IChat with MobileMe + AIM, SSL
I posted this some days ago in the MobileMe forum. I got no answer there, but I think this one should be the more appropriate place to ask about an iChat issue...
One of the potential benefit of setting up a MobileMe account in iChat is the fact that one can have an encrypted audio/video chat. Which is great.
However, there's a quirk, in my view. If I understand correctly, Apple creates and maintains an AIM account (on AOL servers) which has the same ID and the same password of the MobileMe account: which is not so great, but let's go on.
When setting up a new account (of the "MobileMe" kind), iChat, by default, connects with the AIM server without using ssl. This has nothing to do with the audio/video chat which could follow: this is just the initial authentication on the AIM server, and if I'm not mistaken the MobileMe password is sent in the clear. So it's all good and well to have ssl by default on www.me.com, but if you configure a MobileMe account in iChat you send out your password to potential eavesdroppers.
Is this the case?
Please note that I know that I can force ssl in the iChat options. What I'm pointing out is only that this is not the default behaviour.
Moreover, the first connection is made by iChat immediately after having entered the MobileMe username, without waiting for an explicit user command. Even if you do not enter your MobileMe password, iChat gets it from your keychain.
In other words, it seems to me that configuring a MobileMe iChat account implies sending out your MobileMe password at least once unencrypted, unless some convoluted tactics are adopted to stop iChat from connecting.
Is this the case?
I hope someone could confirm or (better) tell me I'm wrong here.
Hi,
On the issue that Apple Creates the AIM Accounts for you.
I have only found this in one Apple Document which suggested the same by the way it was worded.
Due to the fact if the Mobileme (Or @mac.com servers) go down iChat or any AIM app cannot check your password and sign you in the process if obviously different.
It seems that in all cases where AIM have agreements with Service like Apple or ISPs that their servers can check the names and passwords at the various servers involved
The other thing about this is that Apple allow passwords longer than 16 characters.
Using the first 16 characters only does not work which would be the simplest way the method you suggest would be used. (you have to change your password)
I have done a partial test of your other issues.
I Opened my iChat Preferences and created a New account and chose MobileMe
I did not enter a password and clicked Done.
At this point iChat displayed a Buddy List and immediately a Dialogue box asking for a Password.
Like the name I chose something fairly random. The Save to Keychain was not checked.
On Pressing OK the Dailogue box reappeared with the Save to Keychain ticked. I dismissed it. (I checked the Keychain later and it was not Saved there)
In Accounts I went to the Server Setting tab.
It was set up wihout SSL being On.
That needs to be reported here http://www.apple.com/feedback/ichat.html (And have further testing with a registered name)
In all my other accounts I have set up in iChat no Buddy List Window has appeared, saying it is Connecting, until I have pressed the Done Button.
I also know that if you delete the com.apple.ichat.AIM.plist and then restart iChat then your Accounts info is pulled back from the Keychain.
Deleting com.apple.ichat.plist and com.apple.ichat.AIM.plist will cause the Start Up Screens to reappear
This in the AIM options the "first" AIM valid Login details will be Prefilled.
From this I can see that if you have a MobileMe Name and it is use on your Mac somewhere then entering it in iChat may cause the password to be "collected" from the Keychain.
You can still decided to remove it before pressing Done.
The Account will not even try to log on until you have pressed the Done Button.
I tried also to set up an AIM name (I happened to have one not used on this computer)
This did not have the password in the Keychain for any other purposes so it was not pulled up.
The Buddy List did not appear until I pressed Done.
In fact the Add Account pane had closed and the Buddy list said Connecting before Little Snitch told me iChat was connecting to AIM (Again).
This means at no point did my fictitious @Me.com name Buddy List actually make contact with the AIM servers
I checked the Server Settings for this Account and this was a NON SSL login as well.
This surprised me as I seem to remember that the default was for SSL to be Enabled on it's introduction via Upgrade from iChat 3 (I am using iChat 4 on this computer).
You do seem to raise some valid concerns.
I have yet to test in iChat 5.
You should use the feedback site to raise these further.
