Secure Communications
Secure Devices
Secure Online Activities
Free Email Services
Instant Messaging
Legal Issues
PBX Security
Instant Messaging

Instant messaging is a wildly popular method for communicating over the Internet, particularly among young people. Instant messaging (IM) is a real-time supplement to and, in some regards, a replacement for e-mailing.
Unlike e-mail, instant messaging allows users to see whether a chosen friend is connected to the Internet.

Typically, the instant messaging service will alert a user if somebody on the user's list of correspondents is on-line. Instant messaging also differs from e-mail in that messages are exchanged directly almost instantly, allowing for a two-way communication in real-time.

In the same way that texting became popular with the mobile phone; Instant Messaging is the Real Time Communications equivalent on the Internet. A huge upsurge in IM usage has brought a certain amount of trepidation on how to secure or control its usage.

How do you recognise it?

Instant Messaging requires that an Instant Messaging ‘client’ is installed on your computer. This is similar to your email program, and there are many different varieties. Some of the more popular IM programs are MSN Messenger, Yahoo Messenger, GoogleTalk and Skype.

How does it work?

Instant messaging networks consist of clients and servers. A user installs a client that connects to a server operated by the instant messaging network vendor, such as Yahoo Messenger, MSN Messenger, GoogleTalk or Skype. (It should be noted that because they use different protocols, the different instant messaging services are not interoperable. Therefore, MSN users can only communicate with other MSN users, Google Talk users with other Google Talk users etc. and not with users of other instant messaging services.) All users that sign up for instant messaging are given a unique identifier, which is usually a name or a ‘handle’. The user then gives out the unique identifier to people that he or she wants to communicate with via the instant messaging network.

The user starts an instant messaging session by authenticating to the server. When two authenticated users want to communicate, the following sequence occurs.

User A instructs the instant messaging client to send a text-message to User B. The client creates a packet containing the message and sends it to the server.
The server looks at the packet and determines that the recipient is User B. The server then creates a new packet with the message from User A and sends it to User B in realtime.

Top Tips

• Do not transmit confidential information such as passwords or credit card information over an instant messaging session, communication between users is not encrypted.
• Do not accept files from unknown users over an instant message session as the file may contain malicious content.
• Do not click on links received from unknown users over an instant message session as the links may take you to a malicious website.