It seems that a lot of people do not understand the rules here on Imagefap, or how they are applied,  especially with regards to chat. These are the ImageFap rules, btw - http://www.imagefap.com/forum/viewtopic.php?f=4&t=12388. Did you notice that ageplay RP below age 18 is not allowed, even in private messages? Good. Did you also notice that all messages, emails, chats, PMs etc on IF can be read by the admins and that they are retained for an unspecified period of time? Again, good you saw that. Now, don't approach me about that here on IF. It's not that I have a problem with it, I just would rather not get kicked off IF for violating a rule that is easy to follow.

This post isn't meant to criticize the rules - in fact, I agree with every one of them and try to follow them. It's just meant to point out that most people don't know what they are, or that anything you say or do on Imagefap, or really anywhere on the internet, including Yahoo Messenger and the other chat apps, is readable by the admins of those sites and probably retained indefinitely.

Which brings us to the thing I really wanted to talk about - privacy. 

A lot of people seem to think that going to ya.hoo (as it's known in chat) is a solution, not realizing that everything you say on Yahoo Messenger goes through their servers, gets saved, and can be read by any admin at yahoo. This may not seem too bad - you aren't breaking any laws, after all - but keep in mind that any pictures or other files you send through yahoo messenger are also saved on their servers. If you send a private photo to your playmate over yahoo messenger he or she is not the only person that has access to the image - every server admin at yahoo does too. I have known some Yahoo server admins in the past; let's just say I wouldn't want them having access to my private images or messages - and these are people I have gone to bondage clubs with. I like to decide what get's shared where, and some of the conversations I have could be easily misunderstood, if taken out of context.

The last year has made it even more clear that casual retention and sharing of what you probably think of as private conversations by the services you use and by governments (pick one, they all do it) is happening pretty much constantly and the net is so wide that everything you have ever typed is caught in it. Even if you aren't doing anything wrong, and most people aren't, everything is still getting run through phrase matching systems and could get you more attention than you would want to deal with. Worse, something that is legal today could become illegal tomorrow, and you could be top of the watchlist because a Yahoo chat you had 2 years ago indicates you have an interest in this newly outlawed thing. Even if you aren't doing anything wrong *and* you figure you are safe because you are not using your real name, it's still trivial for someone to associate your IP address with your ISP account; Yahoo even requires you to give them a phone number when you sign up, so no anonymity there. It's a good thing that server admins never look at stuff they aren't supposed to, or become  stalkers.

It all sounds a little paranoid, but I figure better safe than sorry - *especially* if you aren't doing anything wrong and just don't like the idea of your privateconverrsations being eavesdropped. If you *are* doing something illegal, you should probably stop, because all the precautions in the world probably aren't going to help you if you are the focus of an active investigation.

But if you are just someone that would like to take some simple steps to have a degree of privacy in your internet life there are some things that you can do:

Use a chat client that supports encryption - I would recommend Pidgin (https://www.pidgin.im/) with the OTR (Off The Record) encryption plug-in (https://otr.cypherpunks.ca/)for people on Windows/ and Adium (https://adium.im/), which has OTR encryption buit-in, for Mac users. These two clients support a huge number of different messaging services with a single appllication, so you can have one program for encrypted chat on just about any service. These don't support any audio, video and any files or images you share are still unsecure and end up on yahoo's, or whoever's servers. So, don't expect anything from these except secure text-only chat. 

Another option is Jitsi (available for Windows, Mac and Linux at http://Jitsi.org ).It doesn't support as many chat services as the two above (it supports Yahoo, AIM, gchat, Facebook chat, ICQ,and MSN), but it DOES support encrypted voice and video chats, if that is your thing. Setup is easy, though you will need to set up an account on jit.si (their server https://jit.si to set up an account, which doesn't require any personal info) account if you want secure video or audio chatting/ It really not hard though.

These options above are your best bets for secure text chat using existing commonly available services. and for secure video and audio chat using jitsi. They are all open source, so people other than the developers have looked at the code - doesn't mean it's totally secure, but it means that you aren't just taking some company's word on security blindly. If the developers of these appllcations are doing anything sneaky under the covers, or screwing up their security unintentionally, it will almost certainy get noticed by someone, and the user community will hear about it and then they come off the trusted list, or if it was unintentional, it will just get fixed.

These options above are also point-to-point - your chat messages get encrypted on your machine and are only decrypted when they arrive at the intended recipient. Anyone in between wll just get garbage. They also use well tested and understood encryption techniques that are thought to still be very secure, even from determined eavesdroppers. You can also, if you like, take steps to try to ensure that the person you are chatting with is who you think they are, though for people you meet just on the internet this is pretty impossible, so I am not going to even go into it.

There are some other solutions you may see out there, like yMore for yahoo messenger. Don't use them. Just try finding out any information about how yMore works; you can't because the company that makes yMore is not interested in telling anyone. That means you should assume that yMore can read your messages. In general, don't trust anything that is not open source, and that does not use a private/public key system (exceptwhen there is no other option - "maybe secure, but probably not" is still better than not secure at all

Use Crypto.cat if you just want to have a quick secure conversation without exchanging messenger IDs with someone, or if you want a group chat. Crypto.cat is a browser plug-in (that you can get at https://crypto.cat ) that works with everything except Explorer (probably because of Explorer's strange plug-in architecture). You can create a private room, assign it a name and password. invite people to it and all have a secure conversation, including secure file transfers. Crypto.cat is open source, and uses a public/private key system, so it's pretty secure.

I don't recommend using chatstep.com - it's easier to use and looks nicer, but it's closed source - assume that the admins at chatstep can see everything you say and every picture you post. (plus their picture size limit is very small - forget animated gifs)

Use a Secure File Transfer System: If you really want secure file transfers there are a few things you can do - you can use encryption software to encrypt your files before you send them using some insecure system. This is generally annoying though and no one will like you. It is the smartest, most secure option though. Not going to bother going into though, because the only people that would be interested are people that can probably look it up themselves.

 You can use Cryptocat, as I mentioned above - secure file transfers are one of it's features, and it's not terrible.

For convenience though, probably the best you are going to be able to get someone to go along with is http://justbeamit.com . You just open the page, drag the files you want to transfer onto the page, then click the create link button. Copy the link and send it to the person you want to send files to. The justbeamit.com web app creates a direct point-to-point connection between your browser and the browser of the person that uses the link. There is no server between you and the reciever, the file transfer is encrypted (probably), and it's almost always much faster and more reliable than using Yahoo or any other service's file transfer system. The link it creates is also one use only, so it can't be reused by another person later. The only minor downside is that you need too keep your browser window open until the transfer is complete, but you get updates on the status of the transfer, so it's easy to do so. Unfortunately, justbeamit is not open source, but it is the only thing I have been able to find that is run by people that will at least talk about an outside code audit and it does not depend on an intermediate file server to store files during transfer - my own testing using a network analyizer also seems to confirm that the transfers are point to point, so there is that. Any alternatives are welcome though.

So that is it, my first and probably only blog post, hopefully giving me something that I can just point people at instead of explaining this stuff over and over. I will update this if any recommendations change, or new stuff comes to light.