[Web4lib] IM Security

Andrew Hankinson andrew.hankinson at gmail.com
Tue Mar 6 03:54:59 EST 2007 

I had exactly the same reservations with that statement... IM is no  
more inherently insecure than any other protocol.  I do remember, to  
be fair, reading an article on how Skype 'punches' through firewalls,  
but that's about the only thing I can think of.

And P2P becoming 'one' with other computers is just plain wrong.  The  
only difference between peer-to-peer and client-server is that each  
'peer' can act as both a client and a server.  You do not 'become'  
one with the peer, and so it follows that you do not automatically  
inherit any of their viruses.  That's mostly FUD that's been spread  
by the media companies and everyone else who fears peer-to-peer.

Andrew

On 6-Mar-07, at 3:14 AM, Micah Stevens wrote:

> On 03/05/2007 06:52 PM, Chadwick, John, DCA wrote:
>> One of the major problems with IM is that it uses a protocol  
>> instead of
>> a standard TCP/IP port. It is easy to filter out spam and viruses on
>> e-mail because all traffic flows on port 25. IM just looks for the  
>> next
>>
> I hate to be nitpicky, but this statement is extremely misleading.  
> Email is a protocol just like anything else on the Internet. It  
> actually uses several (SMTP, POP3, IMAP, etc..) It also uses a port  
> as does any TCP connection. This is exactly how most instant  
> messengers work, although the specifics of the protocol are  
> different. Although a protocol could be designed to operate as you  
> suggest, it would be incorrect to describe all instant messengers  
> as having this property. AIM for example uses port 5900 to connect.  
> MSN uses several ports depending on what is being transferred  
> (voice, files,etc.) however they are specific ports and can be  
> effectively firewalled. Without researching I cannot speak for all  
> the IM services that are available, but I think my point in general  
> is valid. If you have a specific example that disagrees, I'd be  
> curious to know.
>> Also, since flavors of IM uses peer-to-peer
>> technologies, your computer essentially becomes one with other
>> computers, including those that are infected with viruses.
>>
>>
> Again misleading and incorrect depending on implementation. I will  
> agree however that these systems can be a portal for virii, and  
> this is a very valid concern. Inherently though this threat is no  
> more so for Instant messaging than for other methods of Internet  
> communication such as web browsing, email, etc.. Secure  
> implementation varies however as the mentioned links suggest.
>
> -Micah
> _______________________________________________
> Web4lib mailing list
> Web4lib at webjunction.org
> http://lists.webjunction.org/web4lib/

More information about the Web4lib mailing list