Slashdot Mirror
MSN Messenger Access To Be Restricted
linuxwrangler writes "According to Infoworld, Microsoft has announced that as of October 15 some third-party software and older versions of MSN Messenger will no longer be able to log in to their Instant Messaging service. Microsoft cited 'security issues', but declined to offer specifics. The company sent an email alert to Messenger users, but users reported thinking the message was a hoax or virus after receiving over a dozen copies of the email."
Does any one know witch version of msn jabber emulates?
I really really want to keep useing jabber for my IM stuff (its not like I have a whole heck of a lot of choice , but running msn in wine is not my idea of a fun time).
Oh, ya... this is microsoft we are talking about.. get people using it, then take control of it.
Good way to cut off *nix users too..
And yes i realize its their software, their network but i thought at one point they said it would remain open...
---- Booth was a patriot ----
This is pretty bad news. I wonder if this is the first step in the process of charging for MSN messenger usage.
Wouldn't have anything to do with this announcement would it?
They who would give up an essential liberty for temporary security, deserve neither liberty nor security
This follows closely on the heels of the FCC's lifting of the restrictions on AIM, as discussed recently. Seems that MS thinks that if AIM can get away with locking people out, so can they.
This account verified sig-free since..., uh, never mind.
Exactly, and this is pretty ironic considering the complaining MS did when they tried to hook into AOL's servers. They would link the servers and AOL would close the hole, then MS would find another way around, and AOL would close that one, and so on...
Now they'll pretend that never happened and act like people trying to circumvent their protections are some kind of criminals.
if(!cool) exit(-1);
I only used my MSN Messenger account when I really needed to before. Now I won't use it at all. There are other IM services out there, and Microsoft's wasn't a particularly GOOD one anyhow...
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Sundwall: "We would encourage those third parties to contact us to work out agreements by which they can continue to have their customers access our network."
So, there's still some hope. The code to GAIM is freely availeable for Microsoft to audit, so theres at least a small chance they will certify it as not being a "security risk".
The unofficial
The IM community is so partitioned now, that most users have to run 2-4 different clients in order to talk to all of their friends. What about a service that is open, cant be bought out, and will last for a long time?
Has anyone run into a decentralized IM service?
Fascinating how Microsoft is using AOL's *excuse* to block third parties from accessing MSN Messenger? I seem to recall AOL using this reason to block MSN and others from its users and Microsoft responded by helping to set up IMUnified as a pressure group to convince the FTC and the FCC to require AOL to open up the AIM network to them... I love hypocricy (sic, if I spelled that incorrectly!)...
"Right now, somewhere in this world, Scott Baio is plowing a woman he doesn't love," - Peter Griffin, *Family Guy*
AOL didn't allow Trillian on their network for a long time, citing bandwidth and resource use from people who weren't looking at the integrated AIM ads or using the AOL service. AOL insisted that third-party clients use the vastly inferior TOC protocol to connect to the AIM network instead of letting third-party clients use their proprietary OSCAR protocol.
So what did the engineers at Trillian and GAIM do? They reverse-engineered the OSCAR protocol and Trillian and GAIM can now use the AIM network again.
If Microsoft locks down their network, I give it all of 3 days before Trillian and others can access it again. AOL tried and was unsuccessful. I doubt Microsoft will be able to stop this for long considering the negative publicity (and Trillian patch) that would result.
Simpli - Your source for San Jose dedicated servers and colocation!
Quote from the linked article:
"It is our expectation that those who use our service with unlicensed or unauthorized third-party clients will likely not be able to log on after Oct. 15," Sundwall said. "We would encourage those third parties to contact us to work out agreements by which they can continue to have their customers access our network."
Sundwall would not comment on what type of agreement Microsoft would want with third-party IM software providers. "We are very interested in interoperating with all third parties, there just needs to be a formal agreement," he said.
Still BS, but at least it's not the usual "shut off and don't answer questions policy".
Do we read this as: The upgrade is required because "we can't track the behavior of our Messenger users " with the older versions of the Messenger clients and third party clients, he said, declining to specify those issues.?
A similar action by talkcity.com about 4 years ago killed the activity in its chat rooms, wonder if Microsoft will let that happen or use strong arm techniques to keep the users!
There are two kinds of egotists: 1) Those who admit it 2) The rest of us
Wasn't it not that long ago that Microsoft was putting out white papers on the MSN Protocol for others to use in programming clients?
So, there's still some hope. The code to GAIM is freely availeable for Microsoft to audit, so theres at least a small chance they will certify it as not being a "security risk".
