! :-O

    Sarge0034: God, these whining soliders never know when to quit, that god they're dispensible. ;)

    Sarge0034: Oppsss. Wrong person sorry.

    Solider5554: What!? I need a chopper. I'm losing a lot of blood over here. >:-@

    Sarge0034 (warn 10%): Hey, just because you've warned me anonymously, doesn't mean I don't know it's you.

    Sarge0034: brb *door slam* as sarge leaves

    *door open* as sarge enters

    Sarge0034: Sorry had to reboot, did I miss anything?

    Solider324: uuuuhhhhhh I don't think I'm going to make it

  10. As the old saying goes... by Soko · · Score: 5, Funny

    "Give a man a fish, he'll eat for a day. Teach a man to fish and you get to sell him fishing gear for a lifetime." :-/

    Soko

    --
    "Depression is merely anger without enthusiasm." - Anonymous
  11. aol is NOT monitoring aim by jfruhlinger · · Score: 5, Informative

    AOL will NOT be monitoring AIM communications -- what this product essentially does is set up a private network WITHIN a company, based on the AIM protocols. It is that internal communication that is being monitored -- and not by AOL but by the company that buys the software from AOL. I imagine that the users will be able to use their clients to communicate with other AIM users outside their network, but if they don't want to be monitored, they can just download the standard free AIM client and use that instead.

    Several of my friends work for IBM, and they have been using something like this software, called Sametime, for a couple years. Sametime may have been a beta of this product.

    jf

  12. Whose security? by drew_kime · · Score: 5, Insightful
    A new, more secure version of AOL Instant Messenger, or AIM, will enable businesses to read instant messages sent by employees, just as businesses can now monitor their workers' e-mail.

    How is allowing someone else to monitor my communications more secure?
    "We are familiar with the Wall Street group," Stewart said. "We don't believe standards are at a place that makes us comfortable we can ensure customer privacy and security as well as network performance."

    Instead, AOL plans to offer private companies and federal agencies a premium version of the service early next year ...

    Just keep in mind who the customer is. In the mass market, the customer is rarely the user.
    --
    Nope, no sig
  13. marketing.... by Anonymous Coward · · Score: 5, Funny

    "So easy to spy with, no wonder its Number 1!"

  14. What a great way... by Alethes · · Score: 5, Interesting

    to demonstrate a company talking from both sides of its mouth.

    In April 2001, AOL filed a motion to quash Nam Tai's subpoena, arguing it should not be required to reveal subscriber information because it would "infringe on the well-established First Amendment right to speak anonymously."

  15. Did NO ONE look at what this is? by batkiwi · · Score: 5, Informative

    It's not a magical AIM filter, which is what all the comments are suggesting.

    It's a way to run your OWN aim gateway server at your business.

    So I am at franks widgets (fwidg). I install the gateway server. Everyone at fwidg logs into the company aim server instead of the official AIM server, as employee@fwidg.com.

    So now we have intranet messaging, and apparently others can add us to the contact list as well (outsiders).

    OBVIOUSLY since all communication is going through this server, they can log/etc it. But htis is not some sort of magical firewall dropin that listens to aim conversations... there's been opensource projects that can do that for years now.

    It looks to me like it's aiming at the jabber and MSN/exchange messenger market. It's a locally hosted central server, so your business stuff isn't going out over the internet, and it authenticates against stuff you already have, according to their marketing. I'd guess that means ldap and active-directory.

  16. My solution to AIM monitoring... by Ageless · · Score: 5, Informative

    For the past few weeks I have been writing a program I currently call SecureIM. It is a encrypting proxy server that runs on your computer and allows you to have secure conversations over AIM. It's runs under Win32 and is tested with AIM 4.x and higher and Trillian.

    If you would like to check out the beta version, it's available at http://www.vonnieda.org/SecureIM

    The program will be getting a name change before v1.0 since there are several SecureIMs out there.

    Before you flame me about security or what not, please at least have a read of the Readme.txt file where I think I explain pretty well what SecureIM is and isn't capable of.

    I hope someone finds some use of it. Enjoy :)

  17. Re:Nonsense by Anonymous Coward · · Score: 5, Funny
    cybersex, or to give away sensitive information. (Or both, as the case my be.)

    53xx33Gur1 Are you touching yourself?

    k0rp0r@73dR0n3 Oh yeah, baby

    53xx33Gur1 Tell me something sexy, baby

    k0rp0r@73dR0n3 Uh huh, we're expanding into the Korean peninsula FY 2004 and out 3rd quarter profits were up by 7.2 percent. I have a nine-inch cock.