Privacy experts at the EFF are warning users not to upgrade to the new version of the venerable AOL Instant Messenger chat client because of some serious privacy concerns with the application. The main concern is that the new version of AIM automatically logs all user conversations by default, but there also are issues with the way that AIM scans all links in chats and pre-fetches the URLs.
In a detailed analysis of the new client, the EFF said that its major problem with AIM is the default logging behavior, which is not disclosed to users and results in chat conversations being stored on AOL’s servers. The logging is not opt-in and most users likely wouldn’t be aware that it is going on. Many chat clients log users’ conversations, but that behavior is opt-out in some cases.
“When you first sign into the new AIM, a flag is permanently set on your account to begin storing all of your conversations on AOL’s servers for up to two months, and perhaps indefinitely. AOL’s intent is to make it easy to see the same messaging history even if you sign in from a different device, but the danger is that your private conversations are now available to, for instance, law enforcement agents with a warrant or a national security letter, or to criminals in the event of a data breach. In the case of government access AOL might not even be required (or allowed) to inform you that your private communications are no longer private,” the EFF’s Cindy Cohn, Dan Auerbach and David Grant wrote in their analysis.
There is an “off-the-record” mode in the new client, which allows users to disable logging for a specific conversation. However, that mode doesn’t work if the other party isn’t using the new AIM client and operating in OTR mode as well. Using alternate chat clients doesn’t get the job done, and OTR isn’t usable for group chats, either.
“All of these should change. AOL should not set logging as the default and it should not be permanent. Instead, logging should be opt-in and “off-the-record” mode should be robust and prominent in the user interface,” the analysis says.
The EFF discussed its concerns with AOL, including the default logging and the pre-fetching of links, and said that the company has agreed to make some modifications to the behaviors. When a user pastes a link into a chat conversation, AIM will pre-fetch the URL and analyze it to see whether there’s a picture or video there. It’s meant to make inserting those media a simpler process, but as part of that, it means that AIM is parsing each URL, which could possibly contain some private information, the EFF said.
“We pointed out that this implementation would reach private server links, links that might contain authentication data in the URL, or even one-time use pages like unsubscribe links, all of which were problematic. But good news: after meeting with us, AOL agreed to limit the types of sites and URLs crawled by this technology, and to provide better notices to its users about how the links it sends will be used,” Cohn, Auerbach and Davis wrote.
AOL also said it will disable the scanning behavior for conversations in OTR mode, but there isn’t a method for totally opting out of it, either. The EFF gave AOL a nod for its willingness to discuss the issues, but said that there’s still some room for improvement.
“Because signing onto the new version of AIM permanently changes your account settings to log all conversations to AOL’s servers by default, we recommend that existing AIM users do not upgrade,” the analysis says.