Anyone who values their privacy will be aware of Tor, the distributed “onion routing” network that makes it possible to avoid surveillance (though it is thought that even the sophistication of the Tor system may not be enough to avoid NSA scrutiny if they really want to get the login for your Ashley Madison account).
While Tor is great for hiding your browsing until now, it hasn’t been able to anonymize instant messaging. That changed yesterday with the beta release of the open source Tor Messenger. Available for Windows, Linux, and OS X the Tor Messenger:
… supports a wide variety of transport networks, including Jabber (XMPP), IRC, Google Talk, Facebook Chat, Twitter, Yahoo, and others; enables Off-the-Record (OTR) Messaging automatically; and has an easy-to-use graphical user interface localized into multiple languages.
Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing:
Encryption / No one else can read your instant messages.
Authentication / You are assured the correspondent is who you think it is.
Deniability / The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
Perfect forward secrecy / If you lose control of your private keys, no previous conversation is compromised.
These attributes are important if you’re trying to avoid censorship or observation for any reason and Tor Messenger is an enhancement of Instabird, one of the most sophisticated instant messaging clients, which was developed by the Mozilla community. The Tor Project explains:
I installed Tor Messenger (under OS X ridiculously fast and straightforward) and discovered that, as of writing, it seems to not work with Google Talk if your account is set up for Google’s Two Factor Authentication. Despite trying several times to create a Google App Password that allows for one factor authentication, Tor Messenger repeatedly failed to log in for no apparent reason.
I had more luck with Facebook Chat but only after Tor Messenger tried to log in with my credentials and got kicked off because Facebook complained because I was apparently coming in from Bangladesh which Facebook, not unreasonably, thought to be unusual. Once I confirmed that this was, in fact, me, everything went like clockwork and the performance of Tor Messenger appears to be very good.
So, if you have any reason to be paranoid or simply nervous about your privacy then Tor Messenger is arguably your your solution for instant messaging. But be careful! This is a beta release and until it's got a few virtual miles under its belt, there could be gotchas.
If you get a chance, try Tor Messenger and let me know what you think. Big kudos to the Tor team, there’s no such thing as too much privacy.
With more and more workloads going to the cloud, and the top vendors being as competitive as they’ve...
Sample some of the toughest job interview questions for technology professionals, as rounded up by...
The U.S. government reportedly pays Geek Squad technicians to dig through your PC for files to give to...
So far, there’s no reason to think this issue is affecting other iPhone devices.
Of the Everests that IT faces daily, identity and access management is a particular challenge. These 10...
New and dynamic authentication factors can help prevent identity theft.
A fresh round-up of venture-backed Internet of Things startups with a focus on enterprise IT.