Instant Messenger Comparison: Gtalk, Skype, Windows Live Messenger, Yahoo Messenger, privacy, security, encryption
wanghx
Thunderbird supports s/mime and there is an OpenPGP addon.
Firefox has an gmail s/mime addon. Both have S/MIME key manager add-on
which can generate and manage PKI keys for S/MIME secure email.
Instant Messenger Comparison: Gtalk, Skype, Windows Live Messenger,
Yahoo Messenger
http://groups.google.com/group/lihlii/browse_thread/thread/ffd62152fc480231/783c40ba0ef07bec
Gtalk is quite good. http://www.google.com/talk
It's an IM (instant messenger) like Windows Live Messenger (WLM, MSN
Messenger).
1. Email integration:
Gtalk: Notification and one click open for Gmail. With email
notification of Google Calendar, can be used as calendar event
notification tool. Voice mail to Gmail [1].
WLM: Notification and one click open for Hotmail.
YM: Notification and one click open for Yahoo mail.
Skype: None.
2. Text chat:
Gtalk:
Gtalk Desktop: With Gtalk desktop, Gtalk web gadget, Gmail chat. Maybe
also possible with other Jabber/XMPP compatible chat network. Gmail
Chat: With Gtalk desktop, Gtalk web gadget, AIM. Group chat only
supported [13] in Gtalk web gadget http://www.google.com/talk/. Web
chat: [6][7][8].
WLM: With WLM and Yahoo Messenger (YM). Group chat. Web chat:
http://*web*messenger.*msn*.com/ and others [7][8][10].
YM: With YM and WLM. Group chat. Web chat:
*http://web*messenger.*yahoo*.com/ and others [7].
Skype: Only with Skype. Group chat, public chat. No web chat.
3. Audio chat:
Gtalk desktop: One to one audio chat. No audio conference with more than
2 people.
WLM: One to one audio chat. No audio conference with more than 2 people.
Skype: Audio conference with multiple users. Public audio conference
supported, named Skypecast. Gratis voice call to gratis (free) phone
numbers in USA.
YM: Audio conference with multiple users.
4. Video chat:
Gtalk: No.
WLM: Video conference with multiple users.
Skype: One to one video chat. No video conference with more than 2 people.
YM: Video conference with multiple users.
5. Message history:
Gtalk:
Stored in gmail chat folder automatically. Can search chat message
history easily in gmail. no local message saving, good for
multiple/shared computer roaming/traveling users.
Can disable message history recording by selecting (go off the record).
When you disable message history recording, the person that you're
talking with will disable message history recording automatically. This
is suitable for privacy protection. Deleting message history is same as
deleting email in Gmail.
WLM:
Stored locally in XML format. Can be viewed in web browser. Disable
message history only works for all chats. Can be searched with Google
Desktop or similar desktop search engine, or search text in the message
history storage folder: My Documents\My Received Files\<username><some
digits>. Chat message history with specific contact person can be
deleted easily. Can be edited to remove part of the message history with
text editor.
YM:
Stored locally. Can be viewed in YM. Disable message history only works
for all chats.
Skype:
Stored locally in binary format in the application data folder:
Skype\<username>\*.dbb. Can be exported into HTML with /htmlhistory
command [14]. Disable message history only works for all chats. Chat
message history with specific contact person can't be deleted or
modified easily [19].
Message history browser third party softwares [15][16]. The data format
is not published, but there are limited information about it [20].
Can edit/delete chat messages that were already sent in current chat
session. The other people in the chat session will see updated message
in their chat window and also in their message history log, but the old
message text can still be found in the binary message *.dbb database files.
Skype keeps event history of all text/audio/video/file transfer.
6. Encryption:
Gtalk: Communication is encrypted. Login username, password, the contact
persons who you're talking with are all protected by encryption of SSL
connection. But note, all the information is clear text on the google
servers. So the people who have access to the google servers can still
spy on your data. File transfer is encrypted. Audio chat maybe not
encrypted. With Simplite for Gtalk/Jabber, end to end text chat
encryption is supported thus even the google servers won't be able to
capture the clear text message data [5].
