Prevent Communications Spying with O.T.R. Encryption and TOR in XMPP
- Activists: Operating around the wold, all governments spying on their citizens.
- Hackers: Those who push the limits of technology, who need secure ways of communicating.
- Hacktivists: While hacktivists around the world primary hack for Justice, the hacktivist communities are heavily spied upon by agencies and governments.
- Social Engineers: As an SE, keeping your communications private is essential to your work. While it's keeping the confidentiality of a client, staying hidden from a target or communicating with sensitive contacts, privacy is key.
- Pidgin Chat Client (sudo apt-get install pidgin)
- https://otr.cypherpunks.ca/ (sudo apt-get install pidgin-otr)
- TOR Project (sudo apt-get install tor) (Also Download the Browser Bundle)
- SECURE VPN Service (Download)
sudo service tor startContinue by starting up your VPN Service in conjunction with TOR.After TOR and a VPN are both running, continue by opening the Pidgin Chat Client and clicking Add Account.The add dialog box should appear, the configuration options should be as follows:
Protocol: XMPPUsername: YourusernameDomain: riseup.net (or any other off-shore provider that does NOT store logs)Resource: BlankPassword: YourPasswordLocal Alias: Optional After all of that is filled out, we want to hover to the Proxy tab. Once there, click Proxy Type and set it to SOCKS5. The configuration should be as follows:Host: 127.0.0.1Port: 9050Username: BlankPassword: BlankOnce that is filled in, make sure you check the option "Create This New Account On Server" and click Add. Next, go to Tools > Plugins find O.T.R and enable it. Then, Enable the Account and enjoy your secure Off-The-Record communications.To help better understand what makes this solution so secure, I'll share a bit of information about the protocols and tools used in this guide.XMPP:"Extensible Messaging and Presence Protocol is a communications protocol for message-oriented middleware based on XML. It enables the near-real-time exchange of structured yet extensible data between any two or more network entities. Originally named Jabber, the protocol was developed by the Jabber open-source community in 1999 for near real-time instant messaging, presence information, and contact list maintenance. Designed to be extensible, the protocol has also been used for publish-subscribe systems, signalling for VoIP, video, file transfer, gaming, Internet of Things applications such as the smart grid, and social networking services."TOR:"TOR is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security."An Off-Shore VPN:All your traffic is securely routed through your provider before it's decrypted and sent on to the open internet.
- Thwart Network Surveillance's Bitmask VPN is very effective at bypassing most censorship and network surveillance by your ISP or country.
- Anonymize your address: Your IP address will also be hidden, keeping your physical location safe from nefarious websites or network eavesdroppers.
- Extra Security: We take extra security measures to prevent problems common to other personal VPNs, such as DNS leakage and IPv6 leakage.
I hope this information is useful to some of you. Thank you :)