`
`
`
`
`
`DHGITAL
`PRESS
`
`John W. Rittinghouse
`
`James F. Ransome
`
`
`
`
`
`Page 1 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 1
`
`Page 1 of 13
`
`
`
`Facebook's Exhibit No. 1025
`Page 1
`
`

`

`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`1n:
`
`Elsevier Digital Press
`30 Corporate Drive, Suite 400, Burlington, MA 01803, USA
`Linacre House, jotdan Hill, Oxford OX2 8DP, UK
`
`Copyright © 2005, John W Rittinghouse and James F. Ransomc. All rights reserved.
`
`No part of this publication may be reproduced, stored in a retrieval system, or
`transmitted in any form or by any means, electronic, mechanical, photocopying,
`recording, or otherwise, without the prior written permission of the publisher.
`
`Permissions may be sought directly from Eisevier’s Science 85 Technology Rights
`Department in Oxford, UK: phone: (+44) 1865 843830, fax: (+44) 1865 853333,
`e—mail: permissions@elsevier.eom.ul(. You may also complete your request onaline
`via the Elsevier homepage {http:/r‘elsevier.corrt), by selecting "Customer Support”
`and then “Obtaining Permissions.”
`
`@Recognizing the importance of preserving what has been written, Elsevier prints its
`books on acid—free paper whenever possible.
`
`Library of Congress Cataloging-in-Publication Data
`Application Submitted.
`
`ISBN: 1—55558—338—5
`
`British Library Cataloguing-in—Publication Data
`A catalogue record for this book is available from the British Library.
`
`For information on all Blsevier Digital Press publications
`visit our Web site at wwwboolcsclseviencom
`
`050607080910987654321
`
`Printed in the United States ofAmerica
`
`
`
`Page 2 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 2
`
`Page 2 of 13
`
`Facebook's Exhibit No. 1025
`Page 2
`
`

`

`Contents
`
`List of Figures and Tables
`
`Acknowledgments
`
`Foreword
`
`-
`
`_
`
`I
`
`Introduction
`
`H Purpose and Audience
`|.2 What to Expect from This Book
`I3 What Is “‘1?
`
`IM and its History
`l.3.l
`IM as an Integrated Communications Platform
`L32
`Common IM Application Approaches
`I .3.3
`l.3.4 Who Uses IM?
`
`L35 What Are the Advantages of Using IM?
`|.3.6 What Are the Risks of Using IN?
`Summary
`Endnotes
`
`1.4
`I5
`
`2 How Does IM Work!
`
`2.l
`
`High-LevelView of IM
`2.! .|
`The Presence Service
`
`2.2
`
`2.3
`
`The Instant Messaging Service
`2. | .2
`Basic IM Features
`
`Enterprise Instant Messaging Considerations
`2.3.!
`Operating System
`2.3.2
`Database
`
`2.3.3
`2.3.4
`
`Directory Services
`Interoperability
`
`xiii
`
`xv
`
`xvii
`
`I
`
`I
`
`2
`2
`
`3
`6
`7
`7
`
`l
`i
`IS
`27
`27
`
`3|
`
`3|
`32
`
`38
`40
`
`42
`42
`43
`
`43
`43
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 3 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 3
`
`Page 3 of 13
`
`Facebook's Exhibit No. 1025
`Page 3
`
`

