IM security

i'd like to open this topic for IM security.
till now, i experienced some combo of IM security and would like to talk them here. try to find a stupid, simple, effective one.

from old days, some one told me that msn employed simple encode with message and i moved to msn+simplite for msn for security.
but, simplite hooks all socks and it's hard for newbie to config it.
even it has good RSA+AES protection level.

then i move to skype, you guys know, it has good built-in heavy encryption.
but from wiki, some investigator said the company could decode it.
and skype is not good at text chatting, it's for voice.

these days, i found aim can encrypt the msg by a simple cert.
pgp desktop also provides pulgin for aim.
but i never move to it since all my friends are on msn/skype.

btw. forget about qq, the company keeps 2~3yr of data in case the cop needs to check them.

what are you guys using for im security?
feel free to drop your idea here.

 

Kinda hard to encrypt IM if your mates insist on using msn and can't be bothered to switch or add a plugin.

 

I have heard that Scatterchat is an option. I have also heard that Pidgin has an addon or something that you can use to chat with encryption end to end.

 

For IM security i only worry about securing my end. I use defensewall to restrict what messenger can do and i also have keyscrambler to encrypt my keystrokes. I don't bother encrypting what i send as i never say anything i would class as important.

 

Same here, I don't use MSN for extremely sensitive/private communication.
I have set-up Sandboxie to force every program in "received files" folder to run sandboxed.
Returnil can do the rest.

 

My colleague in Hacktivismo wrote scatterchat. It works by sending encrypted messages. Another option is using Pidgin and installing the "Off The Record" plugin. That also performs asynchronous encryption.

Personally I use Pidgin + OTR, but the problem is that Pidgin has horrible memory leaks, causing your system to slow down or crash as it eats up all the memory and processor.

 

i tried OTR for miranda IM, but it's not good.
i always have html code in my chatting window.

 

Hello,

OTR plugin with Pidgin is a well known solution for securing IM, but as sometimes with Open Source solution, it is not made by simple.
There is a lot of free solutions (softs and services) available.
I can mention SST, Bitwiseim service (some countries are blacklisted), IMSecure and Simplite for instance.
I've used Simplite 2 years ago when i was in a foreign country, and it provides enough security.

For a paranoiac use, the windows virtual keyboard (osk.exe) is not a bad idea.
I give you by pm a method that makes messages interception "on the fly" impossible ; but off course, with a physical access to the pc (reparer, police investigation) and if you're a moovie star like Eddie Chen or a 14K/Big Circle member, then consider that the game is over .

Regards