The Electronic Frontier Foundation has expressed concerns about recent changes to AOL’s Instant Messenger service and recommends that “AIM users do not switch to the new version, as it introduces important privacy-unfriendly features”. The EFF met with AOL to discuss its concerns, but says that the company has only in part responded positively.
The EFF’s concerns fall into two main areas. The first involves the scanning of messages for URLs and the pre-fetching of any displayable media. The purpose of this pre-fetching is to improve performance when a user is sent an embedded link to an image that is intended for display. However, AOL was following all embedded links, some of which might refer to sensitive information. AOL has informed the EFF that it will limit the types of sites and URLs followed in this manner. The company told the EFF that it did not plan to log or store the data that it pulls down during this process.
According to the EFF, its other main concern has not been addressed properly. By default, the new version of AIM stores all conversations in plain text on its servers for up to two months, and perhaps much longer. AOL say that this enables users to access their messaging history from different machines, but it does mean that messages are potentially accessible to third parties, either through legal means or through a security breach
The EFF’s concerns fall into two main areas. The first involves the scanning of messages for URLs and the pre-fetching of any displayable media. The purpose of this pre-fetching is to improve performance when a user is sent an embedded link to an image that is intended for display. However, AOL was following all embedded links, some of which might refer to sensitive information. AOL has informed the EFF that it will limit the types of sites and URLs followed in this manner. The company told the EFF that it did not plan to log or store the data that it pulls down during this process.
According to the EFF, its other main concern has not been addressed properly. By default, the new version of AIM stores all conversations in plain text on its servers for up to two months, and perhaps much longer. AOL say that this enables users to access their messaging history from different machines, but it does mean that messages are potentially accessible to third parties, either through legal means or through a security breach
0 comments:
Post a Comment