You think they're talking about the user's security?
Don't be naive. The only security they are referring to is the security of their market share.
"'Tis a small mind indeed cannot think but of one way to spell a word." -Mark Twain
The only reason I use Msn is because most of my friends and clients use it, so I kinda have to use it if I want to keep in touch. No, They're too lazy to move to something else. This really sucks because up to now I've been using 4.6 and refuse to upgrade to the bloated piece of shit that MSN 6.x is.
I also develop plugins for Msn plus, and like the fact that msn 4.x is nice, small and fast to start up when debugging.
I want a fast, small, simple IM app. Not a freaking huge application that takes up half of the screen , gaming centre, washes my dishes, takes care of the kids, walks the dog. I cannot stand that program, I tried it twice but no! I hate it. This really sucks.
Hopefully it will be rev eng soon. dmca? ARGH@#$
[alk]
After circumventing the access control layer one of two things will take place:
Micro$oft will claim some sort of copyright on some of the data stored on their servers. This is not have to be the messages. It could be the compliation of the directory information of the user. By circumventing their access control you have gained access to a protected copyrighted work. DING DING DING DMCA VIOLATION DING DING DING
Since all communications must go through Micro$oft's (or their duly delegated agent's) servers, by circumventing the access control layer you have gained unauthorized access to a protected computer system. DING DING DING USA PATRIOT VIOLATION DING DING DING
Of course we all know why Micro$oft is really doing this:
Lock in - Keep users in your system and don't let them talk to other systems either by your own client or by some third party client.
Security through legality - This is one more piece of legal wrangling they can use to avoid any realy responsibility about any security concerns. Any security breach would require an exploit that the MSN client is not programmed to do. Thus any exploit would require writing a different client or modifing the MSN client. Either way this is an unauthorized client and the DMCA and the USA PATRIOT Act can be used.
Same too ya - Uhhh, AOL is doing it to MSN so MSN is doing it to AOL.
Gee, I guess I'll just use that analog, electro-mechanical, voice messaging system that the FCC won't let the baby bells completely destroy.
Ah, yes... I remember so fondly the pioneering days of Trillian, when I'd patch two, three times a day to maintain AIM connection. How excited I would get, coming back from classes and wondering if yet another release due to "flap error" was going to be necessary!
It made Trillian that much more exciting to use, all the more so because I loathed (and continue to loathe) AOL so much. Of course, I always had ICQ to fall back on. Then AOL bought them and drove them into the ground.
What we need is an open source, secure protocol for chatting, newly implemented for today's uses. I'm getting tired of chatting over AIM, just because it has something to do with AOL. Yahoo I don't like either, nor MSN, or ICQ for above mentioned reasons. And other chat programs with half-standards aren't at all what we need at all. There are more than enough able geeks out there, some solution shouldn't be too difficult to organize a consortium to address the situation. Mayhap I smell an Ask Slashdot in the future.
The less they have to worry about catering to others, or time spent on monitoring 'others' on their products or network is time they can spend in their deployment of the one product end user goal. We've seen a glimmer of that mindset when last week they announced that the reason for BSOD's was outside programing etc.... LI}But eventually changes like this that ostracize entire portions of computer users will eventually lead to the better development by those who subscribe to deviant technologies. So in the end this move could start off the stages needed as a catalyst for better development and increases onward and upward.
Let's keep in mind that patents are in place to keep lawyers employed and keep them litigating. -CatGrep
It looks to me that that may be what Microsoft is doing. They are not just disabling 3rd party software. They are disabling access with some old versions of their own software. If they start dissallowing access by software even when there are no known vulnerabilities in the software, that is when we should get mad.
Your comment made the assumption that this is for Microsoft's security. I believe that it is for user's security. Microsoft is not providing a worthwhile service to the user if their "service" is a public backdoor into the user's computer. Microsoft knows this and they are doing the right thing. They have evidence of ways to crack certain softaware that connects to their servers. They have the ability to close the door on the vulnerability and they are doing so.
As soon as Trillian fixes their bugs and opens a dialog with Microsoft assuring microsoft that the flaws have been fixed, Microsoft will open the service back up.
But then again, I'm probably not paranoid enough for slashdot today. ;-)
You know, the LAST time they said this, you either had to agree to an NDA that precluded an OSS implementation. The "formal agreements" there were pretty clearly only for other commercial (because of the licensing fee) & closed source vendors.
I can actually understand the Windows-only issue from their point of view; although I don't agree with it as a customer.
But I bet they're losing users to third-party clients in far greater numbers in the windows platform than anywhere else.
