How big of a security threat is AOL Instant Messenger?

[Sims2789]

I've been using a laptop for a while (long story) and I would like to use AOL Instant Messenger (AIM). But the possessor of the laptop says that I can't, since AIM pierces firewalls, making it easy for any hacker to hack the computer which AIM is on. Is this true? How big of a security threat is AIM, and instant messaging programs in general?

 

[SeleucusNicator]

I have never heard of anyone hacking a computer via AIM. The protocol just isn't set up in a way that would let that happen, if I understand correctly.

The security threat is two-fold: first, because AIM can transfer files and links, you could theoretically get a virus or trojan horse from AIM if you download a file through it. Second, AIM just instituted a new Terms of Service Agreement whereby AOL has full rights to do anything and everything they wish with the information you send over AIM. This is seen by some as an infringement on personal security and privacy.

For instance, if you planned an assasination attempt over AIM, AOL has full rights to send that to the FBI; or if you are discussing a business plan over AIM, AOL has full rights to rip it off for their own use with no compensation for you.

 

[Sims2789]

If I were to only send text, not files from my computer, across AIM, would that breach the firewall?

 

[Alvaro da Luna]

Text is still information that needs to be transferred in packets just like any other kind of information. So I guess it would need to breach the firewall to pass through. Doesn't it?

 

[blindside]

I heard there are viruses and hacks in AIM but as long as you mainly chat with friends/family, I would imagine it should be fine.

 

[aneeshm]

Just informing you , but anything and everything you send over AOL becomes their property . So beware .

 

[Paalikles]

For instant messaging in general I propose you consider these:

1) If a friend sends you a file - ask what it is before you choose to receive it. You dont have to receive it if it seems questionable.
-your friends and family may become infected - and some infections do spread through IM clients. An example is the MSN threats at the moment - read more on an antivirus site.

2) Always run a virus scan on received files. You never know
-ought to prevent most cases of virus infections. Keep your AV client updated at all times

3) Never click on links that people you do not know/arent in your contact list send you!
-some websites have scripts that makes your browser silently download spyware. Or they place tracking cookies on your computer, etc.

4) Remember that many IM clients have a logging feature enabled:
a) do not give away personal info
b) dont say anything to anyone that can be used against you at a later stage.
-both of these should be fairly obvious.

 

[Chairman Meow]

3) Never click on links that people you do not know/arent in your contact list send you!
-some websites have scripts that makes your browser silently download spyware. Or they place tracking cookies on your computer, etc.

.

I would go even farther with that: beware of links that are in the profiles of the people on your contact list... My sister once put a link on her AIM profile that I followed, and it attempted to place a virus on my computer. Luckily for me, I was running FreeBSD at the time, and it had no idea what to do with a .exe file... A lot of those sites that have junk to be put into AIM profiles infect computers with malware, so the best advice would be to avoid them.

 

[Quasar1011]

Meow, that would include the "bots" in chat rooms. They are notorious for having such links in their profiles. If a "bot" IMs you, block the IM.

 

[LLXerxes]

I suggest Trillian. It has a logging feature and IMHO better security.
Also, if you download ICQ (made by AIM) you can also communicate with AIM users, as well as ICQ users. The reason I like ICQ is it has spam control, so I think anybody who has a strange repuation, or has been reported for spam, will be blocked and you get a notification.
But, get Trillian.

 

[Desmond Hawkins]

AOL sounds rather sinister to me, after reading SN's first post.

 

[Chairman Meow]

AOL sounds rather sinister to me, after reading SN's first post.

Here's the exact quote from the AOL Terms of Service:

Although you or the owner of the Content retain ownership of all right, title and interest in Content that you post to any AIM Product, AOL owns all right, title and interest in any compilation, collective work or other derivative work created by AOL using or incorporating this Content. In addition, by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy. You waive any right to inspect or approve uses of the Content or to be compensated for any such uses.

 

[MarineCorps]

AOL sounds rather sinister to me, after reading SN's first post.

AOL is the devil!

 

[ummmm........]

For instance, if you planned an assasination attempt over AIM, AOL has full rights to send that to the FBI

Just to be completely clear, anyone would have that right, no matter how they got the information. And it's a good thing, too.

 

[Silverflame]

Just downloading AIM itself can install spyware and viruses onto your computer. Killed like three of my computers, had to reinstall the harddrive every time. Yet my sister still persists in using AIM, because all her friends use it and it's too hard to give up. Almost no one believes me, anyway.

 

[LLXerxes]

Just downloading AIM itself can install spyware and viruses onto your computer. Killed like three of my computers, had to reinstall the harddrive every time. Yet my sister still persists in using AIM, because all her friends use it and it's too hard to give up. Almost no one believes me, anyway.

Don't install WildTangent Software. Impossible to get rid of.

 

[LLXerxes]

I have never heard of anyone hacking a computer via AIM. The protocol just isn't set up in a way that would let that happen, if I understand correctly.

The security threat is two-fold: first, because AIM can transfer files and links, you could theoretically get a virus or trojan horse from AIM if you download a file through it. Second, AIM just instituted a new Terms of Service Agreement whereby AOL has full rights to do anything and everything they wish with the information you send over AIM. This is seen by some as an infringement on personal security and privacy.

For instance, if you planned an assasination attempt over AIM, AOL has full rights to send that to the FBI; or if you are discussing a business plan over AIM, AOL has full rights to rip it off for their own use with no compensation for you.

Yep. They are evil, worst ISP ever, but everybody uses it...
Get MSN or Yahoo! Even better GET TRILLIAN AND HAVE THEM ALL, HAHAHAAHA

 

[Zakharov]

As far as I'm concerned, AOL is legal malware. I wouldn't let it anywhere near my pc.

 

[Jeratain]

The new TOS (terms of service) for AIM say that you have no right to privacy and that they can use any of the content you send to anyone for whatever purpose they want. It specifically tells you that you waive all rights to privacy pretty much.

What you want is to use GAIM with IM encryption.

 

[Chairman Meow]

The new TOS (terms of service) for AIM say that you have no right to privacy and that they can use any of the content you send to anyone for whatever purpose they want. It specifically tells you that you waive all rights to privacy pretty much.

What you want is to use GAIM with IM encryption.

That's a good idea (in fact it's what I have), but the problem is convincing other people to use it. It's not much use if nobody else can decrypt my messages, which ends up meaning that I don't use the encryption anyway.