tansqrx
Mar 30 2007, 10:03 PM
I first picked this up on Big Blue Ball in their newsletter (http://www.bigblueball.com/forums/yahoo-messenger-news/39852-yahoo-drop-support-y-messenger-7-5-april-2nd.html). QUOTE As of April 2nd, 2007, we will no longer offer customer support for Yahoo! Messenger 7.0/7.5. We recommend that you upgrade to the latest version of Yahoo! Messenger. We will keep these help pages available online should you continue to use this version and have basic questions that these pages can answer. The administrators of Big Blue Ball speculate that this may mean another protocol change. I tend to disagree. The 8.x series of clients all use the same YMSG protocol as their predecessors. They may perhaps enforce the latest version of the protocol (15 vs. 12) but I don’t think this will make a great deal of difference as the authentication is identical. My guess is they are trying to make the Messenger Plug-Ins standard. Apparently a lot of developers and advertisers are writing plug-ins for Messenger and the support just isn’t there in earlier versions. Bottom line, I think it is about money from advertising not protocol changes.
Comment/Reply (w/o sign-up)
ethergeek
Mar 30 2007, 11:25 PM
This is standard operating procedure...it's alot easier to not support legacy versions of a product from a training standpoint, especially if you're training your support team to support old versions of something that can be downloaded and upgraded for free. Seems like it should be common sense to update a program that's having problems before calling support, but I may just be too much of a geek to understand why people don't do this... 
Comment/Reply (w/o sign-up)
turbopowerdmaxsteel
Mar 31 2007, 01:42 AM
Whatever the motives are, major protocol changes would render many third party tools (including my Pika Bot  )useless. Not that we've got the right to be complaining; after all, its their game and their rules. But, I sincerely doubt that it will happen. They are more concerened on the advertising part as you mention. Engaging work on the protocol wouldn't be ideal for them. However, I do think that they should do something for the bot problem. Its hard to find real people in chat rooms these days. On an average there are 2-4 bots residing in every room, which spam the chat room based on a timer circuit. Then there are the cycler bots, which keep on moving across rooms & posting their advertisements. I've always wanted bots to be able to replicate human chit chat with smart answers. Yet, these days, they are primarily used for no good advertisements.
Comment/Reply (w/o sign-up)
tansqrx
Apr 3 2007, 05:48 AM
From what I have seen the chats are suffering from more than just bots. For the past several months it has taken forever to get into the rooms, may times several minutes. This is the same for all clients, not just Messenger. I am starting to wonder if Yahoo! is either abandoning chat all together or getting ready for another update. I remember the last time there was a chat update the servers were slow to respond and all sorts of problems popped up. BTW. Turbo you need to stop by my forums more often, I’m starting to miss you, lol.
Comment/Reply (w/o sign-up)
turbopowerdmaxsteel
Apr 3 2007, 06:05 AM
QUOTE
From what I have seen the chats are suffering from more than just bots. For the past several months it has taken forever to get into the rooms, may times several minutes. This is the same for all clients, not just Messenger. I am starting to wonder if Yahoo! is either abandoning chat all together or getting ready for another update. I remember the last time there was a chat update the servers were slow to respond and all sorts of problems popped up.
It all seems pretty logical. But, I have a feeling that its all because they want to delay the room cycler bots. QUOTE
BTW. Turbo you need to stop by my forums more often, I’m starting to miss you, lol
OK, I'll drop by. I was kind of concentrating on other areas, more importantly, the new plugin architecture for Pika Bot.
Comment/Reply (w/o sign-up)
Similar Topics
Keywords : yahoo, messenger, protocol,
- Messenger 9.0.0.234 Released
(4)
Yahoo! Messenger Firewall Changes
(0) Yahoo! announced on their official Messenger blog (ymessengerblog.com) that unspecified changes will
be made to the way firewalled users will use Messenger. The article mentions that only users that
are using version 8.x and signed in from behind a firewall will be affected. An official message
will be sent by Yahoo! urging users to upgrade to the latest 9.x version of the software. From a
programming standpoint this will most likely only affect Messenger operations that require a peer to
peer (p2p) connection such as file sharing. When performing a peer to peer oper....
