|
September 15, 2003
iChat Encryption
In relation to previous post by Rosyna, the encryption for iChat is mentioned among one of the desired features. Weirdly, it appears to be that encryption in the iChat is already implemented, but not available to anybody outside Apple. Check this out:
The first line hints at the location of the encryption module of iChat located in a folder with an interesting name "AppleInternal". The rest hints at the already implemented method to encrypt and decrypt IM messages. Unfortunately I do not know what kind of encryption is used or how it is used, but I can assume that if all Apple employees (or a few key ones) have the Encryption Enabler.bundle on their machines, their AIM conversations are encrypted and secure. That kinda makes sense, as who would want their work-related conversations to be sniffed by some malicious AOL employee? ;) The question is, though, why the encryption module, if it exists, is not a part of standard iChat feature set? Is this an intention, and underlooked decision, or simply some backdoor feature some of the iChat engineers added for themselves? I guess we will never know unless some Apple employees reading this blog wish to comment. ;)   Posted by slava at September 15, 2003 12:01 AMTrackback Pings: TrackBack URL for this entry: Listed below are links to weblogs that reference iChat Encryption: Encryption in iChat from Technovia Tracked on September 18, 2003 1:00 PM Related:
Comments
I wonder how hard it would be for someone else to write an encryption bundle? Perhaps using pgp/gpg or something? Posted by: daveo on September 15, 2003 12:36 AMIt's coming: http://www.macmerc.com/article.php?sid=936 :) Posted by: Jon Gales on September 15, 2003 5:47 AMFire offers the use of GPG for encryption, and does it in a really beautiful, simple way. Plus, it supports all the major chat protocols (AIM, ICQ, Yahoo, MSN, Jabber...), while iChat is still limited to AIM. Just because it's from Apple doesn't mean it's the best solution. cf. iChat vs. Fire, or Camino vs. Safari, Watson vs. Sherlock. Posted by: klktrk on September 15, 2003 7:44 AMApple's internal encryption may also rely on them using their own servers. At my company we use a custom AIM-client that is tied to internal company chat servers, and everything is encrypted end to end. Regardless, it would be a nice feature, particularly with the file transfer aspect. :) Posted by: Joshua on September 15, 2003 8:08 AMI suspect it may have something to do with the contract they signed with AOL to use the network. It may only be for people on the .Mac AIM network as well? Ether-way, I'd agree with the consensus of Encrypted IMs for the rest of us is "A Good Thing." Posted by: CyberZorn on September 15, 2003 9:07 AMOff topic, but: I thought encryption in iChat was a feature in Panther. Perhaps the data you saw was just left in the iChat A/V beta and will appear at a later date as a real feature. Posted by: brian w on September 15, 2003 3:09 PMThe encryption in iChat uses the encryption that is in the latest spec for the AIM protocol. If you find out more about the main AIM chat encryption protocol (Soon to be in the official AIM client) you'll be able to backstep and figure out how to enable it. Posted by: Court Kizer on September 15, 2003 9:34 PMklktrk: fire supports encryption and multiple protocols, but the interface is quite poor compared to ichat. no key commands, horsey design, doesn't really look at all like mac software to me. Posted by: jm3 on February 23, 2004 1:46 PMI'm surprised that there isn't a way to do this as a plugin much like GPGMail. Posted by: Schapht on June 8, 2004 8:41 AMKeep comments on topic. If a comment is unrelated to this post, it may be removed or moderated. |