Yahoo, MSN encrypt 'community' traffic

Before Microsoft and Yahoo finally made their respective instant messaging (IM) platforms compatible, they took numerous steps to improve the overall level of security for the combined 350 million user community.The security threat from IM applications has increased dramatically over the past few years, with one company reporting that attacks had increased by 1,500 percent in 2005.

Before Microsoft and Yahoo finally made their respective instant messaging (IM) platforms compatible, they took numerous steps to improve the overall level of security for the combined 350 million user community.

The security threat from IM applications has increased dramatically over the past few years, with one company reporting that attacks had increased by 1,500 percent in 2005. Earlier this year, research group Gartner advised its clients to tighten up their messaging policies as cybercriminals started focussing their attention on this fast growing base of potential targets.

Terrell Karlsten, a spokesperson for Yahoo, told ZDNet Australia that the company had worked closely with Microsoft to develop a number of protective measures in order to improve security. One important step was to use SSL encryption on all traffic passing between the two companies' communities.

"We are encrypting all traffic that is sent across the [Yahoo and Microsoft] communities -- using SSL. On the other end we decrypt it and send the message to our users," said Karlsten.

Encrypting the traffic will ensure that the "path of delivery" is protected and messages sent between the networks cannot be intercepted by third parties, she said.

Yahoo is also expanding its use of SpamGuard, which is a filtering software that is already protecting users of the company's Web-based e-mail services, to scan instant messages.

"We have a SpamGuard filter in place, which is something that is very effective in Yahoo Mail and we are leveraging it in Yahoo messenger," said Karlsten.

Web bots can be used to send vast quantities of spam to IM users. They can even be programmed try and engage random users into a simple conversation that attempts to lure that person to a malicious Web site or to download a dangerous file.

"Bots are notorious for sending spam -- there are particular sending patters and habits that are associated with bots. We are able to detect those, confirm it is a bot and then we can shut that down.

"We also have a mechanism in place so no user ID can send more than three messages per second -- that helps thwart spammers efforts because bots are automated -- they try to blast out messages," said Karlsten.

IM security is a "top priority" for both Yahoo and Microsoft, added Karlsten: "As you can imagine, providing a safe experience is a top priority for both companies. We are doing everything in our power to make sure our combined global community will have a safe experience."

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All