`

`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`2.3.5
`2.3.6
`2.3.7
`2.3.8
`2.3.9
`
`Schema Change Requirements
`Standards Based for Third-Party Support
`Compliance Management
`Remote Access
`Cost Considerations
`
`2.4 An Enterprise ElM Nightmare Scenario
`2.5
`An Overview of Mobile and Wireless Instant Messaging
`25. I
`What Is Mobile Instant Messaging?
`2.5.2
`What IsWireless Instant Messaging?
`2.5.3
`Short Message Service
`2.5.4
`Wireless Application Protocol
`2.5.5
`General Packet Radio Service
`2.5.6
`The Future ofWIM
`2.5.7
`The Future of MIM
`
`2.6
`2.7
`2.8
`
`Selecting and Securing anM Solution
`Summary
`Endnotes
`
`3
`
`[M Standards and Protocols
`
`3.[
`
`3.2
`
`3.3
`3.4
`
`Extensible Messaging and Presence Protocol—RFC 2778
`3.].[
`jabber and the IN Community
`Jabber Protocol and XMPP
`3.2.I
`Architectural Design
`Instant Messagingr'Presence Protocol—RFC 2779
`Session Initiation Protocol
`3.4.]
`3.4.2
`3.4.3
`
`SIP Security
`Existing Security Features in the SIP Protocol
`Signaling Authentication Using HTTP
`Digest Authentication
`SIMIME Usage within SIP
`Confidentiality of Media Data in SIP
`TLS Usage within SIP
`[Psec Usage within SIP
`Security Enhancements for SIP
`SIP Authenticated Identity Body
`SIP Authenticated Identity Management
`SIP Security Agreement
`SIP End-to—Middle, Middle-to—Middle.
`
`3.4.4
`3.4.5
`3.4.6
`3.4.7
`3.4.8
`3.4.9
`3.4.10
`3.4.} |
`3.4.12
`
`Contents
`
`43
`44
`44
`44
`44
`45
`46
`46
`47
`47
`47
`48
`48
`49
`49
`5 I
`52
`
`53
`
`53
`57
`58
`59
`65
`66
`68
`69
`
`69
`69
`70
`70
`7|
`7|
`7|
`7]
`72
`
`73
`Middie-to-End Security
`
`73
`SIP Security Issues
`75
`3.5
`SIP for IM and Presence Leveraging Extensions
`
`
`
`3.4.[3
`
`Page 4 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 4
`
`Page 4 of 13
`
`Facebook's Exhibit No. 1025
`Page 4
`
`

`

`Contents
`
`
`
`3.6
`3.7
`
`The Future of IM Standards
`Endnotes
`
`4
`
`IM Malware
`
`4.|
`
`Overview
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Instant Messaging Opens New Security Holes
`4.l .l
`Legal Risk and Unregulated Instant Messaging
`4.|.2
`The Use of IM as Malware
`4.2
`4.3 What Is Malware?
`4.3. I
`Viruses
`4.3.2 Worms
`4.3.3 Wabbits
`
`4.3.4
`4.3.5
`4.3.6
`4.3.7
`4.3.8
`
`Trojan Horses
`Spyware
`Browser Hijackers
`Blended Threats
`Backdoors
`
`Exploits
`4.3.9
`4.3. IO Rootkits
`4.4 How Is IM Used as Maiware?
`4.4.I
`As a Carrier
`
`4.4.2
`4.4.3
`4.4.4
`4.4.5
`
`As a Staging Center
`As aVehicle for General Hacking
`As a Spy
`As a Zombie Machine
`
`As an Anonymizer
`4.4.6
`Summary
`Endnotes
`
`4.5
`4.6
`
`5
`
`IM Security for Enterprise and Home
`
`S.l
`
`How Can IM Be Used Safely in Corporate Settings?
`5.|.|
`Understanding IM and Corporate Firewalls
`5. | .2
`Understanding IM File Transfers and Corporate Firewalls
`5.l.3
`Blocking and Proxying Instant Messaging
`5.|.4
`IM Detection Tools
`
`76
`78
`
`8|
`
`8|
`
`83
`85
`86
`87
`88
`88
`88
`
`89
`90
`90
`9|
`9|
`
`93
`93
`95
`96
`
`99
`IOO
`I04
`I07
`
`I 09
`I
`|
`l
`l
`I
`I
`
`I I3
`
`I I6
`I I6
`I I9
`I20
`In
`
`
`
`
`
`
`Contents
`I
`
`
`5.2
`
`5.3
`
`Legal Risk and Corporate Governance
`5.2.I
`Legal Issues with Monitoring IMTraffic
`Corporate IM Security Best Practices
`5.3.I
`Start from the Firewall
`
`5.3.2
`
`Consider the Desktop
`
`I22
`I24
`I24
`I25
`
`I25
`
`Page 5 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 5
`
`Page 5 of 13
`
`Facebook's Exhibit No. 1025
`Page 5
`
`

