Silk Road forums

Discussion => Security => Topic started by: StExo on April 08, 2012, 09:49 pm

Title: Secure Chatting - mIRC/Skype?
Post by: StExo on April 08, 2012, 09:49 pm
-Removed-
Title: Re: Secure Chatting - mIRC/Skype?
Post by: wannabud on April 09, 2012, 06:40 am
If you use skype through pidgin, you can use OTR plugin.

And you can configure to connect through Tor.
Title: Re: Secure Chatting - mIRC/Skype?
Post by: utopia on April 09, 2012, 05:11 pm
With Mirc:

 - use blowfish https://github.com/flakes/mirc_fish_10 (version for newer mirc versions). this is vital as it stops people who have control of the ircd (which on a few occasions which resulted in mass arrests has been LE) and goes some way to limit the chances of sniffing.
- You could use truecrypt to encrypt the usb and then set all the temporary folders for mirc to be on this truecrypted partition. This is however potentially not foolproof as it's hard to be entirely sure what mirc will do - but it will certainly make it a lot more secure and all the important (read incriminating) files will be on the encrypted usb. Even better truecrypt your entire system drive :) good truecrypt passwords won't contain any words spelt simply (e.g spark is bad; 5p4Rk is better) but preferably be entirely random, should contain 20+ characters and should have both letters and numbers. Don't write down a truecrypt password - learn it. A dual cypher encryption system is best for either. Personally i prefer AES-Twofish but there's not much difference between the effectiveness of the various implimentations.
- Disable logging. It might be 'useful' but just no. if you get busted with logs other people will get busted. If you need to keep any information from chats keep it inside a .txt file in a truecrypted volume (preferably on a usb stick as you suggested). Erase all nicknames. Would be a good idea to have the important information within its own truecrypt volume (different password)
- Consider using a bnc. under no circumstances store fish keys on this bnc (some idiots do - that's a very bad idea and makes using fish pretty much useless). You can buy shell accounts using bitcoin to try and avoid a money trail.

Optional:
- Use irc networks that allow tor (there are some that exclusively use tor). This is the least practical and least important step. In my experience most the fun ;) irc networks don't allow tor. Don't worry about that so much.

PROTiP:

DON'T USE SKYPE FOR ILLEGAL THINGS. it relies on third party servers owned by a company (who will bow to LE pressure instantly), has very weak encryption and has no opportunity to further secure your traffic (i'm talking about calling - wtf would you use skype otherwise - use a more decentralised system). Sure you could bounce the traffic but your communication won't be particularly secure.
Title: Re: Secure Chatting - mIRC/Skype?
Post by: wannabud on April 09, 2012, 08:09 pm
- use blowfish
Alternative for linux/xchat?
Title: Re: Secure Chatting - mIRC/Skype?
Post by: utopia on April 09, 2012, 10:22 pm
Blowfish is available for irissi. The original blowfish project wrote plugins for xchat/mirc/irissi. I'm not a massive linux user so can't help with installation but there should be stuff all over google about that.
Title: Re: Secure Chatting - mIRC/Skype?
Post by: jrowland80 on April 10, 2012, 11:15 pm
Blowfish is available for irissi. The original blowfish project wrote plugins for xchat/mirc/irissi. I'm not a massive linux user so can't help with installation but there should be stuff all over google about that.

Also BitchX.

To OP, BitWise or PSST for Instant Messengers for end to end encryption.
Title: Re: Secure Chatting - mIRC/Skype?
Post by: mdmamail on April 10, 2012, 11:48 pm
jabber is easiest.
register a free jabber account anywhere in the world and use OTR encryption with it.
tails comes with this preconfig'd you just need to reg a free XMPP/Jabber account.

Skype and all VoIP are not safe whatsoever unless both you and the other party have hardware vocoder encryption.