Linux SoftwareCommunicationsChatBIM 1.0

BIM 1.0


BIM version 1.00 is a free Java based AOL instant messenger client
Developer:   Brad Wellington
      more software by author →
Price:  0.00
License:   GPL (GNU General Public License)
File size:   0K
Language:   
OS:   
Rating:   0 /5 (0 votes)
Your vote:  
enlarge screenshot


BIM version 1.00 is a free Java based AOL instant messenger client. BIM is a Java based AOL Instant Messenger Client with encryption support. It has a small code base (617KB w/encryption libs) and can be easily run on wide array of operating systems. BIM has been tested on OSX, Windows XP, Solaris and Linux. BIM also incorporates encryption technology so that a user can communicate securely with any other BIM user.

I think pictures speak louder then words so I decided a demonstration was in order. Using another brilliant open source product, PlugProxy, I was able to take a quick screen shot of what goes over a TCP connection when connected to AIM. As you can see the connection is not secure at all, everything is sent as clear text. A user is vulnerable to both eavesdropping and message alteration.

In addition to your messages being compromised, you have no way of knowing for sure that your buddy's messages are genuine. They could have their connection altered much in the same way as your could be. A true security solution encompasses the following:

* Private Messages - Messages sent are not read or altered by others
* Authenticated Messages - Messages received can be verified that they were in fact sent by the sender
* Verified Messages - Your buddy is who they say they are

BIM addresses all three of these issues. BIM can run a chat session in what is referred to as secure mode, although BIM's secure messaging involves more then just encryption. Unlike other IM clients, BIM actually addresses all three of these issues. Every unique user of BIM can generate a public/private key pair for security use. BIM's security hinges on the secrecy of this private key, BIM will never send this key over the network however it is up to the user to secure the key on their local machine.

Private Messages

BIM does use encryption in order to send messages safely to other users. BIM uses RSA encryption to ensure only the intended receiver can decrypt your message. It does this by encoding each message with the public key of the recipient. By doing so only the intended recipient (and the NSA perhaps :)) can properly and easily decrypt each message.

Authenticated Messages

BIM uses digital signatures for the verification of messages. To be more specific BIM creates an MD5 hash of each message, which is then encoded using RSA again as specified by PKCS#1. This signature for each messages is appended to the message and serves two purposes. It allows the recipient to verify it was in fact the send of the message who reated this message, more specifically it proves the message was not sent by an imposter. In addition the signature verifies the content of the message, namely that the message was not altered in transit by a third party.

Verified Messages

All transactions in BIM (and most PKI schemas in general) begin with two parties swapping public keys. In order to prevent the famous man in the middle attack, public keys are signed by a certificate authority. Users can then verify the identity of the user sending them the public key. BIM does address this and comes with a bot (CAbot) which runs on the AOL network and can give out certificates. CA-bot in its current state is not that useful though for the following reasons:

* The CA-bot will give a certificate to anyone who wants one with a valid AIM id.
* The CA-bot has no way of revoking a certificate.

although it is provided in the bim distro for educational purposes. This bot might be upgraded in a future version of BIM. To run the bot do this:

java -cp bim.jar wellington_brad.bim.cabot.CaBot

You should see aol id cabot215 come online.

When BIM is running in secure mode, it becomes very difficult for a potential attacker to do anything but prevent communication. Here is picture of the same AOL conversation using PlugProxy as was shown above, this time in secure mode. Here is a link to a presentation I did on some of these issues.

Requirements:
  • BIM's sole requirement is that you have JDK 1.3 or above on your machine. You can download the latest version of Java from Sun's website.
    tags the message  secure mode  these issues  each message  messages bim  bim does  the user  key bim  private key  public keys  bim uses  only the  the recipient  

    Download BIM 1.0


     http://prdownloads.sourceforge.net/bim-im/bim.jar?use_mirror=superb-west
     http://prdownloads.sourceforge.net/bim-im/bim.jar?use_mirror=umn
     http://prdownloads.sourceforge.net/bim-im/bim.jar?use_mirror=nchc
     http://prdownloads.sourceforge.net/bim-im/bim-src.zip?use_mirror=surfnet


    Authors software

    BIM 1.0 (by Brad Wellington)
    BIM version 1.00 is a free Java based AOL instant messenger client


    Similar software

    BIM 1.0 (by Brad Wellington)
    BIM version 1.00 is a free Java based AOL instant messenger client

    yyyRSA 1.0.2 (by Erik Thiele)
    yyyRSA is a simple program to encrypt and decipher messages with the RSA asymetrical encryption algorithm.

    Alice wants to send Bob

    Secure Messaging 1.0 (by WA)
    Secure Messaging is a Web-based, alternative mail system for sending and receiving messages.

    Use secure messaging to send and rece

    seccure 0.3 (by B. Poettering)
    seccure toolset implements a selection of asymmetric algorithms based on elliptic curve cryptography (ECC)

    SILC Client 1.0.3 (by SILC Project)
    SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet

    Email 2 0.1.0 (by Emanuele Altieri)
    Email 2, or simply E2, refers to a new email technology designed from the bottom-up to meet the needs of our modern society.

    In co

    CryptoHeaven 2.6.1 (by CryptoHeaven Development Team)
    CryptoHeaven offers secure email and online file sharing/storage

    SimpServer 2.1.0 (by Secway)
    SimpServer is the first lightweight instant messaging security gateway for Unix systems

    xsay 1 (by Marius Aamodt Eriksen)
    xsay is a notification tool for X

    Naken Chat 2.08 (by Michael Kohn)
    Naken Chat is a public chat server written in C (originally in Java)


    Other software in this category

    AIM 1.5 (by America Online, Inc)
    "You don`t have to be an America Online member to experience the immediate cross-Internet communication made possible by AOL Instant

    Yahoo Messenger 1.0.4 (by Yahoo! Inc.)

    Gaim 2.0.0 Beta 5 (by Gaim Team)
    GaimGaim is a multi-protocol instant messaging (IM) client for Linux, BSD, MacOS X, and Windows

    aMSN 0.96 (by Amsn Development Team)
    aMSN : Alvaro's Messenger, or Another MSN messenger clone

    This project is a modified and

    Ayttm 0.4.6-17 (by Philip S Tellis)
    Ayttm is an instant messaging (aka chat) client that provides all-in-one chat functionality for several major instant messaging servi

    •     search


    Featured Software

    jEdit 4.3 pre8
    jEdit is an Open Source text editor written in Java

    Opera 9.02
    Surf the Internet in a safer, faster, and easier way with Opera browser

    GNU Aspell 0.60.4
    GNU Aspell is a Free and Open Source spell checker designed to eventually replace Ispell


    Subscribe in Rojo
    Google Reader
    Add to My Yahoo!

    Add to My AOL
    Subscribe with Bloglines
    Subscribe in NewsGator Online
    Add 'nixbit linux software' to Newsburst from CNET News.com
    del.icio.us nixbit linux software


    Top tags