- Jun 24, 2021
- Reaction score
For many years of good work, the Jabber protocol has managed to prove itself as one of the most convenient methods of secure data exchange. Its architecture allows you to efficiently hide correspondence from prying eyes and, with the right settings, it almost excludes the possibility of data interception by third parties. In this step-by-step guide, you will learn how to use Jabber technology to secure your online communication.
Why use Jabber?Jabber is a next-generation fast messaging system based on the open XMPP protocol that has extensive encryption capabilities. The network has a decentralized structure: it does not belong to anyone and consists of many servers that anyone can open if they want — be it a large company or a lone enthusiast. At the same time, disruptions in the operation of one of the servers will not affect the correct operation of the entire network in any way.
Another advantage of the protocol is its extensibility: if desired, new functions can be added to Jabber without impacting compatibility with old programs. In addition, the use of this messaging system is free.
Step 1: installing the Jabber client.To use the protocol, you need to download and install one of the clients on your device. The most popular of them are: Pidgin, Psi +, Adium and Xabber. A complete list of services for using the Jabber network can be found here.
We'll describe installing the Pidgin client on an Ubuntu platform. The Pidgin package is available in the standard Ubuntu repository. (To install it on other operating systems, we should go to the official website of the project and download the installation file).
It is better to make sure all system packages are up-to-date before proceeding with the installation. To do this, open a terminal (Ctrl + Alt + T) and enter the command as follows:
sudo apt update
sudo apt upgrade
Now we may proceed to installation of Pidgin. To do this, we enter the following command:
sudo apt install pidgin
After these steps, the Pidgin client will be installed on your device. Now you need to forward its traffic through the Tor network.
This can be done in the registration window in the «Proxy» tab.
After launching the Tor browser and client, in the settings you need to find the item «Proxy» and put a check in front of the item «Use remote DNS with SOCKS4 proxy», and in the item «Proxy type» you need to select «Tor / Privacy (SOCKS5)».
Next, in the «Node«» item, specify 127.0.0.1 and select port 9150. This is the standard Tor port, although a variation of 9050 is sometimes found.
Now, before launching the client, for its correct operation, you need to launch the Tor browser!
Step 2: Registration of an account and setting up the encryption.To create an account, you should go to the «Add an account» item, after which the registration field will be open for you. There you need to select the protocol (XMPP), come up with a name and decide on the server that you will use.
It is better to choose servers whose owners declare that they do not keep logs. And although it is impossible to verify this, there are still some criteria for selection. Best of all is to give preference to countries where it is prohibited by law to collect logs. It is better not to select servers, registered in the EU, USA as well as in the country where you live.
Next, we come up with a strong password for the account. Now you can go to the encryption settings.
There is no strong encryption in XMPP by default, but it can be easily added. First, let's look at the popular and easy-to-use OTR algorithm. It provides a high level of security, but while using it, messages in the logs are being not encrypted, so for reliability it is better to disable them.
To configure OTR encryption, in the «Tools» item, select «Plugins» and activate the Off-the-Record (OTR) plugin.
Next, we need to configure this plugin. To accomplish this, at the very bottom of the list of plugins, click «Configure Plugin». In the module settings window, we first need to generate a key for our account. Select the account for which you want to create a key, and click «Create». The key generation window will appear. When the work is over, press Ok and you will see your «fingerprint» of forty characters.
The following items should be ticked in checkboxes:
• Enable private messaging.
• Automatically initiate private messaging.
• Require private messaging.
• Don’t log OTR conversations.
• Show OTR button in toolbar. It simply adds a chat protection and interlocutor authentication button to the interface.
Encryption will now be available in your client! Before starting a conversation, do not forget to enable it (the security status can be viewed in the chat window).
Jabber. Encryption and clients
Last edited by a moderator: