Who's reading your instant messages?

Instant messaging may be a handy and quick communications tool, but experts on the technology warn that it's also a security risk--vulnerable to eavesdropping and even physical tracking.

"We are building a tool that is constantly keeping tabs on us," says Brad Templeton, chair of the Electronic Frontier Foundation, a privacy watchdog group. Speaking at the Presence and Instant Messaging Conference here this week, Templeton said his chief concerns are the logging of chat conversations, their lack of encryption, and the potential for hackers to use them to track where you go.

Also brewing are issues such as how and when governmental entities, such as law enforcement agencies and the courts, can obtain IM transcripts, usage information, or other data.

"Most people don't care about security and privacy until they've lost it," says Lenny Foner of the Massachusetts Institute of Technology's Media Lab. He warns that IM could do just that: "Let's not build in Big Brother."

Instant messaging explodes

A lot of us are already blithely chatting away. Market researchers at IDC estimate users sent 900 million instant messages on a typical day last year and will send about 7 billion a day by 2004. According to a February report by Jupiter Media Metrix, MSN Messenger has 29.5 million members in 12 countries, AOL Instant Messenger has 29.1 million members, while Yahoo Messenger has about 11 million.

The three leading instant messaging services all dispute claims that their systems lack security, and each says it does not log its customers' conversations or keep tabs on where they go. We may have to be satisfied with their word: Representatives from the Federal Communications Commission say it has no plans to regulate IM technology.

Who's watching your whereabouts?

IM security issues take a new twist on wireless mobile devices, conference attendees agree. Because cell phones can approximate where you are geographically, that information and access become valuable to advertisers eager to send location-based messages of their own. They may send an IM to lure you, for example, to a nearby Starbucks by including a digital coupon for 50 cents off a latte.

Privacy advocates are concerned that IM users will forfeit privacy to a network that keeps tabs on their travels. The technology could be of interest to an overzealous boss, spouse, or parent. It's only a matter of time before instant messaging becomes evidence in a legal case, Foner says.

It's already impossible to prevent surveillance systems, like the government's DCS1000 (formerly Carnivore) from recording online chats, Templeton says. But encrypting chat messages is a good first step toward hampering prying eyes, he suggests.

IM services are becoming popular in regions of the world where repressive governments regularly spy on Internet communication, Foner notes. In such cases, it's dangerous to use a chat network that funnels messages through a central server, as most do. Foner advocates decentralized peer-to-peer instant messaging systems, like one he has developed, called Yenta.

Choose your chat buddy carefully

As popular IM networks add voice chat, video, and file transfer functions, users become more vulnerable to abuse such as unsolicited voice messages or hacker attacks, Templeton says. For example, Microsoft recently warned MSN Messenger users that a strain of the W32 virus was being distributed using the chat client's file transfer feature.

Other conference participants voiced concerns about IM user authentication and the tracking of real-time desktop activity by corporate versions of IM clients.

"Nobody wants their boss tracking everything they do on their computer," says Alex Diamandis, vice president of sales and marketing at the instant messaging firm Odigo.

Some firms, like 2Way, focus on security and routinely log all instant messages for employers. Company representatives at the conference say 2Way links only to other 2Way systems inside company walls. Some employers consider IM a nuisance at work, while others worry about opening their networks to potential security holes, say 2Way representatives.

IM vendors, recognizing the need to stop chat spam, are devising ways to block nuisance messages. For example, AOL limits the amount of text you can send through your chat client within a given time period. The restriction is intended to thwart people from broadcasting instant messages to thousands of people. MSN Messenger requires you to first request a dialog in order to initiate a chat session, so that the person at the other end can decline the virtual confab. Privacy advocates approve of those features, but note that for the user they're also a first step toward surrendering control of one's own chatting.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tom Spring

PC World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?