Yahoo, MSN encrypt 'community' traffic

Yahoo, MSN encrypt 'community' traffic

Summary: Before Microsoft and Yahoo finally made their respective instant messaging (IM) platforms compatible, they took numerous steps to improve the overall level of security for the combined 350 million user community.The security threat from IM applications has increased dramatically over the past few years, with one company reporting that attacks had increased by 1,500 percent in 2005.

SHARE:
TOPICS: Microsoft
0

Before Microsoft and Yahoo finally made their respective instant messaging (IM) platforms compatible, they took numerous steps to improve the overall level of security for the combined 350 million user community.

The security threat from IM applications has increased dramatically over the past few years, with one company reporting that attacks had increased by 1,500 percent in 2005. Earlier this year, research group Gartner advised its clients to tighten up their messaging policies as cybercriminals started focussing their attention on this fast growing base of potential targets.

Terrell Karlsten, a spokesperson for Yahoo, told ZDNet Australia that the company had worked closely with Microsoft to develop a number of protective measures in order to improve security. One important step was to use SSL encryption on all traffic passing between the two companies' communities.

"We are encrypting all traffic that is sent across the [Yahoo and Microsoft] communities -- using SSL. On the other end we decrypt it and send the message to our users," said Karlsten.

Encrypting the traffic will ensure that the "path of delivery" is protected and messages sent between the networks cannot be intercepted by third parties, she said.

Yahoo is also expanding its use of SpamGuard, which is a filtering software that is already protecting users of the company's Web-based e-mail services, to scan instant messages.

"We have a SpamGuard filter in place, which is something that is very effective in Yahoo Mail and we are leveraging it in Yahoo messenger," said Karlsten.

Web bots can be used to send vast quantities of spam to IM users. They can even be programmed try and engage random users into a simple conversation that attempts to lure that person to a malicious Web site or to download a dangerous file.

"Bots are notorious for sending spam -- there are particular sending patters and habits that are associated with bots. We are able to detect those, confirm it is a bot and then we can shut that down.

"We also have a mechanism in place so no user ID can send more than three messages per second -- that helps thwart spammers efforts because bots are automated -- they try to blast out messages," said Karlsten.

IM security is a "top priority" for both Yahoo and Microsoft, added Karlsten: "As you can imagine, providing a safe experience is a top priority for both companies. We are doing everything in our power to make sure our combined global community will have a safe experience."

Topic: Microsoft

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion