"Lets go over a couple of things first. When you IM a
person it does not go directly from you to them. It goes from you,
to a server run by the IM providor, and then relayed to your
friend. There are multiple security issues here. First, the obvious
fact that by default nothing is encrypted anywhere between the
three systems in use. Second, your IM conversation is stored
temporarily or PERMANENTLY on the IM providers server. While Google
offers you the option to save your chat transcripts or go
"off-the-record" (don't confuse this with the OTR application I
mention later) I choose not to trust any IM providor.
"Now, you might be thinking "Yahoo chat offers me encryption so
why not use their built in functionality?". Well, if you don't want
random people on the internet sniffing your traffic this may be
good enough for you. However, if you want to make sure NOBODY
(including the chat providors) can see your IM conversation then
you need to use a technology/program that uses their network but is
not controlled by them, therefore giving you freedom and a much
higher level of security"
