The Ramble

Eight Risks of Externally Hosted Instant Messaging

1. Weakened security settings. During installation, instant messaging software may change browser security settings, placing the computer at risk.
2. Readability by intruders. Instant messaging sessions are conducted in plain, unencrypted text, and are an open book to a reasonably skilled intruder.
3. Intrusion on privacy. By design, instant messaging software runs continuously as a background task and broadcasts the computer's presence online even if the interface is closed. (A separate "exit" action is needed to stop it.) In addition, instant messaging software may store the content of an instant messaging session in a log-file that could be read by others.
4. Hijacking and impersonation. Instant messaging accounts are vulnerable to hijacking or spoofing, allowing an intruder to impersonate someone in conversations with others.
5. Malicious code. Instant messaging establishes an open communications channel to the computer that can be exploited by malicious code such as worms, viruses, and Trojan horses.
6. Unauthorized access. Instant messaging users can potentially access each others hard drives and files during a session, placing the computer at the disposal of would-be hackers.
7. Poor password security. Instant messaging software typically stores passwords in a manner that is highly vulnerable to hackers.
8. No virus protection. Instant messaging sessions are not virus protected and can freely spread virus-ridden files.