Home » Communications

Encrypted IM Using Pidgin

Posted 24 Jan 2010 | Comments Off on Encrypted IM Using Pidgin | 1,931 views

Public instant messaging platforms such Google Talk, AOL Instant Messenger or Windows Live Messenger offers instant messaging services that are highly attractive to individuals and organizations. The provider has already paid the infrastructure costs for the servers and networks to make them highly available. The client software is free and easily available for download. The end user costs are negligible.

Each of these services uses a client server model, and the instant messages travel through a set of core  servers. The core servers recieve the messages and route them to the recipient. We have seen in the past the at least one provider censored messages going through their network. If a messaging provider has the capability to censor messages, they also have the capability to make other uses with the data.

Some have suggested using services such as imo.im or meebo. These are web-based interfaces to all of the popular messaging platforms, and they allow a user to consolidate all of their accounts into one location. Both of these services offer HTTPS connections for encrypted logins and messaging. Unfortunately, the end user must release their accounts passwords to make use of the service, and they still connect to the original provider in the same manner that a standard client would connect.

The multi-protocol client Pidgin offers a different solution. Pidgin can connect to all of the popular instant messaging services, and it can be used for secure encrypted chat with the help of an extra plugin or two. Pidgin-Encryption or Off-The-Record can be use with Pidgin to send encrypt to messages.  The core routing servers only see a bunch of random text to relay to the recipient.

Using The Pidgin-Encryption Plugin:

After installing Pidgin, download the plugin from the website. Binary packages are available for all of the common operating systems. Install the plugin using the directions on the main page. Start up the Pidgin client.

Go to Tools, then Plugins. Scroll through the list until you find Pidgin-Encryption. Click the box to enable the plugin, then click the Close button at the bottom of the window.

Restart Pidgin. Pidgin will generate new private keys to encrypt to conversations.

Convince your buddies to also install Pidgin and Pidgin-Encryption. Once everyone has Pidgin-Encryption running, startup a conversation. Click the lock icon to switch to encrypted chat. Click it again to switch back.

Using The Off-The Record-Plugin:

After installing Pidgin, download the plugin from the website. Binary packages are available for all of the common operating systems. Install the plugin using the directions on the main page. Start up the Pidgin client.

Go to Tools, then Plugins. Scroll through the list until you find Off-The-Record Messaging plugin. Click the box to enable the plugin, then click the Close button at the bottom of the window.

Restart Pidgin. Pidgin will generate new private keys to encrypt to conversations.

Convince your buddies to also install Pidgin and Off-The-Record Messaging. Once everyone has Off-The-Record Messaging running, startup a conversation. Click the Not Private button to switch to encrypted chat. Click it again to switch back.

The Wrapup

In addition to encrypted chat, Pidgin also has another nice feature. It’s a multiple protocol client, which means that you can use it to connect to all of the major instant messaging networks. It might not have all of the nice GUI features that the single protocol clients have, but you’ll be able to manage your contact list in one place and you’ll save system resourcs by running a single client. It’s a fair trade- the extra security for the GUI eye candy.

Comments are closed.