Home › Forums › Archives › Instant Messaging › AIM Support › Free AIM Encryption for 5.2+
- This topic has 17 replies, 11 voices, and was last updated 19 years, 12 months ago by sylikc.
-
AuthorPosts
-
July 10, 2003 at 7:31 am #6641WabbyTwaxMember
You can receive a free security certificate if you are using AIM 5.2 or later. This has been tested and approved by myself. Read my FAQ at the following URL
http://www.originalicons.com?oi=cooltrickshow.php?trick=45Enjoy!
July 10, 2003 at 4:46 pm #60120CharlesMemberyo thanx……it sounds useful and ive already installed it…..now i just have to get my buddies to get it too…….bcuz..to be honest……i havent seen ne1 with the lock icon…but i knew through the aim website that it was available….i went to check out prices, and shiz…..not good….(or worth it)…….thanx 4 the free alternative…..
July 31, 2003 at 8:50 am #60129NARHDDMemberI would hold your horses about the AIMencrypt certificate as it is not a _legit_ certificate and many buddies of mine have complained about problems such as being warned by ‘user’ when they aren’t talking to anyone. Aimencrypt.com did not actually get their certificate legit, and therefore god knows whats in them.
August 6, 2003 at 10:30 pm #60126EvanMemberQuote:quote:Originally posted by Shizna69yo thanx……it sounds useful and ive already installed it…..now i just have to get my buddies to get it too…….bcuz..to be honest……i havent seen ne1 with the lock icon…but i knew through the aim website that it was available….i went to check out prices, and shiz…..not good….(or worth it)…….thanx 4 the free alternative…..
ye i have no one with the lock next to there name 😮
August 7, 2003 at 7:21 pm #60128BrdMc3Memberwhat exactly is this thing???
August 7, 2003 at 8:24 pm #60124Someguy03MemberAim encryption? AIM is known to not have the best security, or any for that matter. If someone on your network is using a “packet sniffer” or other type of traffic analyzing tool they can see your AIM conversations and read them word for word. AIM Security using SSL Certificates makes your conversation appear much like trash to anyone analyzing what you type much like “Sw43jg73js7HSkg8Skeq3k65” instead of “Hello Friend”. This certificate encodes the message so only the sender and the receiver can read the message. But still please use common sense and don’t send credit card numbers, etc. over IM, this should only make you about “this” much safer on the internet, and make you feel cool having a padlock next to your name.
August 7, 2003 at 10:12 pm #60127BrdMc3Memberthere are programs out there where you can read conversations…weird never heard what any or called or ever heard about them
August 15, 2003 at 6:33 pm #60133paulbearerMemberHello folks,
The current release of AIM supports certificate-based encryption that you can use to digitally sign and encrypt messages. The recipient also needs to enable this feature for it to work on both ends. It’s good if you are concerned with people eavesdropping on your IM conversations.
Here’s how you enable the encryption feature:
1) Ensure you have the latest version of AIM from http://www.aol.com/aim – mine is 5.2.3292
2) Go to VeriSign and get a certificate: http://www.verisign.com/client/enrollment/index.html
(you can get a 1-year cert for $14.95 or a free 60-day trial one)
It is titled something like Certificate for Secure Email, but it works on AIM also.3) Follow the email you receive from VeriSign to pick up your digital certificate and install it in your browser.
4) Export your certificate from your web browser to a file. If you are using MSIE on Windows, just click on Tools menu and select Internet Options. From there, click on the Content tab and click the Certificates button. You should see your certificate there. Highlight your certificate and click the Export button.
5) A certificate export wizard will appear and take you through the export steps. You can almost accept all the default settings, except one. There will be a checkbox that you need to check which states “Include all certificates in the certification path” or something like that. Make sure that box is checked.
6) When saving the certificate to a file, you need to enter a password to encrypt the file. Make sure you enter one. For IE, this password is optional, but to import the certificate to AIM, it is required.
7) Once the file is saved as a .pfx file on your drive, you can import it in AIM.
8) Log into AIM and open the preferences dialog by pressing F3 from your buddy list window. Scroll down the left-hand side to security option.
9) Click the Advanced button, then the Import button.
10) You will be prompted to select the certificate to import. The default file select dialog is set to find .p12 file extensions. Since your certificate is a .pfx file, you will need to change the filetype selection in the dialog by using the drop down box to allow you to select a .pfx file.
11) You will also be prompted for two sets of passwords. One is the new password that AIM will use to encrypt your AIM certificate database. This is a passowrd you get to decide upon. I just use my screen name password. The other is the password that you used when you exported your certificate from AIM.
12) Once you have supplied both sets of passowords you should be good to go. Just keep selecting OK and close all the dialogs. AIM might show your signing and encryption certificate as some weird numbers, but that’s OK.
13) Now test….add yourself to your own buddy list and try sending yourself an AIM.
You should also see a padlock next to your name in your buddy list, along with a padlock next to any of your friends running in secure mode.14) AIM automatically uses secure mode if both parties support it. It will step down to normal mode if the other party does not support it.
Good luck!
August 15, 2003 at 6:41 pm #60132paulbearerMemberSorry – I messed up on step 5. You need to do one more thing in addition to checking the check-box. You must also select “YES, Export the private key”.
Sorry for the omission!
August 15, 2003 at 6:50 pm #60123Someguy03MemberHave you read the first post in this topic. Its about free aim encryption, http://www.aimencrypt.com
Im pretty sure most people would rather get it free anyway. It doesnt need to be digitally signed by a company to work as it already does.August 15, 2003 at 6:57 pm #60131paulbearerMemberAny certificate can be used – it doesn’t have to be from anyone in particular. One benefit of the VeriSign certificate is that the AOL client already trusts the VeriSign CA.
For the end-user, they will no longer get the warning to “manually trust” the certificate used in the conversation.
But you are correct, any certificate can be used.
August 15, 2003 at 7:03 pm #60130paulbearerMemberI was looking at the aimencrypt URL posted here. The problem with AIMEncrypt is that the same certificate and private key is being used by anyone. Hence, if you are using the AIMEncrypt certificate, you really have no security.
Anyone with a packet sniffer can capture the encrypted packets and decrypt the message, since they have access to the private key used to encrypt the message.
With a CA like VeriSign or Thawte, you generate the key pair on your computer, and the CA issues a certificate.
I would recommend anyone using the AIMEncrypt certificate consider the implications here.
August 15, 2003 at 7:19 pm #60121KPK102MemberQuestion, can you get rid of that icon?
August 15, 2003 at 7:21 pm #60122Someguy03MemberDo You mean the lock next to your screen name? And no i dont think you can if thats what your asking.
August 20, 2003 at 1:35 am #60119fuzzface00MemberFYI – Thawte (http://www.thawte.com/) will provide a free certificate to you that should be recognized by all MS-based tools. See the website and click on “get your FREE personal email certificate”
If you feel like testing it, IM me at “fuzzface000”
-
AuthorPosts
- You must be logged in to reply to this topic.