Watch videos with subtitles in your language, upload your videos, create your own subtitles! Click here to learn more on "how to Dotsub"

Secure Instant Messaging with Pidgin

0 (0 Likes / 0 Dislikes)
Hi! In my last tutorial, I talked to you about Tor’s browser bundle, and one of the services that I skipped over during the tutorial was Pidgin. Pidgin is an instant messaging client that allows you to add in your buddy lists from different instant messaging services, like AOL’s instant messaging service, Yahoo’s instant messenger, and Google’s instant messenger. Now, that’s great in and of itself, giving you the opportunity to add in all your buddies from different services. But the problem with instant messaging is it’s just as easy to tap into a conversation between two people instant messaging as it is to tap into a conversation between two people using a phone line. So what I want to talk to you about today is Pidgin, and Off the Record. Now, Off-the-Record is a plug-in for Pidgin that encrypts conversations between two or more people. So let’s get started and learn how to make our instant messaging safer and more private. So just like with the Tor service, you can choose to download and install both Pidgin and Off-the-Record directly onto your computer. But because my tutorial last time was on protection and privacy on the go using a USB flash drive, we’re going to do the same thing here. We’re also going to use the Tor browser bundle here, because it incorporates the Pidgin client. So what I’m going to do first is put my USB flash drive into my computer. That should get the menu to pop up here. Open folder to view files. And double-click Tor browser folder. Now if you don’t have the Tor Browser bundle, you’re going to want to go to, click the download tabs, and download the Tor Browser bundle. The easiest way to get this going is to double-click “Start Tor browser”. This will get us connected to the Tor network, open up the self-contained browser, and also open up Pidgin with Off the Record. Okay, so you get the welcome to Pidgin screen first. The first thing I’m going to do is minimize all these other boxes that are open here. I’m going to add an account. And you choose your service from the drop-down menu, and you can see they support quite a few different instant messaging services. And you’re going to put in your user name and password. Click remember password, and Add. While this is connecting, I’ll tell you that you can add any number of different usernames from any different service, and every one of them will show up here, so that you can have all of your friends, all of your buddies, all in one place, and talk to them across all of the different services. Okay, so once it says available down here, it means we are connected to our service, so I’m going to close this out because we don’t need it open anymore. You can see how I have one friend on my buddies list here, webfreedomfriend. One thing you’ll want to keep in mind when using Pidgin with Off-the-Record is that you both need to have Pidgin with Off-the-Record in order for the encryption and security to work. Now that we’re connected and we can see our buddy list and our friends, we want to make sure that Off-the-Record is running. So I’m going to click Tools, and go to Plug-ins, and scroll down until you see Off-the-Record Messaging. if you’re doing this manually, installing Pidgin and Off-the-Record directly to your computer, you’re going to have to go in and check this box. It’s already checked here because I’m using Tor’s browser bundle and it does it automatically for me because it’s all about the privacy and protection. So in either case we’re going to click Off-the-Record Messaging, or select it, and then go to Configure Plug-in. Now, right here you can see, I already have a digital fingerprint. I generated one earlier. But what you want to do, if this is the first time you’re started the program, is to click the Generate button. That will give you a digital fingerprint, which is a series of letters and numbers that you can use to identify yourself to anybody that you’re talking to so they know it’s you. Now, they’ll have one as well, that they can give to you so they know it’s them. So once you’ve generated your fingerprint, you’re going to close this window, and then you can close the plug-in window and open up an IM window with your friend. Now, as you can see, Off-the-Record has added a couple of features to the IM window. There’s an indicator down here to tell you whether your conversation is private, and there’s a menu up here for starting a private conversation, ending it, and authenticating the person that you’re talking with. In order to get this started, you want to click Start Private Conversation. A window like this should pop up on your friend’s screen. Okay, as you can see here, this is an unverified private conversation, because we haven’t authenticated our buddy yet, and so what we want to do is go up to this menu again and go to Authenticate Buddy. There are a couple of different ways to Authenticate. You can ask a question of your buddy that only they could know the answer to, and then they’ll ask you a question back, so that you both know it’s the person you want to be talking to. You can also decide to enter a shared secret, but what we’re going to do is use manual fingerprint verification. Now, with manual fingerprint verification, you can see your fingerprint here and the fingerprint that they should be able to tell you. Now, you’re going to want to do this through word-of-mouth probably. Get on the phone with your friend, and say, okay, what’s your fingerprint? And if they tell you this is their fingerprint, and it’s right down to every number and letter, you can go and click “I have verified this is in fact the correct fingerprint for webfreedomfriend” and then click Authenticate. Now, this has changed from Unverified to Private, which means that my conversation with my friend, webfreedomfriend, is completely private. This conversation is private. And nobody will be able to intercept what I’m saying, it’s all scrambled, all they’re going to see is letters, numbers all kinds of jumbled. It’s encrypted. And there you go!

Video Details

Duration: 7 minutes and 3 seconds
Country: United States
Language: English
Producer: Calvin Rhodes
Director: Calvin Rhodes
Views: 253
Posted by: therhodesahead on Jun 2, 2010

A tutorial on using Pidgin with Off the Record for secure instant messaging.

Caption and Translate

    Sign In/Register for Dotsub to translate this video.