- Joined
- 31.10.19
- Messages
- 1,369
- Reaction score
- 4,569
- Points
- 113
Not an ounce of marketing! Jabber achieved it's heights due to reputation in the community of the old school cybercriminals.
Things are going on, but correspondence from those times still cannot be read. Jabber has the best reputation in this regard. This is not exactly "ethical" evidence, however it's a significant factor. The technical part of Jabber has no special issues, so does the reputation part. Now they are telling you about new messengers that use super tools to achieve the privacy of correspondence. In fact, Jabber hasn't had much of a real competitor since then...
How it works?
- Client - You can choose which client to use. This could be a logic and design based telegram client. This could be a client inside the terminal.
- Server selection - You can choose the server through which you will communicate. You can install and configure this server yourself.
- Selection of functionality - You can choose things like whether you are typing a message, whether you have read the message and much more.
- Selecting an encryption method - You can choose the encryption method for your chat messages:
OMEMO - optimal in terms of safety/convenience ratio.
OTR - really high security (but extremely inconvenient).
PGP/GPG - maximum security (when used PROPERLY).
So, you want to start using Jabber, how to start?
- Install Jabber client on your device. For Linux I recommend Dino (For OMEMO), Pidgin (For OTR), both are suitable for PGP/GPG. On other "regular" systems I can’t imagine secure and private correspondence. Without a safe environment, there's no safe correspondence. By the way, Linux can also be unsafe.
- Which server to choose? Under OMEMO/OTR - without XEP-0313: Message Archive Management and any other technologies that log "encrypted" user correspondence from the server side. Why? There is an attack in which, if the server has logged the correspondence in the correct order from the very beginning, it's possible to gain access to the correspondence. For PGP/GPG created in third-party software - any server.
- Which encryption method should I choose?
For non-super sensitive correspondence - OMEMO
For the most sensitive correspondence - PGP/GPG with daily change of keys generated in separate free software.
Now you correspond with REAL security!