Linux users are already willing to go through some inconvenience to NOT use their OS OR their Office suite, areas over which they had a much tighter control in the market over the years. It's not like they hope to "bring them back" through Messenger.
I'm using Trillian right now on a Windows machine. Why? Not because I can't use Messenger, not because I have ethical issues about using Messenger, but because Messenger and its network (like RealPlayer) is a product that has gone from decent to inferior to catastrophic with each "upgrade".
Perhaps if the network did not kick me out sporadically, if their client didn't take that long to sign me in, or took up over twice the memory size of Trillian, or if I didn't constantly get spam through it, or if it didn't have authentication problems with my hotmail account (which Trillian doesn't have)...
Well, you get the idea. Perhaps if their client didn't suck that much I wouldn't mind using it.
I mean, I love having all my IM ids in the same client, and probably wouldn't want to live without it by now. But it's like tabbed browsing in Mozilla... it's a feature that solves a problem many people don't know they have.
What made me try Trillian was not my admittedly crowed taskbar, it was one too many popups from Messenger advertising porn.
If their products were merely competent, they wouldn't even have to match the 3rd party products feature by feature. Not until a mainstream IM client (IM or Yahoo) forces them to by including those features itself.
Freedom is the freedom to say 2+2=4, everything else follows...
What people fail to realize, is that IM is regionalized. In other words, each region adopts its own IM and sticks to it. I live in a small town in North Dakota. Early on, ICQ was the popular instant messager, but due to Windows' inclusion of MSN Messenger, MSN Messenger won over this market. Today, maybe 5% of the community uses ICQ/AIM. The same applies for much of the rural midwest. The cities are another issue entirely, where AIM comes into play. I don't know the numbers, but I'm guessing that AIM is the most popular IM in New York and LA, due to the large number of AOL subscribers. The problem here, while IM allowed millions to be able to communicate and share in a way that chat rooms failed to do (simplicity for one), is that this communication may draw boundries, with one city being 'incompatible' with another city just a few miles away. The bridge programs (such as Trillian) can help to take these borders down, but only if Microsoft and AOL don't mind.
The Political Programmer
right. The $10 donation I gave to those dudes was the best money I ever spent. I got a free copy of the pro. But I'll probably buy 2.0 anyway. It's the single best program I run. It let's me:
... I'm sure there are others.
1. talk on a zillion dif't protocols without all the resuource hogging of running them. With a bunch of great skins to switch around when I get bored.
(the rest are with plug ins.)
2. Let's me know when I get email on the exchange server so I don't have to keep Outlook running all the time.
3. Let's me know the current weather, and when a severe storm is in the area (and forecast with one click).
4. Has a nifty to do/task list.
DO NOT DISTURB THE SE
This is true... Try to create a product which implements the SCC interface for Source Control.. Even some companies can't use it because the nasty legal agreement bundled with an NDA making you not even acknowledge that there is this API doesn't fly with some corporate legal departments.
This is a story, it's just dressed up all pretty by MS to make it look like nothing.
"Nothing to see here, move along" - Officer Barbrady
Hands up who is surprised. It's standard business practice for MS.
Hands up who is surprised. It's standard business practice for MS.
Gates calls on FCC to examine AIM (ZDnet)18 Dec 2000 - Microsoft chairman Bill Gates telephoned the chairman of the Federal Communications Commission last week to urge a close examination of America Online's dominance in instant messaging, a Microsoft representative confirmed.
Leading Technology and Instant Messaging Companies Form IMUnified (The Devil Himself) - One of the things that makes this coalition so exciting is the opportunity to work together and learn from each other so that we can create a system that is even more private and more secure than what is available today, said Yusuf Mehdi, vice president of MSN at Microsoft Corp.
AT this stage, I think we are only at stage 6 of the product lifecycle. Although the IETF announced Extensible Messaging and Presence Protocol (XMPP) almost a year ago, IBM and Microsoft have promoted a separate standard known as SIMPLE (SIP for Instant Messaging and Presence Leveraging Extensions). As IM becomes more important in the corporate sector the issue really starts to revolve around this proposed standard and the conditions under which it will be available or licenced.
Stopping myself...Abort (core dumped)
Did any of you ever even once stop to think that maybe that particular protocol IS insecure?
Last year, my friend went through the MSN messenger API and found all sorts of goodies. Within a few minutes, he was sending messages as if they were from other people. He played jokes on us for a little while, striking up weird conversations out of the blue.
Think before you open your mouth.
(Posting anonymously for obvious reasons.)
