-
Notifications
You must be signed in to change notification settings - Fork 9
Chat
##Threats By using 3rd party chat services such as Skype, Google Hangouts, Facebook Messenger, Apple's iMessage, and countless others, you open yourself up to having all of your private communications stored on that system's server indefinitely. There have also been many attempts (successful and unsuccessful) by governments to gain access to this data via court orders or by forcing companies to install backdoor access (EFF Applauds Apple’s Refusal of Government Demand for iMessage Backdoor). Additionally, if any of these chat applications gets hacked, which happens often (Whatsapp Web Vulnerability Puts 200 Million Users at Risk), all of your conversations could be exposed.
##Solution Off-The-Record (OTR) Messaging is an encryption library that plugs into popular chat clients: Adium for Mac, or Pidgin for Windows. Adium and Pidgin support multiple chat protocols. OTR requires both parties to install the plugin in order to communicate securely.
Steps are as follows:
- Download the chat client - Pidgin or Adium
- Connect your desired accounts (Google Hangouts, etc.)
- If using Pidgin, install the OTR plugin
- Enable OTR and generate a private key/fingerprint
- Enable force encryption on all conversations
Note: OTR may not be easily available for Apple's iMessage. They do reportedly do their own end-to-end encryption; however it is entirely within Apple's control, which may be subject to being subpoenaed or subject to mass surveillance [speculation]. For sensitive content, it is recommended that other methods of encryption be used instead of iMessage. See the Text Messaging section for alternative solutions.