posted on Saturday, January 08, 2005 2:05 PM
by
bradley
So all those IM messages you have on a daily basis
So you are IMing away typing up some pretty senstive info and because it's on IM and not on email the fact that you are giving away secrets to Fort Knox is fine because this is IM and not email right?
You do know that IM traffic can be sniffed... that it's going over in plain text.
We were talking yesterday in a meeting how we need to take a concerted effort to “do the right thing” when it comes to computer security.
Encryption is a HUGE right thing and it's still WAY too hard to do. Like MSN IM. Why doesn't it just include encryption that you can turn on natively? You can add it on to your IM sessions but it's not built into the box.
Greg talks about what a pain it is to get people to understand let alone swap public keys to set up encrypted email. WHY IS THAT?
Why shouldn't we try to ensure that communication is safe and secure ESPECIALLY when it comes to sensitive info, but on a regular basis I about fall out of my chair as to the number of documents that are merely emailed with no regard to sensitive information.
I mean why do I have to google to find the Verisign public key page?
It should be easier than this. Right now I'm recommending that we at least use Adobe Acrobat and password protect/encrypt the file for the minimum of protection.
And pssst... Microsoft.... read this from the Verisign instructions...if AIM does it...why don't you?
The latest release of AIM (5.2 and up) allows you to send and receive encrypted instant messages using your Digital ID.
To use your new Digital ID with AIM, follow these directions.