All communications between your server and ours are TLS encrypted, this means that it is very difficult for a third party to monitor your conversations. The media packets that make up the voice or video communications pass from the users PC to our server are not currently encrypted, but without the server to server messages, these packets are not much use to a third party.
TLS encryption is the same security used by banks for their customer web services, and as well as encrypting the messaging between the servers, it is also used to make certain that the servers are real and not being ‘spoofed’ by a hacker. So you can be confident that any communications from our servers have come from us, and by extension, that any of your federated contacts who communicates with you are who they say they are.
When you join the federation, your users do not immediately become visible to all the other members of the federation. In a similar way to other IM systems (MSN, ICQ etc.), contacts need to exchange an invitation to be able to see each others presence or communicate.
If you feel that another organisation is abusing the federation – sending contact requests to users who do not know them, please let us know.