Why do I want encryption for my IM conversations?
Sending unencrypted instant message conversations over the internet is the same thing as posting your conversations on public cork boards. Unencrypted traffic is easily eaves dropped on by simple packet monitoring tools. Most commonly, using an unencrypted IM protocol at public locations (starbucks hotspots, barnes and nobel hot spots, college wireless networks, etc.) provides hackers an opportunity to read your IM conversations. Now AOL has changed their Terms of Service basically giving them ownership for any content transmitted across their services or by their products.
How do I encrypt my AIM conversations?
Mac
download Adium with built in OTR
use OTR proxy for iChat, Aol AIM, etc
Random questions:
I use multiple computers, how can I have the same key on each computer?
Just copy the key file otr.private_key between the computers.
| otr.private_key Locations |
Mac
| Adium |
~/Library/Application\ Support/Adium\ 2.0/Users/Default/libgaim/otr.private_key |
| OTR proxy |
~/.otrproxy/otr.private_key |
|
What ports does the OTR proxy run on by default?
HTTP/HTTPS proxy on port localhost:8080
SOCKS5 proxy on port localhost:1080
Instant Message service alternatives:
Jabber
Links
OTR Proxy and Plugin
GAIM IM Client
Mac Encryption
Method 1: Adium w/ built in OTR
--- For Adium version >= 0.8 skip down to usage image ---
Prior to the version 0.8, you need to install the adium beta.
Using fink, install svn:
fink install svn-client-ssl
Once svn is installed, download the source tree from Adium:
svn co svn://svn.adiumx.com/adium/trunk adium
Build adium:
cd adium && make
Copy adium to applications folder:
cd .. && cp adium /Applications/
now in your Applications folder under the adium/build subdirectory you should see a working Adium binary. Fire it up and open an IM to anyone on your buddy list. To enable encryption simply click the lock (closed = encrypted)
Where are my Key files stored with adium?
~/Library/Application\ Support/Adium\ 2.0/Users/Default/libgaim/otr.fingerprints
~/Library/Application\ Support/Adium\ 2.0/Users/Default/libgaim/otr.private_key
Method 2: OTR Proxy
The OTR Proxy will encrypt any AIM client that can use a proxy server.
Download mac os X install image
Copy the otrproxy executable to your applications folder.
Run the application
It will start up two different proxies with the following settings
Starting HTTP/HTTPS proxy on port 8080
Starting SOCKS5 proxy on port 1080
Configure iChat:
Configure the Server Options under the Accounts Preference
Logon to AIM with your screen name through the proxy. Then go back to the OTR Proxy program, go to Edit->Preferences->OTR Preferences. Once you've connected you will see your name in the "Key for account" field. Click Generate Key.
Screen after the key is generated
Once your key is generated you're ready for your first message. When it comes in from an encrypted source you'll have to accept the key in the OTR Proxy application and then the application will tell you the secure connection is established
The key for your friends is then stored in the "Known fingerprints" section of the Proxy application preferences. If you're having trouble establishing a connection because your friend switched clients or has different keys, delete the key and then retry.
You're all set, your conversation is encrypted!