Re: MSN Messenger

From: Doug Ransom (dransomxxx@yahoo.com)
Date: 01/05/02

  • Next message: David Fox: "Re: MSN Messenger" 

    From: "Doug Ransom" <dransomxxx@yahoo.com>
Date: Sat, 05 Jan 2002 18:01:16 GMT

    > Doug;
    >
    > I don't quite understand your point. Are you saying that there is
    > encryption within MSN Messenger? Would you please elaborate it?

    No, the original comment indicated data goes out unencrypted and
    unauthenticated. I am saying the product is kind of bogus if that be the
    case. I have barely used messenger and I don't know if data is actually
    unencrypted. I doubt the data is encrypted. I saw nothing to indicate that
    it is, and it doesn't seem to recognize x.509 certificates.

    >
    > Thanks,
    >
    >
    > "Doug Ransom" <dransomxxx@yahoo.com> wrote in message
    > news:o6yZ7.19751$e4.7383446@news0.telusplanet.net...
    > >
    > >
    > > --
    > > mailto:Doug_Ransom@telus.net
    > > "David Fox" <dfox138@hotmail.com> wrote in message
    > > news:I4uZ7.4608$h2c.3332@news2.bloor.is...
    > > > What types of security risk and/or vulnerabilities could one company
    be
    > > > exposed when it "endorses/sanctions" MSN Messenger as a communications
    > > means
    > > > with *business partners*? Any input are appreciated.
    > > >
    > > > As I understand, MSN Messenger requires users using Hotmail accounts,
    > > which
    > > > in turn may use .net or Microsoft Passport. In this regards, same as
    > > other
    > > > authentication scheme, once the users' id and password is known, .....
    > > >
    > > > Secondly, the "chat" is not encrypted, then it leads to
    confidentiality
    > > > issue.
    > >
    > > That is totally bogus. You would think a private/public key pair could
    be
    > > associated with messenger or perhaps a shared secret per contact for
    > > encryption.
    > >
    > > >
    > > > Thirdly, if file transfered is enabled in the future, the files may
    not
    > be
    > > > encrypted unless PGP or other programs used.
    > > >
    > > > Thank you in advance.
    > > >
    > > >
    > > >
    > >
    > >
    >
    >

    Relevant Pages

    • Re: MSN Messenger
      ... Are you saying that there is ... encryption within MSN Messenger? ... Would you please elaborate it? ... >> As I understand, MSN Messenger requires users using Hotmail accounts, ...
      (comp.security.misc)
    • Re: MSN Messenger
      ... >> encryption within MSN Messenger? ... I am saying the product is kind of bogus if that be the ... I have barely used messenger and I don't know if data is actually ...
      (comp.security.misc)
    • Re: MSN Messenger
      ... > What types of security risk and/or vulnerabilities could one company be> exposed when it "endorses/sanctions" MSN Messenger as a communications means> with *business partners*? ... You would think a private/public key pair could be associated with messenger or perhaps a shared secret per contact for encryption. ...
      (comp.security.misc)
    • RE: IM encryption
      ... > My users were wondering if I knew of any encryption software ... > also for legit purposes. ... > suggestions for encryption of MSN Messenger? ...
      (Focus-Microsoft)
    • Re: Conspiracy in the Surveillance Society
      ... conspiracy cells only? ... Sporting events, parades, or anything else that generates a ... Encryption might hide what you're saying, ...
      (rec.arts.sf.science)