A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Instant Messaging and Chat

Communicating in real time with other Internet users

Internet communication services replace traditional forms of communication like the telephone or bulletin board by allowing people to talk to each other over the Internet.

Internet communication services include:

  • Chat rooms: Chat rooms are online forums where people who want to have online conversations can get together electronically and broadcast messages to everybody in real time. You can select from categories of interest, such as sports or movies, in order to talk to various sets of people. There are many different service providers for this kind of communication, but all chat applications have three main components: a list of all people present in the forum, an area where you can submit text to the forum and an area where you can read comments from others. Many chat room systems exist, such as IRC (Internet Relay Chat), Jabber and other proprietary and commercial systems. The general structure consists of a central server (managed by the chat service provider), whose function is to serve as the concentration point for all chat rooms, and application clients (generally the user's web browser), which allow users to broadcast and read messages posted on the server.
  • Instant messaging: Instant messaging is similar to online chatting, although the conversation is generally between only two people. The functional structure is also similar to that of chat rooms, with a central server, but users are required to install an IM client application to use the service. In order to have access to this application, you must register with a service provider (i.e., fill out a form with personal data and select a permanent ID). With instant messaging, you keep a list of friends that you communicate with. The list shows which of your friends are currently online. If somebody wants to start a conversation with you, a visual or sound alert lets you know. You can then begin the text-based conversation. Useful for long-distance conversations, voice chat and video chat is available from some messengers like Google Talk, MSN Messenger, Skype and Yahoo Messenger. Web cameras can be used to give the feeling that the person is just in front of you. When you enable the "view my webcam" feature, the other person trying to view your webcam requires your permission, which prevents access from unknown people.
  • Web-based groups: Web portals like Google, Yahoo and MSN have a service where subscribers can either create or participate in common interest groups. People in these groups can exchange information like files, pictures and messages, thus creating an online bulletin-board. This service can contain chat rooms and instant messaging as well.

Instant Messaging and Chat: security threats & prevention tips

  • Data Theft The unauthorized taking or interception of computer-based information
  • Harassment Threatening words or actions against a person
  • Intrusion Accessing a computer without permission
  • Malware Programs that are designed to harm your computer
  • Spyware Software that sends information from your computer to a third party without your consent

Instant Messaging and Chat: common problems and solutions

While instant messaging, you get odd messages with links.

Your friend may have malware running on his machine. These messages contain links and are sent automatically without your friend's knowledge. Just by clicking on them, worms or viruses can load on your machine. Before clicking, verify with your friend if he really sent it.

You give out personal information on social networking sites.

By giving out personal information, you increase your chances of falling victim to identity theft. It is highly recommended that you keep this information private, or at least only for trusted friends to view. Most social networking sites allow you to control who can view what on your profile page.

Connect Safely from Different Places

Office

Instant messaging in particular has been gaining popularity in many companies because it can be used for quick communication between coworkers. The main concern is privacy because private personal data is used for identification, and there are ways for people to gain access to this information. Also, because the communication channels used may not be secure, private company information could be compromised.

Before using instant messaging services, chat, or other community services at work, make sure that your company's policies permit it. Also, make sure you inform the IT administrator that you would like to use these applications so that he or she is aware of what you will be doing. While many companies use instant messaging as a tool for communicating with customers and vendors, others don't allow it at all for security purposes.

Offices may custom build their chat applications or use IM that is set for internal use. The internal use setting limits chat to be among the company employees only, preventing security problems while allowing employees to chat and share files amongst each other. Features may vary from company to company. The network administrator can enable chat on the company's local area network (LAN). Thus, the employee has to login using his email address pertaining to that company. Since they are connected via the internal LAN users do not access the Internet, which increases safety from viruses.

Mobile

Mobile technology lets you use communication services on your PDA or mobile device to chat with others online. For example, Windows PocketPC version includes the Internet Explorer web browser, which you can use to access online chat rooms. Also, instant messaging companies like Yahoo offer PDA versions of their IM clients and let you log on to their messaging services with a cell phone.

On the road

With the increasing availability of Internet hotspots (locations that offer wireless Internet), you can chat online practically anywhere. Many coffee shops and bookstores offer you the chance to surf the web for free, and many hotel chains supply every room with Internet access. Keep in mind that when you use your own computer to connect to a hotspot, you are on a public network where you are extremely vulnerable to attacks.

Some places offer public computers for you to use to connect to the Internet. You should be especially careful with these since anybody can access them. They could be tampered with or set up to steal your personal information.

In the communications process, private personal data is used for identification, and there are ways for people to gain access to this information. Public places are especially dangerous. On a public network, other people have direct contact with your computer, bypassing security checkpoints.

Legal Issues

As with any other social activity, community services present the danger of possible verbal or written harassment. The anonymity that comes with being behind a computer can lead some people to lie about their age or gender, or even feel free to harass others.

Repeatedly bothering somebody online is called harassment, and it can lead to psychological or physical damage. It is illegal to harass anybody – sexually, physically or even verbally. Online harassment is no exception.

Privacy Issues

Chat rooms, forums and instant messengers generally require you to register once by providing personal information (e.g., full name, user id, password, email address). This information can be stolen by hackers and used to impersonate you. In order to protect your identity, read the service's license agreement and privacy policy thoroughly before installing an application. You may even want to fill out registration forms with dummy information. Never share your email address with anyone you don’t know.

My home page