Microsoft Filters MSN Conversations

[Spike]

According to communications director of MSN Sweden, Jessica Börjel, this is being done to protect users against exploits and worms spreading through the MSN Messenger service. Among the things Microsoft appears to want to block are URLs and file name references. And this is where the trouble starts:

• You cannot use the string download.php anywhere in a message, not even when it’s not part of a URL.
• The link filter does not take canonical URLs into account: http://evil.example.com/download.php and http://evil.example.com/down%6Coad.php is the same URL, expressed in two different ways. The first one is blocked, while the second one is not.
• Even if Microsoft fixed the canonization issue, and were able to block both, there are a loads and loads of redirector services, like as TinyURL that can be used to mask known bad URLs

And, for the truly paranoid: Since Microsoft are automatically monitoring your conversations, and block certain messages — what prevents them from eavesdropping on your messages, and sending any “suspicious” content off to third parties, such as governments and their agencies?

source | digg this

[Jeff]

This doesn't worry me so much. Of course ANY IM network could potentially monitor IM conversations. It's technically possible. What this describes is a software filter -- not something that I'd be bothered by, personally. Annoyed? Maybe, but bothered, no. :)

These "protective" filters can be a nuisance, but they aren't anything new for Microsoft. They applied similar filters to Outlook, preventing you from receiving many file attachments (i.e. .mp3).

I don't mind so much that they setup a filter, but I do wish there was a way for advanced users (who have a brain and aren't afraid to use it) to bypass these safeguards.