Skype: Text messages/audio/video/file transfer data are not sent through
skype servers, but encrypted and sent directly to the person that you're
talking with if either of you have open incoming network port; or
encrypted and relayed through other skype users who have open incoming
network port. Nobody will have the clear text of the message except the
persons that you're talking with. The username, password and the user
names who you're talking with are also encrypted.
WLM & YM: All messages are in clear text and can be monitored [9].
Simplite [3] can be used to encrypt the message text, the names of all
the chat participants will still be in clear text. File transfer and
local message history is not encrypted with Simplite freeware version.
[1] gtalk + gmail voicemail 语音邮件功能
http://groups.google.com/group/lihlii/browse_thread/thread/3639a28b10237e46
[2] skype gtalk 离线消息差别
http://groups.google.com/group/lihlii/browse_thread/thread/5b120caf62566b3b
[3] MSN Messenger encryption and security software
http://www.secway.fr/us/products/*simplite*_msn/home.php
[4] 推荐msn加密软件
http://groups.google.com/group/salon-friends/browse_thread/thread/1d8de5bb06f8d9e6
http://www.donews.com/Content/200608/cc4a266199dc49089bed9aea1838f752.shtm
以前simpLite-MSN需要双方都安装才能加密
这个只要一个人安装就行了,适用于国内朋友安装
看了一下介绍,其实就是提供了一个 SSL 转接到 MSN 的代理的功能。只有你的这
半边是加密的,对方那边不加密,因此只能防止你这边被网络监听。
另外有一个 microsoft 提供的插件加密方案,类似 msn 中的游戏:
http://www.donews.com/Content/200608/2f7c2298402645d1a9d1949922549e3f.shtm
[5] Google Talk may be able to communicate with Skype in the future
http://groups.google.com/group/lihlii/browse_thread/thread/68376eda98c0bd98
[6] gtalk has a macromedia flash based web client
http://groups.google.com/group/lihlii/msg/da4c97264c3d09a3
[7] Meebo Instant Messenging Anywhere http://www.meebo.com/
AIM, Yahoo, Meebo, Google Talk (Gtalk), MSN (Windows Live Messenger, WLM)
[8] Online Instant Messaging Chat With Multiple Clients Support
http://www.communicationtube.net/
ICQ, MSN, IRC, GTalk
[9] Messenger Detect http://www.formessengers.com/mdetect.htm
Monitor and record all MSN chats, AOL (AIM) chat, Yahoo chat, and ICQ
chat on your Local network automatically and secretly!
[10] MSN2Go is a *free* web-based MSN messenger service
http://www.msn2go.com/
[11] google talk 文字对话是通过加密信道传送的
http://groups.google.com/group/lihlii/browse_thread/thread/179ce7f82e029b86
[12] AOL free services
http://groups.google.com/group/lihlii/browse_thread/thread/1b5b2c2da3fd1781
集成 AIM, calendar, todo,支持check the status of a sent message or
retrieve unopened e-mail from AOL(R) or AIM(R)
[13] gmail支持gtalk群聊了
http://groups.google.com/group/salon-friends/browse_thread/thread/25c87b18e1868b10
[14] skype 会话记录导出
http://groups.google.com/group/lihlii/msg/4e5b9f8e7d91a73c
[15] skype chat message history viewer http://www.osiwanlan.de/skypr/
No need for skype to be running, direct data export from *.dbb files.
[16] SkypeChatExporter: Skype chat message history export tool
http://forum.skype.com/index.php?showtopic=88705
Need to run Skype and login first. Data exported through Skype API.
[17] Miranda IM http://sourceforge.net/projects/miranda/
An opensource smaller, faster, easier instant messenger with support for
multiple protocols including AIM, Jabber, ICQ, IRC, MSN, Yahoo, and more.
