Fixxx
Moderator
- Joined
- Aug 21, 2024
- Messages
- 177
- Reaction score
- 571
- Points
- 93
%3Amax_bytes(150000)%3Astrip_icc()%2F1280px-Jabber_logo.svg-4e9b645559f54641819f915b2a2a5dfa.png&f=1&nofb=1&ipt=2498aa8e95136314a4bcfdcbfe0e0d25539ca60b30a5dcbf35af7de08deb461a&ipo=images "iu"){kind=logo}
Not an ounce of marketing! Jabber achieved it's heights due to reputation in the community of the old school cybercriminals.
Things are going on, but correspondence from those times still cannot be read. Jabber has the best reputation in this regard. This isn't exactly "ethical" evidence, however it's a significant factor. The technical part of Jabber has no special issues, so does the reputation part. Now they are telling you about new messengers that use super tools to achieve the privacy of correspondence. In fact, Jabber hasn't had much of a real competitor since then...
How it works?
Jabber is just a general name for a huge election citadel.
- Client - You can choose which client to use. What functionality and design will it have? This could be a logic and design based telegram client. This could be a client inside the terminal.
- Server selection - You can choose the server through which you will communicate. You can install and configure this server yourself.
- Selection of functionality - You can choose things like whether your online partner will be shown to you, whether you are typing a message, whether you have read the message, and much more.
- Selecting an encryption method - You can choose the encryption method for your chat messages:
OTR - high security, but extremely inconvenient. Can't send media and doesn't work in groups.
PGP/GPG - maximum security when used PROPERLY.
So, you want to start using Jabber, how to start?
- Install Jabber client on your device. For Linux - I recommend Dino (For OMEMO), Pidgin (For OTR), both are suitable for PGP/GPG. What about other platforms? And on other "regular" systems I can’t imagine secure and private correspondence. Without a safe environment, there's no safe correspondence. By the way, Linux can also be unsafe.
- Which server to choose? Under OMEMO/OTR - without XEP-0313: Message Archive Management and any other technologies that log "encrypted" user correspondence from the server side. Why? There is an attack in which, if the server has logged the correspondence in the correct order from the very beginning, it's possible to gain access to the correspondence. For PGP/GPG created in third-party software - any server.
- Which encryption method should I choose?
For non-super sensitive correspondence - OMEMO
For the most sensitive correspondence - PGP/GPG with daily change of keys generated in separate free software.
Now you correspond with REAL correspondence security!