`

`
`
` viii
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`5.3.3
`
`5.3.4
`5.3.5
`5.3.6
`5.3.7
`
`Install Patches to [M Software ASAP
`
`Enforce Client-Side [M Settings
`1M Proxy Gateways
`VPNs
`Antivirus
`
`5.4
`
`Set up ContainmentWards
`5.3.8
`Secure information with Encryption
`5.3.9
`[M System Rules, Policies. and Procedures
`5.3.10
`5.3.1 | Monitor to Ensure 1M Client Policy Compiiance
`Security Risks and Solutions for Specific Public 1M Clients
`5.4.1
`MSN Messenger
`5.4.2
`Yahoo! Messenger
`5.4.3
`America Online 1nstant Messaging
`5.4.4
`ICQ
`
`Beware of [M Third-Party Clients and Services
`5.4.5
`5.5 Home [M Security Best Practices
`5.6
`Summary
`5.7
`Endnotes
`
`6
`
`[M Security Risk Management
`
`6.[
`
`6.2
`6.3
`
`[N Is a Form of E-mail
`
`[M Security and the Law
`Cybersecurity and the Law
`6.3.1
`The 1996 Nationai Information Infrastructure
`Protection Act
`President's Executive Order on Critical
`Infrastructure Protection
`The USA PatriotAct of 2001
`
`6.3.2
`
`6.3.3
`
`The Homeland SecurityAct of 2002
`6.3.4
`[M Must Be Managed as a Business Record
`[M Risk Management
`Summary
`Endnotes
`
`6.4
`6.5
`6.6
`6.7
`
`7 The Business Value of IM
`
`7.1
`7.2
`7.3
`7.4
`7.5
`
`Ubiquitous Presence andWorld‘low
`It's All about Cuiture
`Overall ROI for [M
`The Choice IsYours
`Endnotes
`
`Contents
`
`126
`
`126
`126
`127
`128
`
`128
`[29
`130
`131
`132
`132
`137
`145
`153
`
`156
`[58
`161
`161
`
`{65
`
`[65
`
`166
`169
`
`170
`
`170
`[71
`
`[75
`[88
`[89
`[91
`[9|
`
`I95
`
`195
`200
`202
`204
`205
`
`
`
`
`
`Page 6 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 6
`
`Page 6 of 13
`
`Facebook's Exhibit No. 1025
`Page 6
`
`

`

`
`
`;
`
`‘
`
`Contents
`
`8
`
`The Future of IN
`8.|
`The Pervasive Network
`
`Peer-to-Peer Instant Messaging
`8.2
`Peer-to-Application (the Human-Computer Interface)
`8.3
`8.4 Machine-to-Machine (Application-to-Application)
`8.5
`iabber
`8.6
`Security and Government Compliance
`8.7
`The Business Impact
`8.8
`Endnotes
`
`A General Network Security
`
`A.i
`A2
`A3
`
`Threats to Personal Privacy
`Fraud and Theft
`internet Fraud
`
`AA Employee Sabotage
`A5
`Infrastructure Attacks
`A6 Malicious Hackers
`A] Malicious Coders
`
`AB Industrial Espionage
`A9
`Social Engineering
`A.9.|
`Educate Staff and Security Personnel
`A92
`Crafting Corporate Social Engineering Policy
`A.9.3
`Prevention
`ABA
`Audits
`
`A.9.5
`A.9.6
`
`A.9.7
`A.9.8
`
`Privacy Standards and Regulations
`NAIC Model Act
`
`Gramm~Leach-Biiiey Act
`HIPAA
`
`AJO Summary
`Al | Endnotes
`
`B Managing Access
`SJ
`Access Control
`
`B. H
`B. |.2
`
`B. L3
`B. L4
`B. I.5
`B. L6
`
`Purpose ofAccess Control
`Access Control Entities
`
`Fundamental Concepts ofAccess Control
`Access Control Criteria
`Access Control Models
`Uses of Access Control
`
`ix
`
`207
`209
`
`2| |
`2| I
`2I2
`214
`2 I 5
`2|?
`2 I 8
`
`2I9
`
`220
`220
`22|
`
`223
`224
`224
`225
`
`225
`228
`229
`23|
`232
`232
`
`232
`233
`
`234
`235
`
`237
`238
`
`2:”
`24|
`
`24|
`242
`
`242
`244
`244
`249
`
`.._.._ — . ....._.___!
`
`Contents
`
`
`
`Page 7 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 7
`
`Page 7 of 13
`
`Facebook's Exhibit No. 1025
`Page 7
`
`