I wonder if this has anything to do with the recent rules dropped against AOL. Also here's a nice tidbit from MS..
"It is our expectation that those who use our service with unlicensed or unauthorized third-party clients will likely not be able to log on after Oct. 15," Sundwall said. "We would encourage those third parties to contact us to work out agreements by which they can continue to have their customers access our network."
Let me rephrase a bit of that.
"We would encourage those thrid parties to contact us to work out payments by which they can drive away your customers"
I've also heard a rumor that a new version of MSN messenger yet unnannounced will include the ability to work in a similar manner of Trillian which allows you to consolidate all popular IM Programs into one program. I have no way to verify this "Rumor" but it's really hard to say MS wouldnt do it.
Has anyone else heard otherwise?
Who cares? Drop MSN and their messenger. It is a joke anyway. Use Jabber of GAIM or Yahoo or anyone else you know.
As Clausewitz said, "fixed fortifications are a monumnet to the stupidity of man."
Microsoft is just building a moat around their customers to protect their revenue stream. That never works.
All Ad hominem replies happily ignored as the sender shall be deemed to lack the faculties to comprehend the equation.
And then I'll pull the winning lotto ticket outta my backside...
What I haven't seen here are messages about Yahoo porting its messenger to a couple of Unix flavours. One of the developers even maintains a nice FAQ! The current version (1.0) works like a charm, with RPM and deb packages available. The next version 1.1 will probably support webcams.
8 of 13 people found this answer helpful. Did you?
MSN messenger takes 20 seconds to load, and takes about 3x as much RAM as .NET Messenger. As long as they don't make me stop using .NET messenger, I'm happy.
Besides, MSN messenger is bottom rung anyway. If you're really concerned about having a an instant messenger for Linux, why not use ICQ?
Because my employment requires me to use MSN messenger?
The other people in our small organization had already more or less standardized on MSN before I came along. They are already very accomodating to my needs by letting MSN be our primary means of communication aside from email, and there is no way I could ever expect them to switch messaging programs. Its bad enough they can't pick up the phone and call me.
I do contract web development jobs, which are all passed on to me by one specific company, in Canada. But after doing this for a while up there, I decided there was no reason I couldn't do the exact same thing from Mexico, with a high speed cable connection. The only problem is that the long distance is prohibitively expensive, at about 76 cdn cents / minute.
For this reason MSN messenger is very important for me. Plus, I have been using Linux exclusively for 6 years, come this labour day weekend. Everything I do work wise is 100% Linux related, mostly MySQL & PHP on Linux servers. I need Linux running locally, I could never go back to Windows.
So what do you suggest I do? Ask everyone else I work with, albeit remotely, to switch to another service just for me??
Right now I use Gaim. For me, the message logging is also another very important benefit of using Gaim as oppossed to the Microsoft version. I need the logs to remember the conversations and what ever little things they asked to have done, although of course big descriptions are sent through email but the little modifications they mention over MSN, I need to remember these. And as far as I know the Microsoft version does not support any logging features.
When they refer to security, it wouldn't surprise me if they are concerned about the third party clients having these logging features. I know some people are pretty surprised when I quote old conversations. Could it not be thought of as a security concern if people don't think their conversations can be logged, when in fact they can be by third party clients?
I phoned MS support after getting that email (I have MS Gamevoice, which only works wirth Messenger up to 4.6)
They told me on the phone it was a virus email.
Stop bitching about Microsoft for a change. Microsoft is the only "commercial" IM provider that has been in favour of a standard protocol for IM. They published this draft in 1999, a complete spec of the MSN Messenger 1.0 Protocol.
19: Do you plan to support plaform foo? ..etc..etc.. binaries.
:)
Where
It is unlikely that we would ever build a Caldera/SCO version, however.
hehe funny
There's nothing childish about M$ but if you want to think otherwise, fine. It is a good abreviation and I'll use it whenever I do not feel like typing "Microsoft." (MS is reserved for multiple sclerosis)
/. will cover when the time comes.
Anyway my point was Gaim is a cross platform application that runs on Windows as well as Linux. M$ should not (emphasize should not) feel obligated to compete with it.
Whether they end up doing so (for obvious monopolistic reasons) is a future story, one that I am sure
The unofficial
Well, it is not like the MSN protocol specification has been open earlier, which didn't stop developers from making third party clients. I see no reason why the same people shouldn't be able to reverse engineer the protocol specs once more.
The question you should ask yourself is why MS is going this very public about "closing" their protocol.
---
The combined human population is enough to feed every living tiger for app. 28000 years.