10:33 PM Saturday; June 4, 2011
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb( 10.6.7)
Mac OS X (10.6.7),
"Limit the Logs to the Bits above Binary Images." No, Seriously
Similar Messages
-
Hi, I am trying to start my iChat account, but for some reason it automatically uses mobileme (which I don't have - I only tried it out a short periode and desided against it). I would like to remove mobileme from iChat, so that I can chat with my friends who do not use mobileme - but I can´t figure it out... I hope someone understands my problem and please help
Hi,
Welcome to the Discussions
When you start up iChat for the First time it will check your Address Book for any valid name that might be used.
This may still list a Trial MobileMe account (It may also show up in System Preferences > MobileMe)
At this point in the start up screen you can remove the info or Chose AIM or @mac.com in the drop down to create an Account using one of those names.
If you continued and the iChat menu > Preferences > Accounts shows a MobileMe Screen name there you can delete it.
AIM Names can be Registered via the link top right of this page https://settings.aim.com/
You can also register a free @Mac.com name here
AIM names, @Mac.com name and Mobileme names are all valid with the AIM service.
This means they Log in to the AIM servers.
If you are using an AIM name you can Add @mac.com and MobileMe names as well as AIM names to the Buddy list (Any of the other combos)
You cannot add Google or Jabber Buddies to a List that Logs in to the AIM servers.
The reverse is also true.
If you previously had a Trial @Mac.com name or had a Paid for .Mac account (still an @mac.com name) and let it lapse (Stopped paying for it) it will still work for free in iChat.
iChat treats @mac.com names and MobileMe names as separate even if you have them Linked in MobileMe for Email purposes.
8:56 PM Monday; October 25, 2010
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
Since upgrading to iChat 4.0, I can't chat with my buddy using Tiger who has an AIM screenname.
What's the first thing to try to rectify the problem?Ok,
What account type do you have ?
Is it @mac ?
Is it paid for ?
Have you checked the Authorization is still current ?
If not @mac have you tried deleting com.apple.ichat.AIM.plist for Users/(your account)/Library/Preferences ?
This will also lose bubble colours, font choices and Alerts plus Saved Status Messages.
Restart iChat.
Make sure port 5190 is open to the UDP protocol in your routing Device if using Port Forwarding.
10:56 PM Thursday; November 1, 2007 -
I can't connect to iChat with the AIM ID.
Everytime I try to connect comes a message saying that My password, or ID are wrong. And I'm pretty sure they are right. I log on normally in the AIM site.... And I've already tried to change the port to the 443. Pleeeease, I need help...
Hi,
Try deselecting the SSL option (or turning it On again if Off)
9:50 PM Sunday; March 7, 2010
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
I'm getting an error message saying that "iChat can't communicate with the AIM account __"
I'm getting an error message saying that "iChat can't communicate with the AIM account __" I don't know what to do because google.com isn't coming up either...Please help!
Hi,
For any AIM valid Name (AIM, @mac.com or MobileMe) go to the IChat Menu > Preferences > Accounts
Select the account in the list then in the Server Settings tab change the port from 5190 to 443
Also try it without the SSL option.
(Go to the Account info tab to select the Use this Account option to Log in).
Do you mean you have a GoogleTalk account of some kind ?
One based on Google Mail accounts (@gmail.com or @googlemail.com) should have talk.google.com listed as the server in iChat (Server Settings for your Google Account)
There are Other Google accounts (Non Email) that can have Talk Enabled and these do connect to a server called google.com
Both these forms login to the Jabber servers involved on port 5223 and use SSL
It is possible with Google though to also change this to port 443.
(Other Jabber servers will not allow it)
8:20 PM Friday; June 3, 2011
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb( 10.6.7)
Mac OS X (10.6.7),
"Limit the Logs to the Bits above Binary Images." No, Seriously -
IChat can't communicate with the AIM account error window! please help!
Hello, I have been trying to connect to my AIM account via iChat and for some reason it doesn't let me. A window saying the following appears:
"iChat can't communicate with the AIM account "name of account".
"An undefined AIM socket error has occurred."
Please help with this. What is going on?Hi,
An @Mac.com name is a valid AOL/AIM Screen Name.
Any Issues and the AIM servers will say the AOL/AIM name or password is incorrect.
As I said earlier, there can be issues if when you create an @Mac.com or even a MobileMe account Apple lets you create passwords of up to 20 characters (I think).