[18] Skype user data Corrupted Data Recovery Service, DBB Data Recovery
Services
http://www.corrupteddatarecovery.com/Repair/Skype-user-data-File-Repair-DBB-Data-Conversion.asp
[19] Can I delete the Chat history for just one of my Contacts?
http://support.skype.com/index.php?_a=knowledgebase&_j=questiondetails&_i=311
[20] Skype Log File Analysis
http://www.computerforensicsworld.com/modules.php?name=Forums&file=viewtopic&t=193
http://dl.free.fr/getfile.pl?file=/Hps09KVK/SkypeLogFileAnalysis.pdf
http://groups.google.com/group/salon-friends/msg/19c42ed5eb481ca5
我认为 google 肯定早就开始和中共合作了,肯定会监控 gmail 并按照中共的要
求植入
间谍代码。所以许多民运人士的 gmail 相继被盗用,闯入 gmail 如入无人之境,
随意看信,发信,篡改密码。这有几种可能:
1. 这些人的计算机本身被特务装了木马
2. google 内部有中共特务
3. google 管理层暗中和中共合作,和 yahoo, microsoft, cisco, nortel 一
样。没有任何理由 google 会是一个例外。
因此,中共没有必要封锁 gmail, google, gtalk,就和对待 skype
一样,命令加入间谍代码,大部分中国人被控制住,就够了。少数的人,很好对
付,总有办法的。
http://groups.google.com/group/lihlii/browse_thread/thread/179ce7f82e029b86
google talk 文字对话是通过加密信道传送的
用 smartsniff 1.36 [1] 监视网络数据。看是否能看到原文。
我检查了一下,其中找不到对话内容。
因为中文可能由于双字节编码错位,Unicode, UTF-8 编码等复杂问题难查,
所以我用英文试验。而且也没有找到用户名。
说明 gtalk 对于网络上到服务器之间的通信是加密的。而且谁和谁对话也是保密的。
但是 google 的服务器可以看到所有信息。
原理上,skype 可以实现更安全的从用户端到另一个用户端的加密。
但是存在影子登录 (ghost login) 的安全问题,就是同时可以从不同机器上登录
同一个 skype 账号而相互不知道对方在线,两处同时都能看到对话内容。
[1] http://www.nirsoft.net/utils/smsniff.html
gtalk也可以多个client, 你开多个IE上gmail就可以了。每个client都会收到消息。
那这样也是一个漏洞。至少应该让人知道有多个登录,其他的地址是来自哪里,才对。
http://groups.google.com/group/lihlii/browse_thread/thread/5b120caf62566b3b
skype gtalk 离线消息差别
现在 im 成了最主要的通信联系了 很多人都懒得用 email
gtalk, msn, yahoo 则可以发送离线消息。
skype 的缺点是,要双方同时在线,才会传送信息。
skype 的离线消息是要双方都在线的时候才会传送。因为服务器并不缓存离线消息。
因为消息压根不是通过服务器中继的。这是设计原理不同。
google talk - gtalk server 的通信是加密的(XMPP 支持 SASL 安全认证, TLS
加密)。gmail webmail 的 chat message 和 gtalk 互通,如果通过 https 访问
gmail,web browser - gmail server 间通信也是加密的。gmail server - gtalk
server 间通信不知安全度如何。
gtalk message 在 gtalk server 上,以及 gtalk server - XMPP server 之间,
都是明文,不加密。这对于普通的应用,并不是大问题。simplite 有支持 gtalk
(Jabber / XMPP) 的版本,以实现完全的端到端全程加密。但是我试用没有成功。
http://en.wikipedia.org/wiki/Gtalk
Future releases
Google reports that they are working on adding new features such as
supporting SIP in a future release, which would broaden the userbase for
the program.[19]
Additionally as part of Google's and eBay's Multi-Year Agreement on
August 28, 2006, it was announced that the companies will look into
making Google Talk users able to communicate with Skype: "The companies
will also explore interoperability between Skype and Google Talk via
open standards to enable text chat and online presence.".[20]
http://groups.google.com/group/lihlii/browse_thread/thread/68376eda98c0bd98
http://www.google.com/talk gtalk has a macromedia flash based web
client, supporting group chat. skype still doesn't have official web
client, which is a big limitation. Seems the web flash client of gtalk
only supports text chat, but not voice chat. It launches gtalk desktop
client to handle the voice chat. But a web client is good for roaming
users, such as in hotels. Gtalk functions are limited (no group chat, no
video chat, no audio conference) compared to other popular im software.