`

`
`
` x Contents
`
`B. | .7
`B. | .8
`B. | .9
`
`Access ControlAdministration Models
`Access Control Mechanisms
`Internal Access Controls
`
`3.2
`
`. 10 Techniques Used to Bypass Access Controls
`B. |
`Password Management
`B21
`SmartCards
`
`B22
`8.2.3
`
`Biometric Systems
`Characteristics of Good Passwords
`
`Password Cracking
`B24
`3.2.5 Windows NT LUphtCrack (LC4)
`3.2.6
`Password Cracking for Self-Defense
`B27
`UNIX Crack
`
`B28
`B29
`
`john the Ripper
`Password Attack Countermeasures
`
`3.3
`BA
`8.5
`
`Physical Access
`Summary
`Endnotes
`
`C
`
`Security Management Issues
`
`CI Organizational Security Management
`C. l.|
`Perceptions of Security
`C12
`Placement of a Security Group in the Organization
`C. 1.3
`Security Organizational Structure
`C. 1.4
`Convincing Management of the Need
`C. [.5
`Legal Responsibilities for Data Protection
`C. [.6
`DHS Office of Private Sector Liaison
`
`C2 Security ManagementAreas of Responsibility
`C21
`Awareness Programs
`C22
`Risk Analysis
`C23
`Incident Handling
`C24 Alerts and Advisories
`
`C25 Warning Banners
`C26
`EmployeeTermination Procedures
`C27
`Training
`C28
`Personnel Security
`C29
`Internet Use
`C.2.|0 Email
`C.2.| l Sensitive Information
`
`C2 | 2 System Security
`C2 | 3 Physical Security
`Security Policies
`
`C3
`
`249
`251
`25[
`
`256
`257
`258
`
`258
`258
`
`259
`260
`260
`26|
`
`262
`263
`
`263
`263
`264
`
`265
`
`266
`266
`266
`267
`268
`268
`269
`
`269
`270
`27 |
`272
`273
`
`274
`274
`275
`275
`276
`276
`276
`
`277
`277
`278
`
`
`
`Page 8 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 8
`
`Page 8 of 13
`
`Facebook's Exhibit No. 1025
`Page 8
`
`

`

` Contents
`
`
`
`CA Basic Approach to Policy Development
`C.4.I
`Identify What Needs Protection and Why
`C.4.2 Determine Likelihood ofThreats
`
`Implement Protective Measures
`C.4.3
`C.4.4 What Makes a Good Security Policy?
`C.4.5
`Review and Assess Regularly
`CS Security Personnel
`C.5.l
`Coping with lnsiderThreats
`C.5.2 How to identify Competent Security Professionals
`C53 How to Train and Certify Security Professionals
`C.5.4
`Security-Related job Descriptions
`C6 Management of Security Professionals
`C.6.l
`Organizational Infrastructure
`C.6.2
`Reporting Relationships
`C63 Working Relationships
`C.6,4 Accountability
`Summary
`C]
`C8 Endnotes
`
`D IN Policy Essentials
`
`ABC Inc. Information Security Acceptable Use Policy
`D.l
`D2 ABC Inc. E-maili'lM Use Policy
`[)3 ABC Inc. E-maili'lM Retention Policy
`
`E Glossary, References, and Policy Issues
`
`278
`279
`279
`
`280
`28|
`283
`283
`283
`285
`286
`289
`295
`295
`296
`297
`297
`298
`298
`
`299
`
`300
`306
`308
`
`3| I
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IM Specific Glossary
`E.|
`E2 General Security Glossary
`E3
`References
`
`Index
`
`3| |
`3 l6
`342
`
`349
`
`
`
`
`
`
`WiJ
`
`Contents
`
`
`Page 9 of 13
`
`Facebook's Exhibit No. 1025
`
`Page 9
`
`Page 9 of 13
`
`Facebook's Exhibit No. 1025
`Page 9
`
`