Yahoo! Messenger Challenge Response Algorithm
(11) Here is a question that came into my forum and I thought it needed wider coverage. Q: Can you
explain the Yahoo! Messenger challenge response algorithm? The Yahoo! Messenger challenge response
sequence is quite complex and unique to Yahoo! The challenge comes from the server and is then run
through an algorithm on the client. When looking at the challenge and response in ASCII view it
almost looks like a mathematical equation but it is not. This complex algorithm came from several
years ago when the username and password was sent in plain text over the network an....
Yahoo! Messenger Power User
(5) I just received a very weird message when I logged into Messenger today. It said “Congratulations,
you are a Power User!” The pop-up was in its separate window similar to the annoying Insider and
had a Learn More, Choose Your Icon, and No Thanks button (the Learn More button didn’t work). After
doing a quick Google search
(http://help.yahoo.com/l/us/yahoo/messenger/messenger9/pwrusr/pwrusr-01.html)
(http://messenger.yahoo.com/powerusers) I found that this thing does really exist and wasn’t some ad
pop-up that somehow got past my defenses. Here are a few of the “benef....
Yahoo! Messenger Talking To Google Talk?
(7) While Yahoo! was off fighting Microsoft, they made some deals with Google to put a slightly tainted
taste into the merger deal. The most notable one was an ad revenue “trial” where Google would serve
the ads on Yahoo! pages in return for a very favorable share of the profit. Over the past week it
appears that the trials were very successful and Yahoo! has agreed to a more permanent deal with
Google that would continue the deal, pending any anti-trust issues. Mixed up in this agreement is a
paragraph that indicates future interoperability between the two IM platforms (....
It Still Looks Like Microsoft Messenger May Still Happen
(9) Over the past week the talks of Microsoft buying Yahoo! has not diminished. Recently Slahsdot
(http://tech.slashdot.org/article.pl?no_d2=1&sid=08/04/07/236215) published a note that points to
both a Microsoft press release
(http://www.microsoft.com/Presspass/press/2008/apr08/04-05LetterPR.mspx) and the Yahoo! reply
(http://yhoo.client.shareholder.com/press/releasedetail.cfm?ReleaseID=303369). The bottom line is
that Yahoo! hasn’t said no, they just want more money. In my mind the simple fact that Microsoft
has not backed down after the initial offer means they will se....
Latest Yahoo! Vulnerability Appears To Be A Moving Target For Messenger
(2) I have been aware of the latest Yahoo! Jukebox and until recently Messenger exploits for about a
week. Starting on the 3rd of February, three critical vulnerabilities were posted for datagrid.dll
and mediagrid.dll which are part of the Yahoo! Jukebox offering
(http://www.securityfocus.com/bid/27578, http://www.securityfocus.com/bid/27579 ,
http://www.securityfocus.com/bid/27590) . The reason that I waited so long to post this is because
the details were inconsistent and it didn’t add up to me. The versions of Messenger that were
listed as vulnerable are absolutely a....
Hacking Yahoo! Messenger
(12) lately i've been reading some way of hacking yahoo messenger. youtube, hacking forums, and etc,
i've been there to ask and to learn how to hacking it. but i've been wondering every now and
then while reading and watching those posted videos and scripts, but they are not working. For real,
is there any way to hack yahoo messenger?....
Tapping Yahoo! Messenger Phone Conversations
(4) The latest post on the official Yahoo! Messenger blog appears to be out of place to me
(http://www.ymessengerblog.com/blog/2008/01/04/recording-yahoo-messenger-calls/). It is not part of
the usual suspects of promising unneeded features or unabashed promotion of Messenger. Instead it
is a fairly useful commentary on how to record a Messenger phone session using third party
applications. The Yahoo! Messenger blog references a New York Times article
(http://www.nytimes.com/2008/01/03/technology/personaltech/03ASKK-002.html?_r=1&oref=slogin) where a
user asked if there i....
