Slashdot Mirror

← Back to Stories (view on slashdot.org)

Enhanced Instant Messaging with IMSmarter

Posted by ryuzaki0 on from the HI dept.

Zanek writes "Engadget has an article about David Weekly who has created IMsmarter. What is IMSmarter? David describes it as a 'secretary that helps you out by sitting between you and the rest of the world, letting you know about things that are interesting and taking notes'. Works on all computers, no software to install." Gaim and other clients have good logging and search capabilities, but this goes a few steps beyond that.

18 of 221 comments (clear)

  1. No thanks... by DAldredge · · Score: 5, Interesting

    Sorry, but I don't quite trust this service as they would be able to log every IM request that I send or receive.

    4.1 Advertisers
    Some of the services offered by Coceve are paid for by targeted advertising. As a result, Coceve may share aggregate demographic information about you and people like you with advertisers (including ad serving companies), allowing them to customize the ads that you might see. We will not release any personally identifiable information to them. However, if you click on an ad, sign up for an advertised product or service, or otherwise interact with an advertiser, the advertiser may separately record information about you or your computer, not subject to this Privacy Policy.
    4.2 Contractors
    Coceve may hire people or businesses to work with or for us on projects, such as performing security audits or providing customer support, in which they may require access to portions of your personally identifying information to do their job. Before we provide any such information to them, however, they must sign confidentiality agreements promising to protect that information, and if applicable, promise its return or destruction when the work is complete.
    4.3 Compelled Disclosure
    Coceve may be requested by subpoena, court order, or legal process, to disclose information about you. Coceve believes strongly in the privacy of its subscribers, and will attempt to notify you that your information has been requested, unless we are prohibited by law from doing so. If you are a Basic Subscriber, we will send notification to your email address. If you are a Premium Subscriber, we will send notice to both your email address, and your postal mailing address. We may be required by law to disclose your information if you do not challenge the disclosure request through appropriate legal channels.
    4.4 Other Disclosure
    Coceve may disclose information about you to comply with legal process served on Coceve, to protect Coceve rights or property, to investigate or report suspected illegal activities, or to take emergency action to protect the personal safety of users of Coceve services or the public.

    Coceve may be acquired by or merged with another company. Before your information is shared with or transferred to that company, you will be notified via email, and via Coceve.com or IMSmarter.com, and provided the opportunity to agree to the transfer (including acceptance of any resulting privacy policy) or to erase your information and cease receiving services from Coceve.

    1. Re:No thanks... by SlashChick · · Score: 2, Interesting

      I love the fact that you use Gmail and then complain about your IM logs being online. Gmail grabs keywords from your email and shows advertisements based on them! IMSmarter hides the chat logs from everyone else, and (as far as I know) has no plans to be an advertising-supported service.

      Also, you can turn off logging if you're really that worried about it. :)

      --
      Simpli - Your source for San Jose dedicated servers and colocation!
    2. Re:No thanks... by metlin · · Score: 2, Interesting

      That's besides the point - the "female" could be my girlfriend, which could result in problems for both me and her. The question is not whether or not the privacy matters, merely that no matter what privacy *is* needed.

    3. Re:No thanks... by Idarubicin · · Score: 2, Interesting
      Yes, but IMs by their very nature tend to be a whole lot personal than emails.

      I think that's very subjective, and very much depends on the user.

      Is there nobody left who can write a steamy love letter? I know this is Slashdot, but there must be someone here who knows more about romance than "a/s/l?" People somehow managed to get laid even before the Internet was invented.

      People might also tend to discuss more technical things via email, when detail is more important than instant feedback. If someone is talking about a medical condition, for instance.

      --
      ~Idarubicin
    4. Re:No thanks... by lizrd · · Score: 2, Interesting
      Makes rather little difference if you use SSL or not. Your SSL connection is between your client and your server. Once it hits your server the admin could log your messages if he/she so desired.

