Jabber/XMPP is a decentralized P2P instant messenger using the open source XMPP protocol, there is no central server that could be compromised, the multiple nodes construct a resilient and hard to monitor infrastructure. Dozens of XMPP servers, encryption and its open source nature make XMPP much harder to wiretap or shut down than cloud based Google Hangouts, Yahoo Messenger or Skype, all USA companies known to have a NSA backdoor.
One of Jabber/XMPP main vulnerabilities is that the server you are connected to is not trustworthy, this is a list of XMPP servers with the best privacy policies:
Calyx Institute: A not for profit privacy and cyber-security foundation running a public Jabber/XMPP server that does not create any records of who you communicate with or keep logs of the content of any communications, this server forces you to use OTR, Off-the-Record Messaging, a cryptographic plugin that stops the server administrator from accessing plain text of your communications.
DuckGo: From the popular no tracking search engine with the same name, DuckDuckGo XMPP server can only communicate with other XMPP servers if they use encryption, if your contact is on an unencrypted server the connection will be rejected. The server provides you with a free public XMPP server that will give you a Jabber @dukgo.com address. I was a little disappointed that DDG did not make their XMPP logging policy clear, I had to dig deep in their forums to find a very old thread saying that logging is kept to a minimum, I am not sure if this still applies.
OpenMailBox: A free privacy email provider that also comes with XMPP, to get the XMPP chat service you will have to register for an email account first. Openmailbox Jabber/XMPP connection is encrypted with Transport Layer Security (TLS), an asymmetric cryptographic protocol, all of this happens in the background with digital certificates, the user does not have to worry about anything. The downside of this provider is that they don’t enforce mandatory encryption in XMPP, you could be chatting in plain text if the other server does not support it.
PaleMoon: Public XMPP server from the PaleMoon project, a customized Firefox based browser focused on efficiency. Their XMPP chat server is disclosed as being in the European Union and establishing encrypted connections without any logging or auditing. To register for an account you need a Jabber client installed in your computer and follow the instructions on their page. There are no screenshots, if you don’t know how to configure a Jabber client it might not be the best choice for you.
JabberPPL: A long standing independent XMPP server that requires encryption is in place before it communicates with other servers, TLS and forward secrecy are supported. There is no information about who runs the server and what kind of logging they keep, other than “respects your privacy“, their domain name is protected with whois privacy and the website is hosted in Germany , on the positive side, they have been around for more than ten years and run a Diaspora server with an account where you can contact the administrator.
SwissJabber: The privacy policy of this provider states that communication contents are not logged, however, messages which could not be delivered immediately can be stored in the backup logs because it is not possible to remove them immediatly. Their server is located in Switzerland and governed by Swiss law, I am placing it here for those looking for an offshore XMPP server outside of the USA and the European Union. The service is run by a company called nine.ch. The page is only available in German but it can be dealt with using an online translator.
Neko IM: Running a public XMPP server located in Norway, they claim that no more information is collected and stored than what is absolutely necessary, TLS everywhere is enforced and Jabber clients need to support a strong cipher or they will not be able to connect to the network. Being a free volunteer run project, this server uptime comes accordingly to this and no guarantees are made about uptime other than “as much as possible“. - See more at: http://www.hacker10.com/computer-security/the-best-xmppjabber-servers-for-anonymous-chat/#sthash.B79hpjKm.dpuf
Countermail: This is a paid for service from a Sweden based email privacy company that provides the XMPP server xmpp.counternet.com with TLS and SSL encryption only available to email account holders. The username and password are randomly generated, you can not create your own, however, all XMPP clients supports “alias” or “display name” that you can manually set up and this is what other Jabber users will see.
About Jabber/XMPP security
Any IM client that supports the XMPP protocol can interact with other Jabber users, a few of the best know Jabber compatible clients are Pidgin, Thunderbird and Jitsi, they can be used for videocalls and sending files, but always remember that encryption and P2P does not mean that your computer IP is hidden. Jabber will help you protect from wiretapping with encryption but the server you use could log what you do and your contact could find out your home IP if you are not on a proxy or VPN.
Another benefit of Jabber is that the same username and password can be used to connect with the social network Jappix, unlike Facebook, you don’t have to provide your real identity to take part in Jappix. And if you want to run your own Jabber/XMPP server that is another way to protect your online privacy, it is not hard to set up an XMPP server if you have basic understanding of Unix, search for Prosody or Tigase to find XMPP server software to run.
I included XMPP servers with a clear privacy policy of minimum logging or being offshore, those are the claims that the server administrators make, there is no way to verify any of them. If you are social activist RiseUp and Austici provide anonymous Jabber chat servers for people fighting for world change but they are not on the list because they are strictly for political activists.
Sometimes privacy minded individuals set up their own XMPP server and open them to everybody, due to the nature of one man operations, instead of including here privacy servers that have little backing and less chances of long term survival it is best that you check out an updated list of all public XMMP servers at https://xmpp.net/directory.php
It is apparent you are a forward thinker with great writing skills. Your content speaks volumes for your dedication to writing quality articles. I like your points of interest and appreciate your fine writing skills. Anonymous Chat Rooms, Free Anonymous Chat Online - anonymous-chat app to chat with strangers anonymously. Best & free chat app and chatting site for anonymous chat rooms and live chat with random people. No need to reveal your identity while chatting online.
ReplyDeleteEven organizations have commenced using chatrooms to connect with their customers, through live chat, other workplaces, and potential customers are turning the sales up. Most of the on-line chatting rooms offer anonymous chat, that can provide you with the potential to speak openly about things that you would not usually share with others.
ReplyDelete