The issues is the AIM Server can check the name with Apple but don't parse Passwords that have more then 16 characters (You have to change the Password to 16 characters or less).
There is also another issue.
Creating a Name at the @Mac.com page allows you to use spaces as valid characters (As In ralph [email protected]) but again the AIM servers cannot parse these names as Spaces are not Valid at AIM
Use iForgot to check the name. You can also change passwords via this.
Use the On Line option and answer the security questions.
That should confirm whether the account/Screen Name/Apple ID works.
Then go to this page https://settings.aim.com/
Use the Sign In option top right.
Enter your @mac.com name and password (It will read AOL at the next page to do that)
If it works properly then you should be returned to the page I linked you to but it will now have your Screen Name showing above the menu area.
This will confirm that the @Mac.com name is accepted as a AIM Screen Name.
If you are still having issues, go to the iChat Menu > Preferences > Accounts
In the Account Info tab make sure you are logged out (Deselect "Use this Account")
Go to the Server settings tab
Change the port from 5190 to 443 (it may also pay to deselect SSL)
Log back in again.
Deleting com.apple.ichat.AIM.plist may help.
If the issue is an incorrect password you may need to delete the entry from the KeyChain (Use KeyChain Access in the Applications/Utilities folder)
Hope this helps.
9:33 PM Thursday; March 10, 2011
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
IChat can't communicate with my AIM account
Hi, every time i try go to to my ichat it automatically logs me out, and when i try to log back in, it says "iChat can't communicate with the AIM account 'aforever0203' and The AIM server has temporarily limited your account due to too much activity. Try again in a few minutes" This has been happening for days, please help!
HI,
Go here https://settings.aim.com/
Can you sign in there ?
This will not work for newer @me.com and @icloud.com IDs issued under iCloud ( I notice there are at least 2 Me Toos clicked)
With Apple IDs there have been issues over the last few months about accounts getting Suspended when people have travelled to foreign lands.
The "normal" fix with AIM names is to Change the Password but obviously changing the Apple Passwords cannot be seen by AIM.
In that case you need This link about Suspended accounts and you need to use the TOS General email address.
(You need to explain very carefully that you have an Apple ID and that AIM cannot see any Password Change and that they will have to reset the account manually - some support staff seem not to know that Apple have an agreement that Apple IDs are also AIM Valid Names)
If it is a plain AIM name a Password reset should correct the issue.
11:09 PM Saturday; January 12, 2013
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
iMac 2.5Ghz 5i 2011 (Mountain Lion 10.8.2)
G4/1GhzDual MDD (Leopard 10.5.8)
MacBookPro 2Gb (Snow Leopard 10.6.8)
Mac OS X (10.6.8),
Couple of iPhones and an iPad
"Limit the Logs to the Bits above Binary Images." No, Seriously -
Multiple video ichat with a PC AIM buddy - possible?
can you do a multiple video chat on iChat with someone who is on a PC AIM?
Hi
Not iChat to PC AIM.
Have a look at this web based multi-video(upto 8) http://www.mebeam.com/ -
Does anyone know how to chat with iChat 5 connected to a pc with Vista/Aim?
I still can't video chat with relative who has Vista and AIM.
Has anyone actually succeeded with this?
Len in NCHi,
Since iChat 3 and AIM on a PC at AIM 5.9 this does seem to have gotten more and more difficult.
To Summarise.
Allow AIM App through Windows Firewall
If The routing device uses UPnP Enable that as well.
In the routing device make sure the AIM port are allowed (If not using UPnP then port 5190, 443 and 1024-5000 should be forwarded)
AS iChat is one of the AIM Clients that can not work with "Real Time" in AIM 6.5 and upwards this should be turned Off at the AIM end.
The six names in Table 1 should be added to Test with (preferably at both ends).
These names show IPs as if they are connected direct to the Internet (No Routing device meaning NO NAT) and can be more successful than your Buddies because of this.
At the Mac End.
The Firewall in Snow Leopard can be Off
If ON, it should have Allowed Signed Apps enabled in the Advanced Button and iChat added to the list.
In the routing device the use of UPnP is better as it allows you to Screen Share in iChat with other Mac Buddies using iChat.