Yahoo! Messenger 9 Beta Preliminary Review
(15) I have been using the latest version of Yahoo! Messenger for over two weeks now and I would like to
give a quick review of it. Overall this is not a major change from what I know as Messenger. As it
has been said before, this is evolutionary not revolutionary. From what I can see there are no new
features (at least none that I would use), the user interface (UI) is prettier, and it looks like
there have been some bug fixes; that’s it. Under the hood there are some things to note. The
current version of the YSMG protocol with version 8 is 15 and Messenger 9 has bee....
Yahoo! Messenger Author’s New Security Book
(0) There’s not much meat or new content in this post but I did find it rather humorous. Richard Sinn
is apparently the software security engineer for Yahoo! Messenger and he now has a new book out
entitled Software Security Technologies: A Progammatic Approach
(http://blog.messenger.yahoo.com/blog/2007/10/23/kudos-for-the-team/)(http://www.amazon.com/dp/14283
1945X?tag=open0f-20&camp=14573&creative=327641&linkCode=as1&creativeASIN=142831945X&adid=1435SV1WH79
S425NG1ZF&). The price is high for a paperback at $87.95 USD but I may read it once the price drops
or there are use....
Minor Updates To Yahoo! Messenger Web
(1) The Yahoo! Messenger development team announced that there have been a few minor upgrades to the web
version of Yahoo! Messenger
(http://blog.messenger.yahoo.com/blog/2007/09/24/yahoo-messenger-for-the-web-new-release/). From
what I can see nothing major has been added except for SMS to mobile users and a few new languages
for India. Apparently the web version of Messenger has taken off in India as nine new languages are
added for that region. You add the support for the biggest demand.....
Messenger Mail Bug?
(2) Over the past few days (It is September 23, 2007 now) I have noticed what appears to be a bug in
Yahoo! Messenger concerning unread mail. No matter if there are unread messages or not, Messenger
always reports new mail. I have even gone through the trouble of deleting EVERYTHING from my mail
account and it still pops up. The same behavior happens on Yahelite and Pidgen so it is a server
side bug. Yahoo! has been upgrading their server so I would expect that this is a side effect of
some of the upgrades. Of course this could be confined to me so let me know if you ar....
“discovr” New Friend With Yahoo! Messenger
(2) The latest blog post from the Yahoo! Messenger development teams is about Discovr, a proposed new
way of sharing Messenger contacts. As is stands Messenger is a closed social community. It is very
hard to discover new buddies unless you start trolling around the chat rooms or have a buddy in real
life. Discovr is a method to make Messenger more like Facebook or Myspace where everyone knows who
your friends are. Discovr came from Hack Days, a common occurrence at Yahoo! that encourages
different departments to throw out new ideas. (To think Yahoo! actually names it H....
The Yahoo! Messenger Zero-day For The Month Of August
(1) Yahoo! Messenger is once again in the news for all the wrong reasons. This time it is a heap
overflow in the webcam component. The news was apparently first exposed my McAfee in a blog post at
http://www.avertlabs.com/research/blog/ind...enger-zero-day/ . A second post at
http://www.avertlabs.com/research/blog/ind...er-webcam-0day/ goes into more detail explaining that
you shouldn’t accept unknown webcam invites and to possibly firewall port 5100. Security Focus has
also issued an alert at http://www.securityfocus.com/bid/25330/info but they only classify is as ....
Two For The Price Of One: New Messenger Exploit And A New Way To Get It
(7) A new service run by WSLabi (http://www.wslabi.com/wabisabilabi/home.do?) touts itself as the new
eBay of vulnerability researchers (http://www.securityfocus.com/brief/542?ref=rss). From many years
there has been a battle between security researchers and software publishers over the price or value
of an exploit. As a researcher myself I know how many countless hours go into finding and
developing material that is useful in making an exploit. I could easily turn it into a full time
job. I do it for a hobby but what if someone wants to make it into a full time job? I....
