[Mac_crypto] Re: OT Question: How secure is iChat?
James Moore
mac_crypto@vmeng.com
Sun, 21 Mar 2004 18:36:56 -0800
--Apple-Mail-3-684085323
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
Now that we have X.509 support in Mail, with a little extra glue in
addressbook we'd know who we can communicate securely with. It can't be
horribly hard to add sign/encrypt to iChat with the underlying
facilities already present on our (Panther) systems.
According to http://www.unsanity.org/archives/000250.php
strings
/System/Library/PrivateFrameworks/InstantMessage.framework/
iChatAgent.app/Contents/MacOS/iChatAgent | grep -i encrypt returns:
/AppleInternal/Library/Encryption Enabler.bundle
AIMService: ** ENCRYPTION ENABLED **
Encrypted message.
AIMService: Received *ENCRYPTED* IM from <%@>
AIMService: Sending <%@> an *ENCRYPTED* IM
_encryptIM:to:
_deallocEncryption
_initEncryption
encryptString:
@"FZEncryption"
Maybe its in the works
-James
On Mar 21, 2004, at 6:10 PM, R. A. Hettinga wrote:
>
> --- begin forwarded text
>
>
> From: Joe Block <jpb@apesseekingknowledge.net>
> Subject: Re: OT Question: How secure is iChat?
> Date: Sun, 21 Mar 2004 18:30:00 -0500
> To: Mac OS X Server <macos-x-server@lists.apple.com>
> Sender: macos-x-server-admin@lists.apple.com
> List-Id: for administrators of Mac OS X Server and related
> technologies.
> <macos-x-server.lists.apple.com>
> List-Post: <mailto:macos-x-server@lists.apple.com>
> List-Help: <mailto:macos-x-server-request@lists.apple.com?subject=help>
> List-Subscribe:
> <http://www.lists.apple.com/mailman/listinfo/macos-x-server>,
> <mailto:macos-x-server-request@lists.apple.com?subject=subscribe>
>
> On Mar 19, 2004, at 4:11 PM, John C. Welch wrote:
>
>> On 3/19/04 2:26 PM, "Dan Young" <list_member@directeddecisions.com>
>> wrote:
>>
>>> I was just thinking that I have no idea how secure iChat messages via
>>> Rendezvous and AIM are. Does anyone know what types of security is in
>>> place
>>> to protect the content of messages, audio and video?
>>
>> Absolutely none. It's all plain-text HTML for chat, and there's no
>> encryption on any of the audio or video either.
>>
>> AFAIK, the only way to get security for Chat on OS X is to do
>> everything via
>> VPN, or see if any of the jabber clients have SSL yet on OS X.
>
> Fire will support using gpg to encrypt and/or sign your chat. Last time
> I checked, it only works with other Fire clients, and it only works if
> Fire is using AIM or Jabber - we were never able to get encrypted or
> signed chat to work over Yahoo and MSN .
>
> jpb
> --
> Joe Block <jpb@ApesSeekingKnowledge.net>
>
> "The people involved in the crypto debate are all intelligent,
> honorable and pro-escrow, but they never possess more than two of these
> qualities at once."
> -- Kenneth Neil Cukier (100736.3602@compuserve.com)
> _______________________________________________
> macos-x-server mailing list | macos-x-server@lists.apple.com
> Help/Unsubscribe/Archives:
> http://www.lists.apple.com/mailman/listinfo/macos-x-server
> Do not post admin requests to the list. They will be ignored.
