Secure communication: Encrypted instant messaging

Ionium · Mon Mar 07, 2005 8:00 am

For private communications, I use X-IM. It has these features:

Hush messenger is also an option. Security is just about the same as X-IM.

A good thing about the above clients is that logging is not an option, unless you manually copy/paste it all into a file, so your chat will not accidentally be stored in a file.

I personally trust these programs enough to chat openly about absolutely private matters on them. If anyone knowledgeable about communication and data security think this is a bad idea, I'd like to hear your views on the subject.

MargaretThatcher · Tue Mar 08, 2005 7:14 am

Never trust proprietary solutions. Currently, I would choose an open source
end-to-end encryption client. Jabber or SILC are the better chat protocols. Psi is a good jabber client.

You can use i2p to anonymise the client.

Spacemonkey · Tue Mar 08, 2005 7:27 am

Theres a pretty decent Encryption Plugin for Gaim as well.

Ionium · Tue Mar 08, 2005 7:42 am

The source code for X-IM is available on request, and the source code for the Hush encryption engine is available for download.

IndoleAmine · Dreamreader Deluxe

Hush communications earns their money by providing 100% secure, transparent encryption for internet communication media, one single case creating a bad reputation could kill such a corporation. So they will do everything they can to provide the best service possible (somewhat like a bank) - I think (hope) one can trust them on their security....

(wasn't aware that they provide their source code for the algorithm though)

i_a

auttie · Thu Jun 02, 2005 10:48 am

silc is the way to go.. it provides you with a secure and possibly anonymous chatting platform.. http://www.silcnet.org/ I recomend everyone check it out.. we are coming to a new age.. its inportant that we bee careful.. we cant take risks.. understand your technology before you trust it.

loki · guinea pig

i'm running a silc server at m0c.no-ip.org on port 706... if anyone wants to chat to me i'm always logged into the room 'monastery' I'd be more than happy to have other rooms running, my server is not up 100% of the time, probably 98% or so. now and then my usb adsl modem misbehaves... so probably not very reliable yet, but getting there... might get better if i get a router/modem.

auttie · Thu Jun 02, 2005 6:24 pm

nice!

MargaretThatcher · Fri Jun 03, 2005 2:09 am

Generally, the IRC protocol is best steered clear of - not because it is bad, but because it has a short message length, which makes it difficult to work with secure encryption clients and plugins.

There are a couple of encryption plugins for gaim. Remember, if you don't want the server host to be able to read your messages, you need end-to-end encryption, not just SSL to the server. Both of these plugins do end-to-end:

gaim-encryption http://gaim-encryption.sourceforge.net/

gaim otr http://www.cypherpunks.ca/otr/

For anonymity, i2p is a good solution. If you run a node, then you can connect pseudanonymously to servers hosted on the i2p network. There is one IRC and several jabber servers already hosted on i2p.

You can also get your client to tunnel through TOR to the messaging server to anonymise your connection.

auttie · Fri Jun 03, 2005 11:48 am

yah tor is your friend. I guess if nothing else def use encryption in gaim. tho.. gaim has proved unstable.. and there have been quite a few exploits for it. but if you cant bring yourself to use something like silc. def use encryption pluggins.

loki · guinea pig

yeah i just installed my gaim encryption plugin... i'm really waiting for silky to become a bit nicer and i'll quit using gaim for silc. On top of tor tho, i'm sure it's quite secure. tor has packet padding so packet sizes are either 500 or 1000 bytes each i think (or something like that)

auttie · Sat Jun 04, 2005 11:45 am

you should just use irssi for silc, in console.. it will be much more stable. GAIM+securtiy= flaky.. from what I heard.. but Im sure most of what I hear is biased..they are a bunch of bsd heads. I tryed connecting to your server yesturday w/ no luck I was using tor.. said it couldnt connect.. Ill try again in a few.. has a anonymous server which is nice. to all the windows users that are interested in secure communication.. and a new way of doing things Im more then willing to tell people what I know.. please consider making the switch to linux.. the big companies have alot in the works right now that will even further enslave computing... I guess they are just trying to take us to the breaking point =]

auttie · Sat Jun 04, 2005 11:56 am

err I found out that this server is no longer functional.. Im sure a anonymous silc server will pop up.

loki · guinea pig

i'm not sure why you can't get at my server... i get problems with it sometimes... you may have been unlucky and tried to get at it while connectivity was broken or something similar. i'm not sure what is causing the problem at this point, i should have a look and see if the usb adsl modem driver has been update yet

MargaretThatcher · Sun Jun 05, 2005 2:47 am

Gaim is quite stable on Linux. The problem with gaim is bloat - it has so many protocols and features incorporated, that there are more places for security holes. Apart from silc, none of the clients I have come across seem to be written with security in mind.