`

`
`
`L3 What Is “‘4?
`
`l.3.l
`
`IM and Its History
`
`In our fast—paced world there are times when even the rapid response of e-
`mail is not Fast enough. There is no way for you to know if the person you
`are sending e-mail to is online at that moment. This is one of the reasons
`why 1M has gained popularity, acceptance, and become a desired tool in the
`workplace. IM provides us with the ability to maintain a list of people,
`often called a buddy list or contact list, whom we want or need to interact
`with. IM monitors our list of people and their status of being online or
`offline. If they are online, we can send messages back and forth. Businesses
`today are increasingly viewing IM as an excellent productivity and continue
`nication tool that complements voice mail and email. In order for there to
`be complete acceptance, there needs to be specific security, accountability,
`and uniformity among 1M solution providers. There needs to be policies
`that protect critical organizational interests and comply with federal man—
`dates and regulations. Corporations want IM solutions that provide seam—
`less security, full audit trails, identity controls, and administrative controls.
`Most corporations agree that message encryption is essential.
`
`There are three basic types of IM, as follows:
`
`1.
`
`2.
`
`3.
`
`Public messaging
`
`Enterprise messaging
`
`Wireless messaging
`
`in 1987, a computer scientist at MIT developed an instant—messaging
`program called Zephyr in order to provide a system that was Faster than e—
`mail, which had begun to be bogged down, so that urgent messages
`regarding the school’s network and server could be received instantly in
`case, for example, the school’s network server was going down. Soon, stu-
`dents adopted Zephyr as a form of easy communication that could be used
`while they worked at
`their computers. This technology was quickly
`adopted by other universities, and the simple early warning system that
`Zephyr was originally designed to be was repurposed, becoming a popular
`tool of conversation and information exchange called 1M. IM as we know
`it today was created in july 1996 by four young Israeli entrepreneurs. Yair
`Goldfinger, Arik Vardi, Sefi Vigiser, and Amnon Amir, started a company
`called Mirabilis in order to introduce a new way of communication over
`the internet. They created a technology that would enable Internet users to
`locate each other online on the Internet and create peer—to—peer communi-
`
`
`.l Chapterl
`
`-—--
`
`
`
`Page 10 of13
`
`Facebook's Exhibit No. 1025
`
`Page 10
`
`Page 10 of 13
`
`Facebook's Exhibit No. 1025
`Page 10
`
`

`

`|.3 What IS IN? 4
`
`cation channels easily. They called their technology ICQ (I seek you) and
`released it in November 1996. Within six months, 850,000 users had been
`
`registered by Mirabilis. By June 1997, Mirabilis was able to handle
`100,000 concurrent users and had become the world’s largest Internet
`communications network. Mirabilis and ICQ were acquired by America
`Online, Inc, in June 1998 for $287 million. AOL had also created its own
`Instant Messenger system. By that time, Microsoft had created its own IM
`client and service, MSN Messenger, and another Internet heavyweight,
`Yahool. created one as well. Because IM services evolved from proprietary
`systems created by companies to make a profit,
`their systems remain
`unable to interopei'ate because of the desire to control the 1M market.
`AOL and ICQ, even though owned by the same company, are not interop—
`erable. ICQ currently has two clients: ICQ4 Lite Edition with Xtraz (Fig—
`ure 1.1} and I‘CQl’roTM (Figure 1.2) [5,6].
`
`The AOL and ICQ clients cannot communicate with one another, and
`AOL maintains both systems and market dominance in the IM field. All
`this may change soon. Conditions of the AOLwTime Warner merger
`required AOL to open up its IM systems [7]. In its analysis oFIM, the FCC
`concluded that the merger would combine an essential input of AOL’s
`dominant [M service and future IM—hased services—chiefly, the Names and
`Presence Directory (NPD)—with assets ofTime Warner, including its cable
`
`—p
`
`Figure 1.2
`[CQTMPJR
`
` : 7‘on
`
`:trs Lin-r): Sale .3:
`C7 Icr'u C‘“ 1 WIN-1
`
`
`
`
`
`Page 11 of13
`
`Facebook's Exhibit No. 1025
`
`Page 11
`
`Page 11 of 13
`
`Facebook's Exhibit No. 1025
`Page 11
`
`