Alternatives.
This section of my Page 5 http://www.ralphjohns.co.uk/page5.html#_other at items 9 through 12 (Web Based Video Chat sites)
Tokbox allows you to link to your existing Buddy Lists. Mebeam is the least fussy layout.
Other options at in the items 5 though 8 (Cross Platform apps that do the same sort of thing).
I may receive some form of compensation, financial or otherwise, from my recommendation or link.
9:07 PM Wednesday; February 10, 2010
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
IChat can't communicate with the Aim account
Recently, my iChat AV stopped working, displaying a message iChat can't communicate with the Aim account "xxxxxxxxx". None Time
I have been able to successfully log on with other accounts using the application.
I have tried the 443 port switch and the firewall technique.
This problem may coincide with my use of an aim importer client on facebook
I have since severed all ties between the aim account and the facebook account
I have tried using Adium and aim express but to no avail.
Aim express consistently displays the message saying that I have attempted to log on too many times and to try again, even after I restart the computer and wait half an hour.
Any help would be much appreciated.
ThanksHi,
Welcome to the Discussions
Umm, Sounds like an issue created by trying to unhook Facebook from AIM.
Try filling in this page and see if it helps
http://www.aim.com/suspended_account/report.adp
You will not get a reply and it may still take a day or two.
10:20 PM Thursday; September 16, 2010
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
Can two peeps use iChat with different accounts on the same computer?
What do I do to REMOVE an old AIM account and replace it with a new account in IChat?
Can two peeps use iChat with different accounts in the same computer?
(Actually, two people share a laptop, but one of us cannot use her AIM account cuz mine is in iChat already... And, when traveling, I have the computer - and I would like to use iChat on the computer...)In iChat 4 you can have more than one AIM Valid name logged in at once.
AIM valid = AIM, @mac.com or a MobileMe name.
What you are then stuck with is that iChat is linked to one Buddy Picture and The one Mac User Account's Address Book which may or may not have Full Names, emails details, or a Nickname in iChat 4 linked to the Screen Names.
Whilst it does let you both log in whilst using one Mac User Account there are drawbacks about who uses the keyboard and reading meesages from the other persons Buddies.
8:50 PM Sunday; November 30, 2008 -
How to make an account in iChat with Apple ID but no .mac?
Hi everyone,
my Apple ID is my email adress but not ending with @mac.com or @me.com. How can I make an account in iChat with my Apple ID without making an extra ID with an @mac.com name?
ThanksHi,
An Apple ID that you may use for Logging in to Discussions to Post and may also link to your iTunes account and the Apple Store purchases is not the same as an Account/Screen Name for iChat.
@mac.com names were at one time given out when you purchased the .mac service (predecessor to MobileMe).
However trial versions on .mac allowed the name to work in iChat after the trial was up (As well as Lapsed Paid for ones)
The Email services stopped at the end of the trial or if you stopped paying for the service.
However when MobileMe started and replaced .Mac people could elect to keep their @Mac.com names
Therefore @mac.com name may or may not be valid email addresses.
Since then Apple have allowed new @mac.com names to be created to use as free iChat names (not valid Email Addresses)
Apple names ending @mac.com and @Me.com (MobileMe) are valid AIM screen Names in iChat. (Agreement between Apple an AIM)
(MobileMe is free during the trial period but requires Credit Card up front and Active discontinuation before the Trial is up and also does not work after the Trial is cancelled)
You can also Use AIM names Register here
These tend to not have any @something.com suffixes.
You can also use any GoogleMail ID if you enable Talk on your Google account.
Using a third Party Jabber app you can register a Jabber ID (Also looks like a email address) as most Jabber servers doe not have Web Browser accessible registration pages.
Summary.
An Apple ID created to Login into Discussions is unlikely to be linked to iChat.
(it can be done as you say with @Mac.com or @Me.com names)
An Apple ID can be linked to iTunes and for making On-line Store purchases.
There are options to creating an iChat ID.
AIM would most likely suit you needs of not having an @mac.com or @me.com suffix
Jabber names look like Email Addresses but rarely work as such with the exception of GoogleTlak/GoogleMail IDs
NOTES:-
A GoogleTalk or Jabber ID can add Jabber or GoogleTalk Buddies but not those that Login to AIM.