but its interface is neat, and supports free voicemail to gmail.
http://groups.google.com/group/lihlii/browse_thread/thread/3639a28b10237e46
gtalk + gmail voicemail 语音邮件功能
在 gmail webmail [1], gtalk 桌面软件[3]和 Web 界面[2] 都可以给别人发文字
消息聊天。
用 gtalk 软件发给你的消息,你在 gmail web 界面也能看到。而且所有对话记录
默认都保存在你的 gmail 信箱 chat (聊天记录)目录里面
用 gtalk 软件,可以多人文字对话,暂停聊天记录存档。还可以进行语音谈话,
并可以很容易地发语音邮件。每次最长可以10分钟,自动录制成约 1.8MB mp3 格
式音频文件,自动从 gtalk 发送到对方的 gmail 信箱。大约 3KB/s。
skype 也支持语音信箱功能,但是要购买 skype credit 才能使用。gtalk +
gmail 的语音信箱是免费的。
gtalk 可以在 [4] 直接下载安装。安装后用 gmail 信箱的用户名和密码登录。
gtalk 还会在 gmail 新收到的邮件时提醒你,类似 msn messenger 对 hotmail
邮件的收信提醒。
语音邮件的使用方法:
1. 点击 Add (添加),填入对方 gmail 地址,然后点击继续。
2. 成功添加 gmail/gtalk 联系人后,点击该联系人名字:
3. 对方不在线,可以点击 Send Voicemail (发送语音邮件)按钮,然后就听到类
似电话留言机的语音提示,听到 "meep" 一声之后开始留言。留言完毕按 End
Call 按钮挂机。对方在线时也能发送语音邮件。
4. 对方会在 gmail 信箱收到一封邮件,带一个 mp3 附件,可以在 gmail
webmail 界面直接播放,非常方便。
[1] Gmail https://mail.google.com
[2] Google Talk web gadget http://talkgadget.google.com/talkgadget/popout
[3] Google Talk http://www.google.com/talk
[4] Google Talk download:
http://dl.google.com/googletalk/googletalk-setup.exe
http://groups.google.com/group/salon-friends/browse_thread/thread/da8d41c68753d6b2
网络通信安全软件
http://www.google.com/search?q=%E5%81%87%E5%8F%A4%E6%96%87
有个“假古文”网页脚本,可以竖排文字,可以防止过滤。:)
中华佛典这个网站,软件下载里有一个叫textpro的软件.