`

`L3 What Is lP’l?
`
`facilities and Road Runner ISP. An 1M provider’s NPD consists of a data-
`base of its users’ unique IM names, their Internet addresses, and a “presence
`detection” function, which indicates to the provider that a certain user is
`online and allows the provider to alert others to this information. The FCC
`noted that these features created a market with strong network effects.
`AOL, with by far the largest NPD, resisted making its 1M services interop—
`erable with other providers’ services. The merger brought Time Warner’s
`cable Internet platform and content library under AOL’s control and gave
`AOL Time Warner a significant and anticompetitive firstamovet advantage
`in the market for advanced, lM-based high~speed services (All—l5). Potential
`All—l3 applications include those using streaming video (lengthy, high—
`quality, onea or two‘way video). The merger would frustrate the objectives
`of the Communications Act by preventing the emergence of a competitive
`and innovative market for advanced, IM‘based services. This would violate
`
`key Communications Act principles, including the further development of
`healthy competition in the Internet and interactive services arena. The FCC
`did not establish an interoperability protocol. Rather,
`the FCC’s remedy
`requires AOL Time Warner to follow a protocol developed by the industry
`or to create a protocol with other IM providers pursuant to contracts. Thus,
`the FCC did not create and will not review an Internet protocol.
`
`The FCC imposed an “IM condition” on the merger to avert market
`harm now so that it would not be required to regulate “VI in the future.
`Given AOL Time Warner’s likely domination of the potentially competitive
`business of new, IM-based services, especially advanced,
`lM—based high—
`speed services applications, the FCC ruled that AOLTime Warner may not
`offer any AIHS steaming video applications that use a Names and Presence
`Directory (NPD) over the Internet via AOL Time Warner broadband facil-
`ities until the company demonstrates that it has satisfied one of three pro—
`competitive options filed by the FCC. AOL Time Warner must file a
`progress report With the FCC, 180 days from the release date of the order
`and every 180 days thereafter, describing in technical depth the actions it
`has taken to achieve interoperability of its lM offerings and other offerings.
`These reports will be placed on public notice for common t. The lM condi‘
`tion was set to sunset five years after the release of the order.
`
`AOL Time Warner was directed to show that it had implemented an
`industry-wide standard for server-to—server
`interoperability. AOL Time
`Warner had to show that it had entered into a contract for server—to—server
`
`interoperability with at least one significant, unaffiliated provider of NPD—
`based services within 180 days of executing the first contract. AOL Time
`Warner also had to show that it entered into two additional contracts with
`
`—,,,
`
`...._..— . ....._.._..—_l Chapter |
`
`
`
`Page 12 of13
`
`Facebook's Exhibit No. 1025
`
`Page 12
`
`Page 12 of 13
`
`Facebook's Exhibit No. 1025
`Page 12
`
`

`

`L3 What Is IM?
`
`significant, unaffiliated, actual or potential competing providers. AOL
`Time Warner was given the opportunity to seek relief by showing by clear
`and convincing evidence that this condition no longer serves the public
`interest, convenience, or necessity because there has been a material change
`in circumstances.
`
`several competing companies have joined
`Since the FCC ruling,
`together to advocate an IM protocol similar to those that allow the interop~
`erability of e—mail systems. Other companies have taken a different
`approach rather than wait for an agreed-upon standard. Jabber is one com—
`pany that has created a client program capable of communicating with var-
`ious 1M systems. in less than two decades, the concept of 1M has become
`an international tool of communication.
`
`I.3.2
`
`IM as an Integrated Communications Platform
`
`The 1M platform can be the basis for true integrated communications by
`incorporating additional technology (such as extending it into the wireless
`realm with mobile phones and personal digital assistants [PDAsD or by
`adding other means of communication (such as voice chat or video chat).
`With the addition of IP telephony (Vol?) capability, the messaging service
`can even extend to telephony, making it possible to communicate with any-
`one at any time. It can be used as a personal communications portal to cre‘
`ate a single point of contact for all methods of communication, allowing a
`user to initiate any kind of communication from one place, using a single
`contact list. Using IM as an integrated communications platform allows for
`one—click communication. Instead of having to run through a list of home,
`office, mobile, pager numbers, and e-mail addresses, someone trying to
`reach another person can simply click on that person’s name. it also enables
`users to control how others communicate with them. If they prefer that
`calls go to their mobile phones when they are away from the office, they can
`set their profile so that the system directs calls that way. The system would
`route communications according to that person’s preferences. When addi-
`tional features such as integrated communications, reachability, and com-
`munications profiles are part of 1M, the market for lM will increase from
`personal to professional use, creating better business markets for messaging
`services and making these services more of a revenue—generating opportu—
`nity for service providers [8].
`
`
`
`Page 13 of13
`
`Facebook's Exhibit No. 1025
`
`Page 13
`
`Page 13 of 13
`
`Facebook's Exhibit No. 1025
`Page 13
`
`