Internet privacy and security course
About translation
Previous Next

Chapter 99

XMPP (Jabber). How do they communicate in darknet?

Jabber is the old XMPP protocol name for instant exchange messaging, which is still popular among users. On darknet forums, they usually use colloquial name "a frog".

The XMPP network device is very simple: there are XMPP servers, there are a lot of them around the world, such as jabber.ru. You choose your server, register on it in the same way as you register on any other site (unless, of course, the server owner has provided opportunity of registration). At the time of registration on the server you create an account in the form of a login and a password.

Most XMPP servers to register require only login and password. No link to a cell phone, email or other personal data. New account can be registered for several seconds and on one device at the same time one can use a hundred accounts.

The XMPP server is linked to the domain name, and your XMPP account will look like this: unique_name @ domain_name_server, for example, [email protected]. This is similar to email, and many users confuse them, trying to send email to the addressee. In some cases, you can see reduction JID (Jabber ID) – this is synonymous for XMPP account.

By registering on one server, you can chat with all XMPP users, regardless of which server they are registered in (if once again there are no restrictions from the owner of the XMPP server).

For communication over the XMPP protocol special client programs are used. They are many of them, and they are for all popular mobile and desktop platforms. The most famous of them are Pidgin, Adium, Xabber and Psi +.

Difference between Jabber network and other messengers is in decentralization, or no single center. You yourself can customize and maintain own server, you can store or not store logs, identify policy of data gathering and cooperation with law enforcement agencies. For the same reason Jabber is complicated to get under state censorship.

 

Myth

XMPP is a secure protocol that can’t be overheard even by the special services.

Fact

Owners of XMPP servers can easily intercept and read the correspondence of all users except those which are encrypted. They can keep a record of communication with users and store these records, they may see and perform logging of IP-addresses of all users of their servers.

Despite everything written above, we consider XMPP to be by far the best solution in those cases when maximum level of protection of communication with instant exchange messages is needed. Just by default XMPP protocol is not reliable encryption, but you can add it.

In order to make communication via XMPP as anonymous and secure as possible, do the following steps:

  • connection to the Jabber-server should only be done through Tor (we will teach you that);
  • always use OTR / PGP encryption (several chapters of the course will be dedicated to this question);
  • use random login like [email protected] .

Remember these three fundamental rules of safe communicating via XMPP.

The problem of public Jabber servers is that they are often raised by amateurs who are simply not capable to configure safety properly. You cannot distinguish the server raised by a professional who cares about the security of the server from the server raised by an amateur.

Annually in popular engines of Jabber-servers there are detected vulnerabilities, developers make updates, but owners of XMPP servers are in no hurry to update them. We personally checked public servers on vulnerabilities, found them and reported to the owners, and not more than 50% of the server owners corrected them.

And do you know why? Many of them do not need your security. They have no financial motivation to deal with XMPP-server, because it does not bring money. The only deserving attention point is the way of earnings on the XMPP server, which is mailing advertising to registered users, but it is used not by all administrators.

Only during the time of writing of this course hackers hacked some popular XMPP servers. As a result of hacking, there was received access to user accounts and logs. It became known, because hackers wanting to monetize their success started trying to earn on the hacked accounts, because of this there was huge noise, and the problem became well known. If these servers had been hacked by special services, the public would have never known about it.

Perhaps you can get a question why do we need this Jabber, if there are enough protected messengers like Telegram? A properly configured XMPP client, including sending only via Tor, anonymous registration and PGP encryption, is better than the praised Telegram.

Higher level of security arises thanks to separation of software and server parts. Speaking in simple terms if you install Telegram, application collects a lot of information about you and binds it to your account connected to your mobile number. If you get your Telegram account blocked for spam, and change the account on the device resetting program, you will find that the program recognized you and the new account is also locked.

In Jabber this is impossible, as customers installing it, almost do not collect data, they are not engaged in fighting with spam and blocking users, they just don’t need this information, but even gathered minimum by them has nothing to do with used XMPP-accounts (at least, in proposed programs it is so).

Although XMPP is worse than the most anonymous, in our opinion, solution Bitmessage, at the same time it is incomparably more convenient and provides opportunity to lead instant message exchange. We will give the setup instructions for Jabber in the next chapters of this parts.

Previous
12599
Next