New Yahoo! Web Messenger
(12) Today Yahoo! announced a whole new way to communicate using Messenger. It’s the “all-new Web-based
Yahoo! Instant Messenger.” Ohh wait a minute, wasn’t there already a web version of Yahoo!
Messenger? Despite the fact that the official press release
(http://yodel.yahoo.com/2007/05/02/yahoo-messenger-hold-the-download) makes this out to be something
completely new, a web version of Messenger has been around for years. I of course will be the first
to admit that the old version was so bad that I would like to forget about it too. With the bad
taste of my previous expe....
Yahoo! Protocol: Part 19 - Conclusion
(0) Throughout this tutorial the main objectives has been covered. Part 12 describes the exact packet
structure generated by the shared files boot. Part 15 shows that it is possible to write a booter
from the ground up only using information gathered through a network sniffer. Parts 16-18 shows that
a booter performs its work by creating a timing fault that in turn cases the stack to be corrupted
and an access violation generated. Part 18 also explores why injection of arbitrary code is not
possible using current booter technology. In my closing opinion, I believe that Yah....
Yahoo! Protocol: Part 18 - Arbitrary Code Execution
(0) The holy grail of any exploit is to be able to run arbitrarily injected code. If code from the
attacker can be run on the target system, in most cases the attacker just gained full control of the
target system. An attacker can inject previously tested shellcode onto the victim machine and at the
very least spawn a command prompt. The primary focus of this paper is to take the act of booting
from annoying DoS attacks to much more sophisticated and dangerous remote code execution attacks.
To analyze and follow the execution of Yahoo! Messenger, break points and analysis o....
Yahoo! Protocol: Part 17 - Crash
(0) The results from a crash can be simply summarized in the following statement: “Access violation when
reading (00730079). In windows terms, an access violation occurs when a program tries to read
information from a protected area in memory or a section of memory that does not belong to that
particular program. In this case, Yahoo! Messenger tried to read the memory address 00730079. Table
2 shows the currently allocated memory areas for Messenger sorted by ascending address. Table
2 - Currently Allocated Memory Addresses It is seen that 00730079 is not included ....
Yahoo! Protocol: Part 16 - Assembly Analysis
(0) Overview To truly understand why a booter or any other types of exploits function, an
investigator must have a look at the program’s source code. In the case of Yahoo! Messenger which is
a closed source program, I am forced to dive into the dark and sometimes mystical realm of assembly
debugging. By exploring the Yahoo! Messenger assembly code and the machine state at the time of a
crash I can reveal why, on the machine level, how a booter works. Perhaps more importantly, is it
possible to run arbitrary code from a remote attack. Tools In order to explore the asse....
Yahoo! Protocol: Part 15 - Yahoo! Trainer
(0) Since the writing of this article the Yahoo! Trainer mentioned has gone through several revisions.
The original code may not fully function but can be found at
http://www.ycoderscookbook.com/Files/Yahoo Login Sockets.rar.. The current iteration of the trainer
is called YCC Trainer and can be found at http://www.ycoderscookbook.com/Files/YCC_Trainer.zip .
The latest version currently does not have all of the functionality of the first version but the
code has been rewritten to make it more understandable and a better learning tool. If reading from a
different site, al....
Yahoo! Messenger Through Web
To be? Or not to be?!~ (6) Hello guys, Glad to find here to ask my question, Iam came from here via google. I'm , for many
weeks, seeking for a solution that give me ability for connecting , sending and reciving, PM's
to Yahoo Messenger through web protocol I am proff in php, and now seeking for an easy way , not of
cource socket programming that is hard to implement and buggy , also not every where supported, to
establishing sessions and managing them through HTTP/1.1 , then I will write an application for i.e
auto responding, saving history on web, forwarding,managing and etc... i need ....
