Internet messaging - part 3
Written by Dominik Joe Pantůček on 2018-01-18
internetIt is more than appropriate to finish our mini series about messaging on the Internet with the biggest paradigm shift when the general public started to use Internet on daily basis for casual communication as well. We can only ponder whether this was for better or worse.
Instant messengers
First "real" instant messenger which pretty quickly penetrated the market in certain parts of the world was definitely ICQ[1]. Released in 1996 and supported ever since. Although the whole ecosystem is far from perfect, it was the first software of such kind that could be used by masses. It was used, but not equally, in all parts of the world.
In 1997 an important step towards widespread acceptance of the Internet as a medium for instant communication happened. AOL[2] released its instant messenger - AIM[3]. Although very simple in nature - both the backing infrastructure (and protocol) and the available client - it allowed casual computer users to communicate with each other in real time. Much like with ICQ, no advanced computer literacy was needed. But this was a huge success especially in United States and that ensured that for most parts of the world, AIM became synonymous with instant messaging. In 1998 ICQ was acquired by AOL which - in my opinion - should try to leverage the best of both world but failed to do so.
Jeremie Miller[4] started writing jabber software in 1999 and although he and a group of hackers focused mainly on open-source server software for the communication protocol and on appropriate client software, their work was the foundation of an open and eXtensible Messaging and Presence Protocol - XMPP[5]. It took a few years to standardize, but in 2004 a first RFC[6] with the protocol specification was published. For some time Google embraced this protocol as a basis for its Google Talk service, but dropped the support later on. The whole XMPP ecosystem is still used by enthusiasts who acknowledge the practical applications of instant messaging but do not like to depend on large vendors like Google, AOL or similar.
(A)social networks
Although not primarily meant for instant communication, social networks got quickly many users' attraction in the first decade of the new millennium. The main focus shift was from the instant communication between two users to relatively quick communication within groups of people. Well-known example of such network is Facebook, but dozens of others followed and captured their audiences to various degrees in different parts of the world.
The term network might be slightly misleading here. From technical point of view it is just a web page offering services to its registered users. However misleading, these services are definitely easily accessible and the technology they rely on - web browsers - really add to this accessibility. Anyone with Internet connection and web browser can use them.
An example of social network which is trying to look more work-oriented would be LinkedIn[7]. This website offers its users to publish "professional" profiles with information about their education and work experience in convenient form. The official goal is to connect various experts together that might do a beneficial business together. Many people view it as simple platform for finding a new job or finding experts in any field to hire. Lately, more of that so-called social mumbo-jumbo is taking place there with specialized communication groups about broad range of topics.
As the younger Internet users are probably aware, the ability to express oneself using letters, words and sentences is rapidly diminishing. Not only people want to communicate quickly - but the pressure is also put on conveying the messages as simple as they can get. That is where communication using pictures - typically edited photographs - comes to play. And of course there is another service focused mostly on this type of communication - Instagram. You do not have to be a professional photographer to gain attention there. Just publish something weird enough and you will find your audience.
Privacy is questionable at best when using any of these aforementioned services and message confidentiality is virtually none. You might say that is to be expected. Yes it it. But then again, many users of these services do not realize this and have strong privacy assumptions when using them.
Next generation instant messengers
After the wave of non-instant communicators, the focus shifted again back to instant communication. People realized that the Internet can be leveraged for immediate communication pretty easily as the bandwidth rose steadily over the years and demanded instant messengers once again. Companies with huge budgets already invested in online communication business quickly jumped on the bandwagon and offered their users what we can call next generation instant messengers.
A typical example of such instant messaging service would be Signal. Its protocol[8] is - from cryptography point of view - designed reasonably and as it is open for public scrutiny, anyone can check that. The applications available are however mostly closed source, so there are not many options in auditing their security. Primarily targeted at mobile platforms the messenger got only later a decent desktop options. Nevertheless - as people got used to communicating almost solely using their mobile phones - this was enough to get enough users. There are even corporations using Signal as their primary means of internal communication.
Another example would be WhatsApp instant messenger. In most of its aspects it could be compared to Signal. But it is worth noting that WhatsApp was acquired by Facebook and therefore it should raise suspicion when using it for any confidential information. The protocol allows for decent confidentiality and although the official client can warn you about man-in-the-middle attacks, many people just do not check the other party identity using different channel and therefore there is a space for pretty direct attacks.
The next generation instant messengers try to offer decent privacy and confidentiality by leveraging well-tested encryption standard but fail to address many other problems of such communication given the nature of the services provided.
Although all these instant messengers and so-called social networks definitely allowed many people to easily communicate, they raise many questions about privacy and confidentiality of such communication. It might be surprising but to achieve relatively high degree of security parameters, it turns out email might not be a bad choice after all. But more on that next week.
References
1. ICQ. (2017, December 10). In Wikipedia, The Free Encyclopedia. Retrieved 21:49, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=ICQ&oldid=814756372
2. AOL. (2018, January 7). In Wikipedia, The Free Encyclopedia. Retrieved 21:50, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=AOL&oldid=819038924
3. AIM (software). (2018, January 5). In Wikipedia, The Free Encyclopedia. Retrieved 21:51, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=AIM_(software)&oldid=818790408
4. Jeremie Miller. (2017, December 25). In Wikipedia, The Free Encyclopedia. Retrieved 21:38, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=Jeremie_Miller&oldid=817018954
5. XMPP. (2017, December 11). In Wikipedia, The Free Encyclopedia. Retrieved 21:37, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=XMPP&oldid=814857249
6. RFC 3920 - Extensible Messaging and Presence Protocol (XMPP): Core, available online at https://tools.ietf.org/html/rfc3920
7. LinkedIn, accessible online at https://www.linkedin.com/
8. Signal Protocol. (2018, January 6). In Wikipedia, The Free Encyclopedia. Retrieved 21:52, January 8, 2018, from https://en.wikipedia.org/w/index.php?title=Signal_Protocol&oldid=818943164