>
> --- end forwarded text
>
>
> --
> -----------------
> R. A. Hettinga <mailto: rah@ibuc.com>
> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
> _______________________________________________
> mac_crypto mailing list
> mac_crypto@vmeng.com
> http://www.vmeng.com/mailman/listinfo/mac_crypto
--Apple-Mail-3-684085323
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Disposition: attachment;
filename=smime.p7s
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGGDCCAtEw
ggI6oAMCAQICAwtl5zANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDMxMjMxMjExNjQ4WhcNMDQxMjMwMjExNjQ4WjBEMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSEwHwYJKoZIhvcNAQkBFhJqYW1Ad2lyZXJpbW1lZC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcK92PQbpySo8ZQL2n9AAH3Pv8nX+y
KeibANiJXItawMbmoCUEnDwUEHhD5Sf38vIhLc+Nksjv3OZjIxbXOejcMlqkhUm+ifxGdzXcRo79
FXmoZBFwxxsOarKZG+28u6PzqQPqSkOIxreRVwKcJ2uA2kWcBc5k9akbvPySDTLlSK7s9MFTsv6P
WwtAEYrUwvzFQbvKDAoUC1ih8UW29MsHMvfon1EoWqkaWnJp0cMtkU7C/uEChlVR1jayNIL6J9Ml
9YTF7RGf//pBVETgQG2JGnKsQK26qySMAmlGbmc+AZgJt3Z3zsSet3u4C1R8d2G+czGxJDSyK832
jJxSWQIbAgMBAAGjLzAtMB0GA1UdEQQWMBSBEmphbUB3aXJlcmltbWVkLmNvbTAMBgNVHRMBAf8E
AjAAMA0GCSqGSIb3DQEBBAUAA4GBACnOZj/NFZR1lJCfnVt3WW2VdeW4TynM2P8y+t1w5OuliePd
UAOSUPA0ntCYgpQ5qLjJJGmFlTlbRZG5oXzKVknYCe7WJYWI9kzMPo+Ndr5HWhq/EszgJ2PeCX0d
9tose9Ia8j/uSoFe8zCwKvRXT46f6GzHedQ1OhfZ4xjRTjEFMIIDPzCCAqigAwIBAgIBDTANBgkq
hkiG9w0BAQUFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UE
BxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlm
aWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAz
MDcxNzAwMDAwMFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0
ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFp
bCBJc3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7TrnKmVoeaMB1
BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/cVbLrzwLB+fx
H5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRAHmQZcmC3+wID
AQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2Ny
bC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0PBAQDAgEGMCkG
A1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG9w0BAQUFAAOB
gQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8/a3hYWLD2ToZ
foSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQGls1TXfjViF4
gtwhGTXeJLHTHUb/XV9lTzGCAucwggLjAgEBMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRo
YXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVl
bWFpbCBJc3N1aW5nIENBAgMLZecwCQYFKw4DAhoFAKCCAVMwGAYJKoZIhvcNAQkDMQsGCSqGSIb3
DQEHATAcBgkqhkiG9w0BCQUxDxcNMDQwMzIyMDIzNjU3WjAjBgkqhkiG9w0BCQQxFgQUOrHDk1DG
nuzs4COEKsBfen11PtsweAYJKwYBBAGCNxAEMWswaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMc
VGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZy
ZWVtYWlsIElzc3VpbmcgQ0ECAwtl5zB6BgsqhkiG9w0BCRACCzFroGkwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMLZecwDQYJKoZIhvcNAQEBBQAEggEAaVNyqujT
R4GhcrFaadtj4vWXtesnO8XkUlA/Ngoo9tqm8Dltc+wlZ7ajuFqIzCbN2rD7LmnTlVNCQgxUz5V8
sB52aZnZrXskJsEJzp8qZYcm3eb7351MU03wJhU8s47xd7NjQVMvACexhhogVfbXlKR3IYjns9QO
5nd8IDb6XioNQTMuW7TUcvSE06LciGfDP0DZ3nyBchRe3KrvK6VjCt7CK7xagxno0SLPHpICyl9k
5CJQamf4AwITxw5WLJL1ICkC//7UiHT4MD3qYt6uDrEc5Rb4evZHnMVvuNe7QVSMUkvrb+3PpBza
FzoD8h8OLZfioT4DYlWuOxVsyD64PgAAAAAAAA==
--Apple-Mail-3-684085323--