      The thing about any form of IM is that the vast, vast majority of traffic is completely inane and nobody would actually want a log of it since reviewing such a lot would subtract IQ points from the reviewer. Therefore you can probably inject your (not inane and stupid....apparently) super sekkret conspiracy plans into the void and nobody will notice.

      --
      I don't want free as in beer. I just want free beer.
  2. No chance by FiReaNGeL · · Score: 4, Interesting

    # Search your IM chat history...at work or at home!
    # Discover when your friends update their blogs
    # Blog as easily as sending an IM
    # Remember the laundry you just put in the wash
    # Recall web sites, phone numbers, and email addresses mentioned on IM

    Ok, this is nice. But no software to install... this means that it has to store (or at least transmit) my IM chat history. To boot, it parse phone numbers, web sites and EMAIL ADRESSES. And their privacy policy say :

    4.2 Contractors
    Coceve may hire people or businesses to work with or for us on projects, such as performing security audits or providing customer support, in which they may require access to portions of your personally identifying information to do their job. Before we provide any such information to them, however, they must sign confidentiality agreements promising to protect that information, and if applicable, promise its return or destruction when the work is complete.

    Oh... they'll give my personal info to business who PROMISED they won't give it to others... right.

    --
    Eureka Science News - automatically updated
  3. Re:Let's see by The-Bus · · Score: 2, Interesting

    Furthermore, it keeps saying "No software to install!" then asks me to download a registry modifier...

    [HKEY_CURRENT_USER\Software\America Online\AOL Instant Messenger (TM)\CurrentVersion\Proxy]
    "Enabled"=dword:000000 01
    "Host"="proxy.imsmarter.net"
    "Port"=dword:000 00438
    "Protocol"="SOCKS4"
    "Username"=""
    "Passwo rd"=""

    As much as it's not an executable, I still consider it "software" -- no thanks.

    --

    Small potatoes make the steak look bigger.

  4. Privacy concerns by SlashChick · · Score: 5, Interesting

    "So what do you say to all the people concerned about privacy as a close personal friend of this guy?"

    Well, first, IMSmarter allows you to turn logging off by sending the proxy a message. That's the first thing.

    The second thing I would mention is that, since IMSmarter isn't selling your information to advertisers (and, as far as I know, has no plans to introduce this as a revenue stream), it's far less dangerous than even your standard webmail client. (What, you think Yahoo or AOL administrators can't read your webmail or IM chats?)

    David will have to introduce more fine-grained logging controls in the future (i.e. never log conversations with xyz; always log conversations with abc; delete the last hour of logs with asdf.) This is all coming. You are seeing a project that is in its very early beta stage right now, and I think this Slashdotting should jump-start some of the things that IMSmarter needs to do. You and I both know, however, that people care more about features than privacy. If we all cared about privacy first and foremost, none of us would have a Gmail account. ;)

    --
    Simpli - Your source for San Jose dedicated servers and colocation!
  5. Re:Notes from a beta tester by spudnic · · Score: 3, Interesting

    You'd have to have some trust for the proxy, but I'd feel better if I were able to upload my public key and have it encrypt everything against that before it saved to the database. The logs would be sent to me encrypted and I would decrypt on my side. A simple client could handle this for me.

    Sure, they could write the raw data out also if they wanted to be mischievous, but at least there would be protection if their site was compromised.

    --
    load "linux",8,1
  6. Gotta give it a "thumbs down" by Chatmag · · Score: 3, Interesting

    There really isn't anything to prevent them from using the logs in a similar fashion to the out of control cyber-vigilante web site Perverted Justice other than a privacy policy that seems to leave a lot of questions in my mind as to the security of the system.

    According to their privacy policy:
    "Access to your personal information other than your chat logs and buddy lists (which are protected according to Section 2.3) is limited to employees who reasonably require access to it in the course of doing their jobs, such as providing customer support to you. We require those employees to sign confidentiality agreements promising to safeguard your information."

    There's been a few highly publicized cases of insiders stealing information. I've got to pass on IMSmarter.

