Re: MSN Messenger

From: David Fox (dfox138@hotmail.com)
Date: 01/05/02

Next message: Dimitri Maziuk: "Re: Another Scripting Hole In Microsoft IE Exposes Local Files"
Previous message: David Fox: "Re: MSN Messenger"
In reply to: Doug Ransom: "Re: MSN Messenger"
Next in thread: nickd@nospam.demon.co.uk: "Re: MSN Messenger"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "David Fox" <dfox138@hotmail.com>
Date: Sat, 05 Jan 2002 21:39:54 GMT

Thanks, Doug.

"Doug Ransom" <dransomxxx@yahoo.com> wrote in message
news:MbHZ7.172$e4.92671@news0.telusplanet.net...
>
>
> > Doug;
> >
> > I don't quite understand your point. Are you saying that there is
> > encryption within MSN Messenger? Would you please elaborate it?
>
> No, the original comment indicated data goes out unencrypted and
> unauthenticated. I am saying the product is kind of bogus if that be the
> case. I have barely used messenger and I don't know if data is actually
> unencrypted. I doubt the data is encrypted. I saw nothing to indicate
that
> it is, and it doesn't seem to recognize x.509 certificates.
>
>
>
> >
> > Thanks,
> >
> >
> > "Doug Ransom" <dransomxxx@yahoo.com> wrote in message
> > news:o6yZ7.19751$e4.7383446@news0.telusplanet.net...
> > >
> > >
> > > --
> > > mailto:Doug_Ransom@telus.net
> > > "David Fox" <dfox138@hotmail.com> wrote in message
> > > news:I4uZ7.4608$h2c.3332@news2.bloor.is...
> > > > What types of security risk and/or vulnerabilities could one company
> be
> > > > exposed when it "endorses/sanctions" MSN Messenger as a
communications
> > > means
> > > > with *business partners*? Any input are appreciated.
> > > >
> > > > As I understand, MSN Messenger requires users using Hotmail
accounts,
> > > which
> > > > in turn may use .net or Microsoft Passport. In this regards, same
as
> > > other
> > > > authentication scheme, once the users' id and password is known,
.....
> > > >
> > > > Secondly, the "chat" is not encrypted, then it leads to
> confidentiality
> > > > issue.
> > >
> > > That is totally bogus. You would think a private/public key pair
could
> be
> > > associated with messenger or perhaps a shared secret per contact for
> > > encryption.
> > >
> > > >
> > > > Thirdly, if file transfered is enabled in the future, the files may
> not
> > be
> > > > encrypted unless PGP or other programs used.
> > > >
> > > > Thank you in advance.
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Next message: Dimitri Maziuk: "Re: Another Scripting Hole In Microsoft IE Exposes Local Files"
Previous message: David Fox: "Re: MSN Messenger"
In reply to: Doug Ransom: "Re: MSN Messenger"
Next in thread: nickd@nospam.demon.co.uk: "Re: MSN Messenger"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: MSN Messenger
... > encryption within MSN Messenger? ... I am saying the product is kind of bogus if that be the ... >>> As I understand, MSN Messenger requires users using Hotmail accounts, ... >> That is totally bogus. ...
(comp.security.misc)
Re: MSN Messenger
... Are you saying that there is ... encryption within MSN Messenger? ... Would you please elaborate it? ... >> As I understand, MSN Messenger requires users using Hotmail accounts, ...
(comp.security.misc)
Re: Does MSN Messenger support SSL connectivity?
... MSN Messenger and Windows Live Messegner don't support encryption, ... Microsoft MVP - Windows Live Messenger/MSN Messenger/Windows Messenger ... Does anyone know if any version of MSN Messenger supports SSL connectivity ...
(microsoft.public.windowsxp.messenger)
Error: Messenger has encoutered a problem
... haven't opened the msn messenger cause I can't, ... saying: ... the error still showing up every minute even if I restart ...
(microsoft.public.windowsxp.messenger)
Re: Conspiracy in the Surveillance Society
... conspiracy cells only? ... Sporting events, parades, or anything else that generates a ... Encryption might hide what you're saying, ...
(rec.arts.sf.science)