August 27, 2004
- Ease of Use:
- Value for Money:
- Overall Rating:
Free, simple, does what it says on the box.
Not scalable, very basic.
A simple-to-use and very secure piece of software that is more suited to occasional use or very small businesses, rather than a fully fledged enterprise environment.
Winfosec's SIMP (Secure Instant Messaging Protocol) is an open source IM tool for Windows. SIMP doesn't make use of a central messaging server, which while technically making it more secure, doesn't make it as attractive as an enterprise offering.
The product operates on a P2P basis, like file sharing software such as Kazaa. The executable file weighs in at only 200Kb, making it easy to transport and is a standalone, meaning no installation, you just download and run from its location.
You need to know the IP address of whoever you want to contact, which could be frustrating if working with dynamic IP addresses. You then select a username, and as SIMP does not use registration or a user database, there is no problem with finding unique names.
You can connect directly to the relevant peers without using encryption, although it is best to decide on a password beforehand. You then input the password at connection and are ready to start an encrypted conversation. Without encryption, the messages are passed in plain text. Encryption is via Blowfish, which uses a variable key length of between 32 and 448 bits, while SIMP will automatically adjust any password keys which are not divisible by eight. Blowfish is widely recognized as strong encryption and as such is classed as munitions by the U.S. making it illegal to use in certain countries.
SIMP features the usual ingoing and outgoing message windows, but only offers basic functionality, you can only chat with whoever you are immediately connected to, restricting its scalability. The program does not offer any functionality to transfer files either, it is literally a secure messaging tool.
One appealing feature is that SIMP is free and, with it being open source, security buffs can peruse the source code to their satisfaction. This also means that SIMP could be implemented as part of an in-house development of an IM tool, as long as it complies with the open source general license.
However, open source also means that the software is not supported by the developers, but as it is so simple to use, it is extremely unlikely you will need support.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry