Secure instant messaging for the masses
With the majority of the Democrats caving in to the Bush administration's demands for full immunity for the telecom companies for-profit collusion in the NSA's illegal wiretapping program, it seems to be clear that the Fourth Amendment and federal antiwiretapping laws are no longer enough to keep our communications secure. Laws stating that "thou shalt not listen to your customers phone calls" no longer seem to have any bite. Or at least, they don't as long as teleco lobbying coupled with massive political contributions can turn once critical senators into kindly old men willing to forgive and forget.
AT&T: Your World. Delivered. To the NSA
(Credit: Electronic Frontier Foundation)Thus, now that AT&T and Verizon are free to provide the NSA with a full copy of all Internet traffic that flows over their networks, I thought that perhaps it'd be a good idea to discuss proactive technical solutions that users can utilize to protect their own privacy. The primary focus of today's blog post is on one small area of user privacy, but one which is perhaps the least well known by the average joe, yet which is extremely vulnerable: instant messaging. The question to be answered today is: how can nontechnical users secure their own instant-messaging conversations such that an attacker is unable to listen in (be it the government or a nosy neighbor sniffing the wireless network from next door).
The major IM networks, which include AOL IM/iChat, MSN, and Google Talk (when using the gmail embedded chat function) all send data over the clear. Using IM over an unencrypted wireless network (such as at a coffee shop or hotel lobby) is an open invitation for nasty folks to read your conversations. Those people using the downloadable Google Talk client will at least have their conversations encrypted between their own computers and Google's servers - but that doesn't solve the problem of the NSA forcing/paying Google to hand over your data. Likewise, AOL confirmed in 2005 that if presented with a court order, it would let the government eavesdrop on IM conversations between customers.
The solution then, is to use an encrypted instant-messaging program--one made by a third party and not one of the major IM networks. That is, a software client with which the conversation is encrypted from one user's computer all the way to the recipient--and not just to the central servers of the IM network. While the popular Trillian multinetwork client does offer encryption, its design is flawed, and is subject to a number of attacks. The tool of choice for privacy-conscious geeks everwhere is a protocol known as Off The Record (OTR). This scheme, designed by a team of security researchers including professors Ian Goldberg and Nikita Borisov, provides a number of really cool features. The benefits of OTR include:
- Encryption: No one else can read your instant messages.
- Authentication: You are assured the correspondent is who you think it is.
- Deniability: The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
- Perfect forward secrecy: If you lose control of your private keys (such as if your computer is hacked, for example), no previous conversation is compromised.
An encrypted conversation in Adium
(Credit: The Adium Dev Team)The OTR team don't actually produce its own instant-messaging client. Instead, they have released an open-source library that other IM programs can include--which hopefully means that as more and more clients adopt it, users will be able to conduct safe and encrypted conversations with people who use an IM program different than their own. Right now, the OTR team distribute a plugin for Pidgin, the popular multiplatform IM client. Adium, a popular IM client for Mac OS X, has OTR support built in. There are third-party plugins for the Kopete, Miranda and Trillian IM clients. Best of all: OTR is IM-protocol-independent. That is, once you have an OTR-enabled client installed, you can communicate with friends on different IM networks, be it AIM, Google Talk or others, as long as your friends also have OTR-friendly IM software.
Linux and Windows users are probably best off using the Pidgin IM client, which works with all of the popular IM networks and then installing the OTR plugin. For Linux users, it should be as simple as installing the Pidgin-OTR package with your respective package manager. Windows users will want to download the Pidgin-OTR plugin from the OTR Web site. Mac users: you're in luck. You can be lazy, and simply download Adium, which has OTR out of the box.
Once you have an OTR-enabled client installed, its as simple as clicking on the lock icon in any conversation window. You'll be asked to accept an encryption key the first time you chat--which you should verify with your pal by some form of non-IM conversation (the phone, in person, etc). After that, all future communications with that person should be encrypted without any more work. That's it. Secure communications, free from prying next-door neighbors or privacy-invading spooks.
Christopher Soghoian delves into the areas of security, privacy, technology policy and cyber-law. He is a student fellow at Harvard University's Berkman Center for Internet and Society , and is a PhD candidate at Indiana University's School of Informatics. His academic work and contact information can be found by visiting www.dubfire.net/chris/. He is a member of the CNET Blog Network, and is not an employee of CNET. Disclosure.
Thanks for the great post!
With IM, I am more concerned about business and individuals than the NSA. The number of sniffer tools out there (for purchase!) for MSN, etc. is scary.