New AIM Offering "end to end" Encryption

MankyD writes "The current AIM beta is now offering message encryption. They don't offer a lot of details but it's nice to see they are offering some extra privacy. Will the new AIM be illegal in Michigan?"

So that's what they did...

[Albanach]

with W.A.S.T.E.?

Why?

[Tyrdium]

I don't know about other people, but my conversations on AIM usually go like this: Me: Hey Other guy: Hey Me: Anything interesting happening? Other guy: Not much. You? Me: Not much. Hey, wanna play Starcraft? Other guy: Sure. See you on in a few minutes. Usual channel. Me: Okay. See you there. Frankly, I couldn't care less whether or not anyone else was reading that, and I bet a lot of people feel the same way. It's a nice feature, sure, but it's not the most needed...

Re:Why?

[sahrss]

Some users (like me) have fairly serious or business conversations over these chat networks. Using unsecure chat is like speaking in a room with hidden nooks and cracks in the walls leading to other rooms; anyone can sniff an unsecure chat.

I much prefer conducting my semi-private conversations in a high tower with thick walls, where strangers cannot overhear them.

Trillian is what I use right now to allow this, but it only works with Trillian users, not normal AIM users. It would be nice if AIM made their encryption scheme usable by other clients...although I agree with other posters that it may just be a plan to keep other clients off the network.

Really makes me wonder

[ONU+CS+Geek]

If AOL has any ties to Verisign, et al.? If it's using PKI (which it says it is), and the "About AIM Personal Certificates" page (Link Here) says it is (which really doesn't go into how they're implemented, or how you can get a certificate), who's to say that they're not going to charge you for getting a certificate? Yahoo integrated encryption in their Yahoo Messenger Enterprise, and other companies have done this in the past (I believe that even ICQ had a version of their server up so that companies could set their own ICQ servers up).

I honestly think it's all about the Money for AOL, and it's going to be prohibitive for Joe Sixpack to get this to work.

This makes business sense.

[acherrington]

Here is how I see it, there is a lot of push from AOL-TW executives to turn this product, with a large user base, into a real cashcow. The only way that it is doable is by pushing the product into the corporate areana. The AOL-TW execs would like to push all of the infrastructure and software completely into a corporation, same as a mail system (like exchange server, and outlook on the desk). Many businesses were reluctant because it didn't offer the very basics of security. While general users don't care about this, try selling this to a CIO who has had security pounded into their head over the last two years. What question is he/she going to ask, "Would you mind telling me about security for your product?" So when they give this out to you, the public... it's just a mass test, so they can start doing corporate sales. Just my thoughts....

Re:Trillian...

[ptbarnett]

Trillian has had this feature for as long as I can remember using it.

But, doesn't Trillian make the connection directly between the two clients, rather than sending it through the server?

It doesn't work well when either user has a firewall blocking incoming connections.

Re:Locking out clients?

[Hanji]

Because as nice as Jabber may or may not be theoretically for whatever reasons (I don't know anything about it), AIM has one BIG advantage: EVERYONE USES IT. And if you try to get people to switch to a Jabber network from AIM, explaining that it's "open," you'll just get blank stares, and comments that "but all my friends use AIM!"

Technical superiority does not ensure success, unfortunately.