A Valid AIM Screen Name can not have Jabber/GoogleTalk Buddies added to it.
An AIM valid Screen name could be from AIM or Apple (@mac.com or @me.com) or from any other ISP AIM has an Agreement with for using their Email Address.
This last part means you may see Buddy's screen Names that have other @ type suffixes
In fact the AIM Registration page allows you to use any Email as the Screen Name (I have seen a Hotmail one used)
This means as both AIM and Jabber use names that end @server(mail or otherwise).com/net/whatever as there can be some confusion when adding Buddies to a Buddy List.
I hope I have been clear enough.
10:31 PM Sunday; September 12, 2010
Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat" -
I don't understand relationship between ichat and mobileme (or google talk)
Hello,
I don't have a mobileme account and I am using ichat just fine. The documentation says you need a mobileme account, so I'm confused. Also, my ichat on my desktop seems to be a mirror of my google talk -- the chat that shows up on my google mailbox page.
Can someone just explain the basic relationships here?
Not getting any younger,
thanks!I don't have a mobileme account and I am using ichat just fine. The documentation says you need a mobileme account, so I'm confused.
You need a MobileMe or AIM account to use the MobileMe/AIM service. Google Talk and Jabber accounts use a different service.
Also, my ichat on my desktop seems to be a mirror of my google talk -- the chat that shows up on my google mailbox page.
If your Google account is active and logged in with iChat, you will see the content of Google Talk in iChat.
(36765) -
Is it possible to video ichat with windows?
Hi,
I have a friend using a Windows XP pc and she would like to video conference with my Mac.
Is it possible for me to connect and have a video conference with a Windows XP guest?
What software (application) is needed?
I am using iChat with my powermacG5, works great when I connect with other Mac.
ThanksHi
For AIM set-up for PC http://www.mvldesign.com/videoconferencetutorial.html#xp they must be using AIM5.9 and not AIM Triton.
You might have better success using Skype to a PC.
For Skype for Mac http://www.skype.com/download/skype/macosx/videopreview.html
For PC http://www.skype.com/download/skype/windows/helloagain.html
Tony -
Hi, this is probably a stupid question. I have a new iMac (at home) and I take my MBP on the road. I am a .Mac subscriber. So I use my .Mac account to iChat frequently. But how do I set it up so I can iChat with my family when I am on the road? Understand my question? I assume the answer has something to do with getting another account. Can I have multiple iChat names with my one .Mac account? Should I get a free AIM account. (I know nothing about how to do this, so any help would be appreciated.)
Thanks... and I always mark helpful/solved when I get helpful answers.Hi Pianafiddle,
You need to create a second screen name.
iChat 2.x used to be able to Text chat to the same screen name and log in twice (if you ignored the Text message from AIM about it).
Now although iChat can be set to allow Multiple Logins it has been changed so you can not add your own Screen name to your own Buddy List.
As far as .Mac goes Aliases do not work although a new trial account will still work beyond the sixty days if you don't pay for it making it a free screen name.
AIM and/or .Mac screen names will work.
If you choose .mac make sure the password is not more than 16 characters.
You can create longer ones but the AIM servers do not allow them.
10:53 PM Thursday; September 20, 2007
Maybe you are looking for
-
How do i install windows on mavericks using MDT?
I have no problems installing 7 thru dvd or usb, but cannot get it to install using MDT
-
InternalCatalogException in Reporting Services 2008 - no reports rendering
Hi all, We've had an unexpected outage on two of our reporting services server overnight and we're hoping someone can point us in the right direction. We have a Windows Server 2008 machine running about 5 instances of reporting services in standalon
-
it is a scenario where iam not able to get the logic pls help me, A new material is launched, so company wants to give a special offer for the first 5 customers and after which only a particular number range (ex: 3500- 3800), system should give 5% di
-
I would greatly appreciate any help with this thank you!
-
Incorrect oracle query in perl
I the the following perl script, however it does not return anything. Did i form my syantax wrongly? $sth=$dbh->prepare("select a.rowid,a.* from Table1 a where a.field1 = \'$Indicator1\' and a.schedule = \'$Indicat