Secure Instant Messaging Systems? 15
Elik writes: "I been asked by the higher up at Netwolves as to the availability of a secure messaging system that uses an encrypted protocol for messaging instead of insecure systems like AIM, MSN, Yahoo or ICQ. From what I have read, they are not secure enough that you can send any secret confidential information though the messenger system, since from the reading, they are not encrypted. Are there secure messaging client/server systems that are available for most platforms, that could be considered secure by using some of the standard encryption systems like 3DES, Blowfish or others?" It shouldn't be too hard to hack support for this into the existing IRC clients. It may not be as cute as most IM systems, but if it's security you want, you may have to sacrifice something. If you are transferring huge amounts of data, why worry about instant messaging systems? Just use PGP (or GPG) to encrypt the data and the plethora of file sharing software currently available on the Internet to get it where you want?
Can't get Gale to work (Score:1)
At the very least, I think Gale needs a prebuilt binary and Win32 install system if it's going to be popular.
tunnel IRC over ssh (Score:1)
Just tunnel IRC (or something) over ssh: works fine, is easy to set up, and you're not reinventing either wheel. (there are plenty of ssh and IRC clients available for most platforms)
Keep in Touch (Score:1)
-henrik
dude. (Score:1)
tik has had support for ssl for a long time... (Score:1)
the only thing is, if both sides of the conversation aren't using ssl, its not very effective....
also if you're worried about major powers doing evil stuff, they could still do evil stuff at aol hq
Re:dude. (Score:1)
I'm actually working on this (Score:1)
Everybuddy (Score:1)
Secure shuttle? (Score:1)
Once Again... KiT (Score:1)
http://kit.tpu.org/
The other ineteresting one is BET.
http://www.upl.cs.wisc.edu/~hamblin/BET.html
I didn't use it much... but the code seemed to work... I didn't get a chance to benchmark/test it...
These were all for a secure login server for an online game that I gave up on.
Peace out.
What about using Jabber (Score:1)
I know that it sends messages via xml, so perhaps you could create an tag, that would let jabber know that this content is encrypted and needs to be decoded before viewing.
Just and idea.
Gale (Score:2)
Gale is instant messaging software distributed under the terms of the GNU General Public License [gnu.org].
Several features set Gale apart from other instant messaging systems.
Gale is open source software. The GPL ensures that you and others retain the freedom to modify and distribute the Gale source code. Gale will never lock into any one vendor's proprietary, closed system.Gale is useful. Gale isn't just about poking "private" messages to someone sitting at another computer. Gale does support secure private messaging, but Gale also has a well-developed infrastructure for public (and semi-public) chat.
Advanced categorization and filtering features mean that you can precisely control your level of participation and distraction. We've been at this for years, we've tried everything else out there, and we have a lot of experience with the usability of real-time messaging systems. The result of our experience is something like IRC, something like Zephyr, and something like commercial "instant messaging" systems, but with many features you won't find in any of these.
Gale is secure. Most other systems depend on the security of a central bank of servers, and provide no protection against network eavesdroppers.
Gale uses strong cryptography for both privacy and authentication, and is designed to work in an environment of mutual distrust between users and administrators.
Gale scales. Gale's architecture uses a loosely-connected set of servers which locate each other via DNS only when they need to talk to each other. Multicast is accomplished by the dynamic creation of self-healing spanning trees of interconnected servers. The network is robust; servers and clients detect and route around failure. This means Gale is fast and stable. Gale will not suffer the kind of performance and reliability problems USENET, IRC, and centralized commercial message systems do.
Gale is here today. Gale has been in active development for over three years. Both clients and servers have been well tested by daily use in an active user community. Both simple command-line and sophisticated graphical clients are available, and there are platform solutions for the POSIX, Microsoft Windows, and Java platforms.
Licq has OpenSSL support (Score:2)
"Licq now supports Secure Socket Layer connections between clients allowing for fully secure communication of messages, urls, chat requests...
PGP 7.0 includes ICQ plugin (Score:2)
On top of that, it includes PGPnet, a VPN client that can encrypt all communications between two clients.
Don't reinvent the wheel.
A Commercial Plug (Score:3)
Anyway, secure, plus beaucoup other functionality. Published, extendable APIs, examples. Video streaming, audio streaming, etc. etc. Uses choice of ActiveX or Java. Version 2.0 is due out the end of the month (or thereabouts). There's a Java version of the chat/instant messaging client, plus a Windows version.
http://www.lotus.com/sametime