    --
    Pete Carr Owner Chatmag.com
    1. Re:Gotta give it a "thumbs down" by bobthemuse · · Score: 2, Interesting

      This is exactly why I'd love to see this released as open source. While my traffic isn't encrypted, it's relatively safe, as most people don't care enough to go through the trouble of intercepting my IMs. On a server, where the data is just lying there for searching, it's a whole different story.

      If this was available for download, to run on my own servers, or on the servers of a (more) trusted company, this would be great!

      I wonder how long it will be before AOL, MSN, etc start to offer server-based logging and such. Since they already have my traffic, not too much more to worry about....

  7. You might not use it, but your buddy might... by Elphin · · Score: 3, Interesting

    Yeah my knee jerk reaction to this was "never in a thousand years" too, don't forget that the person you are messaging may be using this service *and you'd never know*.

  8. What about 3rd party consent? by __aaitqo8496 · · Score: 2, Interesting

    As if your privacy isn't of utmost concern, what about your friends'? So now, I could be targeted for advertising if a friend IMs me asking for my email. I type it in as one would expect, and now, instantly, this is logged on IMSmarter's servers. Next time a "contracter" "comes in" to perform some "service", I start getting SPAM. Wait a minute, I never agreed to receive SPAM from you!

    I don't like this service simply because it doesn't require the other party's consent.

  9. Re:Notes from a beta tester by CrackerJack9 · · Score: 2, Interesting

    If someone sends me a URL, I click it or open it in my web browser, then save it as a bookmark. Web Browser-storing web link...seems to make more sense. If i don't or can't open the link right away, I leave the IM window open until I can. It's really simple. Sometimes I get crazy and copy and paste the URL into notepad or some fancy thing...of the people that didn't stand in line for the newest AOL upgrade, I don't think I'm in a minority.

  10. It's not Spyware. I used to live with David :) by Effugas · · Score: 3, Interesting

    So this is what's really evil about Gator et al -- they make *actual* innovators look bad. David's a geek, a damn cool one, and he's genuinely trying to make a really useful service even better, through liberal application of mind-bogglingly cool hackery.

    This should be cool, right?

    So I used to live with David. I'm a moderately well known packet hacker type, and around the time I was living with him, I put together this hack for SSH called Dynamic Forwarding. SSH has the ability to forward TCP-based services, like email and such. But you used to need to pre-specify all your forwards before connecting. Dynamic Forwarding put a SOCKS server in the SSH client, so any application that could speak SOCKS could gain access to the cryptographically encrypted channel.

    David had a much more expansive vision -- rather than just encrypt the chat session, why not add new features to it? IM is this brutally efficient communications medium where all sorts of otherwise superfluous communication artifacts are dispensed with; perhaps this efficiency could be used as an appropriate channel to organize one's life?

    So -- no joke, he marshalled his savings, quit his job, and became this total guru of instant messaging protocols so he could explore the potential of this (very good) idea. No VC's, no ulterior motives, and when he's talking about security engineers who some day might need to examine the system to validate his architecture -- well, that'd probably include me, and seriously, I don't want to know anything about your life thank you very much :)

    Honestly, it's a bit ridiculous to talk about IMSmarter as creating any serious alteration to IM privacy. You're using an unencrypted channel to a centralized messaging clearing house that, in AOL's case, is located in Virginia. Ahem. I'm not saying privacy isn't important -- just that David's got way more interesting things to worry about than who you've got a crush on. Ultimately, his service isn't a very good place to spy from anyway, because he doesn't get all messages from all people, just those that are intentionally routed through him. And as anyone will tell you, global views trump self-selection any day of the week.

    Honestly -- he's pulling some really cool protocol tricks, and I'm happy to see his wonky-as-hell hack actually become something my mom could use. I know there's alot of creepy corporate virus vendors who are doing some truly nasty things -- someday I want to find the guy who replaces people's TCP/IP stacks and replace a few of his vertebrae -- but David's not one of 'em. Good guy with cool code -- he deserves to be encouraged.