How to read S/MIME encrypted/signed email with Microsoft Outlook Express
http://groups.google.com/group/salon-friends/msg/da6d13632bd59bde
How to write S/MIME encrypted/signed email with Microsoft Outlook Express
http://groups.google.com/group/salon-friends/browse_thread/thread/9c09c5f1a7ce93ae/3e4b758f62c20058
常用软件
http://groups.google.com/group/salon-friends/browse_thread/thread/e4152623c6a99767/2a907345452c6025
Configure certificate for email accounts in microsoft outlook express
http://groups.google.com/group/salon-friends/msg/de4e2a5850ba4f2c
Create certificate with keyman
http://groups.google.com/group/salon-friends/msg/a20b81aaf547115b
S/MIME 安全邮件的用法可能对普通人太复杂,内容得到很好的保护,但是有缺
陷,邮件标题,收信人发信人,发信 IP 地址,都会暴露。
如果写的信带从本机加入的内嵌图片,那么本机 DNS 名也会暴露
用 gmail 发信如果从申请账户到每次使用,都用加密代理,则比较安全。
gmail 也对邮件头标作签名,可以验证真伪,这样有利于鉴别电子邮件头标是否伪
造,使得电子邮件的传递记录可以有证据效力。这样也带来一些限制。不过问题不大。
清心信使就是定制好的 pgp,偶尔使用比 S/MIME 便利些。商业上保密邮件,
S/MIME 更方便快捷,因为和 email 软件集成比较好。
邮件加密后,和 skype 不同,除非接受方专门解密后保存,默认是加密存放,这
样可以避免很多无心泄密问题。被木马盗取信息的可能也少一些。
PGP /GPG 设计得不错。而且其朋友间相互认证的信人传递模型很方便。
推荐几个信息安全相关软件:
1. simplite MSN messenger 消息安全传送:
http://www.secway.fr/us/products/simplite_msn/home.php
还有支持 Yahoo, ICQ, Gtalk 的版本。
SimpLite for MSN
SimpLite for Yahoo!
SimpLite for ICQ/AIM
SimpLite for Jabber/Google
2. skype: 网络电话 www.skype.com 安全性中等,其加密传送协议有报道已经被
破解,但是未证实。不要用 tom.com 的版本,有过滤间谍软件。
3. pgp, pgpi, gpg: 文件,信件加密和数字签名软件:
http://www.pgpi.org/products/pgp/versions/freeware/
http://www.gnupg.org/
gpg4win http://www.gpg4win.org/
http://www.pgp.com/
http://www.openpgp.org/
http://dir.yahoo.com/Computers_and_Internet/Security_and_Encryption/PGP___Pretty_Good_Privacy/
http://www.google.com/search?q=pgp
4. outlook express, outlook, thunderbird 内建支持安全邮件:加密和数字签
名。创建自己的数字证书可以用 IBM 提供的 keyman:
http://www.alphaworks.ibm.com/tech/keyman
6. Truecrypt 硬盘文件加密,开放源码软件,免费,功能不错,易用,并有相当
高的安全特性:http://www.truecrypt.org/
7. sneakemail.com 防止网络公开 email 地址造成隐私权侵犯,垃圾邮件,并可
以匿名发送信件。
8. tor: http://tor.eff.org/ 多层加密代理匿名网络访问和提供服务的软件。
9. 加密代理突破网络封锁,自由门,动网通 等。
10. 信息隐藏工具。可以把信息隐藏在图片,媒体文件等载体中传送。
11. 文件压缩工具:http://www.7-zip.org/ 开放源码,免费,支持拆分大文件,
AES-256 加密。
12. OpenVPN 加密虚拟专用网,开放源码,免费:http://openvpn.net/,http:
//openvpn.se/
Google员工到底看不看Gmail内容及Gtalk记录?
http://www.peacehall.com/news/gb/finance/2007/12/200712121406.shtml
从Google的回答里,我们至少可以知道:
1.没错,Google员工的确会阅读你的邮件内容,在"有需要"的时候。
2.Google可以不记录你的Gtalk聊天内容,只要你进行了相关设置。尽管如此,
gtalk 谈话内容对于 google 的服务器,是不加密可以查阅的。
FireFox爆漏洞 可偷窃Google帐户
http://www.peacehall.com/news/gb/finance/2007/11/200711161224.shtml
Msn信息在局域网很容易被监控
http://lihlii.spaces.msn.com/Blog/cns!9D3248C29A3C4C4C!4722.entry
msn yahoo icq aim gtalk jabber messenger encryption RSA
http://lihlii.spaces.msn.com/Blog/cns!9D3248C29A3C4C4C!4708.entry
simplite msn messenger 加密 安全问题
http://lihlii.spaces.msn.com/Blog/cns!9D3248C29A3C4C4C!4726.entry
清心加密信使 0.4 测试版
http://lihlii.spaces.msn.com/Blog/cns!9D3248C29A3C4C4C!4658.entry