Yahoo! Protocol: Part 14 - Remote Code Execution?
(0) Most of the research for these tutorials were created for a research paper that I wrote. It has
been a few years ago now but I believe that this information is still relevant. The purpose of this
paper was as follows: What is the communications protocol used by common booters?
Is it possible to build my own booter program? What causes, at the machine level, the
Yahoo! Messenger program to crash? Is it possible to inject arbitrary code using current
booter technology? In the finial form of this paper I created my own booter prog....
Yahoo! Messenger Plugin Sdk
(3) I read this morning at theunofficialyahooweblog
(http://yahoo.weblogsinc.com/2006/06/19/yahoo-opens-up-messenger-to-3rd-party-plug-ins/) that Yahoo!
has just released a SDK for a plugin engine that will reside in the next version of Messenger. I
can’t wait to dig into this seemingly juicy morsel of Yahoo! fun. I’m not sure what all one can do
with the SDK yet but I will be sure to report what I find. The SDK can be found at
http://developer.yahoo.com/ . A list of already published plugins can be found at
http://us.gallery.yahoo.com/messenger . Does anyone have som....
Messenger Stealth Settings Bug?
(2) I have been having problems with my stealth setting for about a week now. Apparently when I have
all users set to invisible it works fine. Also when I go available everything appears to work fine.
The problems is when I set a custom message all of a sudden the users that I have individually set
to offline can see me. I have not been able to reproduce the results myself but it is starting to
become a problem as people that I would rather not talk to IM me now. Anyone else run into this?
Is this another bug?....
Yahoo! Protocol: Part 11 - Booters Introduction
(5) For whatever reason, certain users feel the need to harass other citizens of the internet. The
following is a typical scenario of what may cause a Yahoo! booter to be used. Bob is an average
computer user that enjoys talking to his friends over Yahoo! Messenger. One day, Bob goes into a
Yahoo! chat room to discuss the topics of the day. After several minutes of intellectual discussion
with members of the chat room, Jane joins the room. From the very beginning, it is apparent that
Jane is in the room to cause trouble and starts a flame war. Bob and Jane quickly star....
Yahoo! Messenger Protocol Tutorial - Part 2
(2) Part 2 - History The need for humans to communicate faster and more efficiently has been one of the
driving forces behind the Internet. Not since the invention of the telephone has communications
between humans been more readily available. The communication power of the Internet began to take
shape in its infancy with one of the first Internet applications, email. While the Internet was
still ARPANET and with only four links, the first email message was sent by Ray Tomlinson in 1971.
The first message consisted of the text “Testing 1-2-3” and did not contain any of th....
Yahoo Messenger 7.0
(12) Yahoo! recently released the official Yahoo! Messenger 7.0. http://messenger.yahoo.com/ This is
the official version and adds some new functionality to the previous Messenger. QUOTE Free
Worldwide PC-to-PC Calls Drag-and-Drop Photos Improved File Sharing I know that it has not been
out that long but i was wondering if anyone else has tried it. I have used it for the past couple
of days and I think it is an improvment, small improvment, yet at least a step in the foward
direction. The most advanced feature that I have tried was to send a file which I almos....
Yahoo! Protocol Tutorial - Any Interest?
(6) Well quite some time ago I got the crazy idea to research Yahoo! Messenger security. Of course this
required me to research the Messenger protocol and to my dismay I found very little. In fact the
only way I could find anything out about how Yahoo! Messenger communicates was to fire up Ethereal
and packet sniff. Well after that I have compled quite abit of information and have created a lot
of supporting diagrams and explinations. I have mapped the login process and many of the more
common events. My question is this: Would anyone be intersted in my findings? If I ....
Looking for yahoo, messenger, protocol,
|
See Also,
*SIMILAR VIDEOS*
Searching Video's for yahoo, messenger, protocol,
|
advertisement
|
|
