One more reason to not really like MSN
In a recent article on Slashdot is given yet another reason — actually two reasons — to not use MSN (not even just the Microsoft client, but the entire protocol). Apparently Microsoft is aware that malicious URLs can be sent through MSN, so they figured they’d better block some of them. Actually, they’re blocking the sub-strings, which means that .scr will catch not only http://example.com/file.scr but also http://example.com/my.screenshot.png and everything else containing the string .scr. The blocking is done server-side, so it doesn’t matter if you use the official Microsoft MSN client or Pidgin (The IM Client Formerly Known as Gaim), Adium or whatever’s available out there.
Now, what’s really retarded is that each and every TinyURL still gets through just fine (but probably not for long now) and now Microsoft has to play catch-up to maintain that list of blocked sub-strings. This is really, really stupid, because the poor end-user will never know why their link to http://cutesie.example.com/pics.php isn’t sent — just that it’s not. And most people will probably never see the list and know which words they can’t use, hence confusion. Besides, the fact that Microsoft choose to “solve” problems in this way instead of fixing the vulnerabilities in their software, just makes me wonder how common this practice is to them and how many other problems they’ve “fixed” in a similar manner.
August 7th, 2007 at 8:43 am
I suppose you meant “Messenger”.
What are the other reasons not to use it? Will you get notified when being filtered?
I use it since it seems the better choice — when looking at what people themselves can handle signing up for and using.
August 7th, 2007 at 9:29 am
Omg that is so lame. Teeth grinding lame. Literally, I’m grinding my teeth right now to get rid of the pain. Though I’m not doing it, I feel like banging my head to the wall too.
August 7th, 2007 at 2:14 pm
Bjarke, what do you mean, I probably meant Messenger?
And no, until recently you’d be told absolutely nothing - the server would just not relay your message, but now you get an error (Could not send; a connection error occurred), even though it’s not really explaining anything.
Stffn… Dead on!
August 8th, 2007 at 12:46 pm
Anders, That’s a rather lame way - and since they use security by obscurity - even though claiming it to be an open protocal - they leave the users with the problem in the end. Confused and oblivious, as always.
About the other thing - I’m just joking :-) MSN is the Microsoft Network of which the instant messaging service Messenger is a part of. Lately it’s become “Live Messenger” rather than (amongst other names) MSN Messenger and Windows Messenger.
At least when you look at the client - the protocol is called IMPP and MSN Messenger Service protocol etc. - so it was a mere
August 8th, 2007 at 8:11 pm
Oh, right… Forgot that MSN is more than the Messenger… :)
And yeah, I totally agree. This is ultra bad practice from all possible perspectives… I really, really hope it’s just a temporary “fix” until they fix the real problems.
Btw, looks like some of your comment was cut off… ?
August 10th, 2007 at 8:36 am
Indeed it was. I think I wrote something about Microsoft saying that it was an open protocal was a mere PR stunt.
Odd though, that is was cut off.
July 28th, 2008 at 6:54 am
[…] around 9 months since it was discovered that MSN had implemented some pretty retarded keyword blocking rules on messages sent through MSN Messenger (aka. Live Messenger; not the client, the protocol). Now — […]