Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

IM Security Questions?

  • 02-03-2009 4:46pm
    #1
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,539 CMod ✭✭✭✭


    Question 1:
    When running Google IM on a FF 3.0 browser I noticed secure socket (https) in the URL (and a Google mail padlock in the tool bar). It stayed that way for over an hour, while I chatted on Google IM. I assume that it was encrypted the whole time I chatted?

    Question 2:
    I asked what my chatmate was using and he said Google IM on a IE 7.0 browser. Furthermore, he said that the secure socket (https) did not show for him, nor the Google mail padlock in the tool bar. If mine shows https and his only http, what does that mean? Mine was encrypted and his not, or what? I am confused.


Comments

  • #2
    AARRRGH
    Closed Accounts Posts: 12,382 ✭✭✭✭AARRRGH


    Q1: Yes, if you are communicating via https then all communications between your PC and the server are encrypted.

    Q2: Yes, your communication with the server was encrypted, but his was not. That means anyone eavesdroppings on his Internet connection could have read your conversation.


  • #3
    JimmyCrackCorn!
    Closed Accounts Posts: 752 ✭✭✭JimmyCrackCorn!


    Install Fiddler

    Watch how its connecting.

    Job done


    Consider Pidgin with Pidgin encryption plug-in if your paranoid.


  • #4
    BaconZombie
    Registered Users, Registered Users 2 Posts: 8,813 ✭✭✭BaconZombie


    No the connect to the main site maybe via https but the messages them self can be send via paintext.

    Best option is do run Wireshark and check what data is been sent via SSL and what is in plain text.
    AARRRGH wrote: »
    Q1: Yes, if you are communicating via https then all communications between your PC and the server are encrypted.

    Q2: Yes, your communication with the server was encrypted, but his was not. That means anyone eavesdroppings on his Internet connection could have read your conversation.


  • #5
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,539 CMod ✭✭✭✭Black Swan


    BOFH_139 wrote: »
    Best option is do run Wireshark and check what data is been sent via SSL and what is in plain text.
    Good idea. Do you know of a clean site to obtain WireShark without the threat of picking up a trojan, rootkit, or other malware?


Advertisement