    Yours Truly,

    Dan Kaminsky

  11. bittlbee by MacJedi · · Score: 2, Interesting

    It's not exactly the same as IMSmarter, but i've become a giant fan of bittlbee + irssi + screen.

    --
    2^5
  12. The Author Responds by dew · · Score: 4, Interesting

    Hi, everyone! I'm David, the author of IM Smarter. I'm glad that people are interested enough in the service to post about it. I'm sorry that I wasn't able to post this earlier, as I was in a (very long) meeting with some folks from the Chicago Beck Foundation to discuss different ways to promote literacy in the third world.

    Anyhow, I'm here now, and I'd like to respond to some of the higher-order points that people have made. I think that it's correct that trust is a big issue here. This is part of the reason why we tried to create a privacy policy that would clearly hold your private data as sacred to us. This is also why we took the unusual step of making a privacy promise. The comments in this forum make it clear that we didn't do a good enough job in making it clear that your private data is yours alone. We would be delighted to work, with your constructive feedback, on a privacy policy that does a better job making it clear that your chats are for your eyes only. I actually did ask the EFF to edit and review my privacy policy, but they haven't set up a program for doing that. If any of you know of a consumer-rights organization that would be interested in working with a company on drafting a consumer-focused privacy policy, please do let me know about them.

    Let me be very clear here: we will not scrape the content of your IM chats to deliver advertising to you. This is not GMail. We will not sell or otherwise disclose your personally identifiable information to third parties. We are here to use your information for you, not against you. If that makes it harder for me to rake in the big bucks as quickly, so be it. I am here to protect your privacy and improve your IM. (The last time I was on Slashdot, it was because my non-profit had successfully sued Diebold in federal court for infringing free speech rights. We won - thank you EFF!)

    There was some concern that our intended deployment of Premium features would suddenly disable currently-available features. This is not true. There are a suite of kickass *new* features planned for Premium - the services that are currently offered as Free will continue to be offered without cost throughout the service's lifetime.

    If you have any other questions or concerns about the service, I'd be happy to hear about them. Having launched less than two weeks age we frankly weren't ready for Slashdot with regards to our privacy messaging or site design (which, yes, totally blows but should be fixed in the next week or two). We've got a lot of great features yet to deploy - as I said on the Engadget interview, logging is really only the tip of the iceberg. Logging isn't the *point*. The point is having an agent who can work on your behalf to keep you in the loop about things you want to know about and who can keep away messages you don't want brought to you (at the moment because you're busy, or ever).

    This is my baby, the fruit of my labors of a year. I realize my baby's pretty ugly and infantile right now, but my metric for going out of private beta was to launch at the point when I could imagine that at least one random person out there on the Internet could plausibly find the service interesting enough to use on a regular basis. I think we're at that point now, albeit not at the point where we're the service "everyone obviously should use". The service continues to make progress on a regular basis. I can only hope and pray that people will be patient with me as it creaks onwards towards becoming a great, genuinely useful service for people.

    Have a great Saturday night, everyone.

    Peace,
    David E. Weekly

    --

    David E. Weekly
    Code / Think / Teach / Learn
    h4x0r for

    1. Re:The Author Responds by dew · · Score: 2, Interesting

      Lord Dweomer,

      Thank you for your comments; I do take them constructively.

      I think that it's likely that there will be some folks that don't like the logging feature. I hope to very soon introduce a suite of services that that are compelling enough that people would be interested in using the service with logging disabled. I'd be delighted to welcome those users onboard as soon as we're ready for them. In the interim, we have a privacy policy, which is a legally binding contract obliging me to respect the integrity and privacy of your data. While IANAL, it is my understanding that a wilful breach of this contract on my part could open me up to a lawsuit.

      Longer-term, we'd love to offer fully-encrypted centralized logging - something kinda like Hushmail for IM logs. The trick there is allowing the user to *efficiently* search those logs (and, well, letting the logging itself be efficient in the first place). In the interim, I'm just trying to keep my servers happy and fed. :)

      Cheers,
      David

      --

      David E. Weekly
      Code / Think / Teach / Learn
      h4x0r for