Jabber For Mac Os X

  



This document is intended to help people quickly get started encrypting their Instant Messages on Mac OS X.

Some background:

Adium is a free and open source instant messaging client for Mac OS X that supports multiple IM networks, including Windows Live Messenger, Yahoo! Messenger, Google Talk, AIM, ICQ and Jabber / XMPP.

Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations.

SJ Products SJ IM Client SJ IM for Mac OS X SJ IM is an app for OS Android which grants safe messaging on mobile devices. In other words this is a jabber client for mobile phones and tablets with built-in automatic encryption algorithms based on PGP (OpenPGP) and OTR (Off-the-Record Messaging). SJ supports many IM clients. Jabber/XMPP is an open protocol and anyone may develop a client for it. This means there are many different clients to connect to jabber.at. So what's the best client? Here is what we have found works best: Android: Conversations (€ 2,39 on Google Play) iOS (iPhone): ChatSecure (in the App Store) Linux: Gajim; Linux (console): mcabber. Jabber is a unified communications application for Windows, Mac OS X, and mobile devices. Jabber provides instant messaging (IM or chat), presence (the ability to see if someone is available), video calls, voice messaging, desktop sharing and conferencing capabilities. It also has WebEx integration, which allows you to launch online meetings directly.

Download jabber client Mac OS X, cryptographer Download jabber client for Mac OS X which will guarantee the confidentiality of your correspondence, message history encryption, secure file transfer, support for ICQ and more. System Requirements: OS X 10.6 or later, MacGPG (GPG Suite). Adium is a free instant messaging application for Mac OS X that can connect to AIM, XMPP (Jabber), ICQ, IRC and more. Learn more about Adium.

Cisco Jabber Mac Os X Download

Important: Known Limitations:
- Adium is capable of having direct one-on-one chats as well as group chats. However, due to limitations of the OTR protocol, Adium does not support encryption during multi-user group chat. It only works in one-on-one chats.
- Adium keeps unencrypted logs of OTR chats by default. See Step 6 to learn how to disable logging of encrypted chat sessions.

Now let's jump right in.

Step 1: Download Adium

Begin by opening your favorite web browser ( Safari, Firefox, Chrome, Tor Browser Bundle or the browser of your choice ) and loading up the Adium website: https://adium.im

You will see the mascot for Adium, a green duck. Underneath the duck it will say 'Download Adium'. Click on that link. You will be taken to the Adium project's download page at Sourceforge.net. That page will say 'Your download will start in 5 seconds...' and will count down to 0. The download will begin.

The file that you get will be called Adium_x.y.z.dmg' where x.y.z is the version number. At the time of this writing, the current version is 1.5.7. The download may take a while to complete, as it is over 20MB in size.

Step 2: Install Adium

Open the Adium_x.y.z.dmg file by double clicking on it. In a default configuration the file will be in your Downloads folder inside your account's home directory. In the menu bar at the bottom of your screen, next to the recycle bin icon, there will be an icon for your Downloads directory. Click on it and inside you should find the Adium.x.y.z.dmg file. Click on the file. A dialog box will open up saying 'Opening Adium_x.y.z.dmg' it will go through several stages: verifying, checking volumes, mounting. After a few seconds, a folder will open up containing the Adium application. If you have ever installed a Mac OS X application this should be familiar to you. Simply drag the Adium icon onto the Applications Folder icon that is also inside the folder. This will install the application on your system.

Step 3: Running Adium for the first time

When you run Adium for the first time you will have the option to import your account information from other IM clients such as iChat. Or you can manually enter in your account information.

If you don't have an instant messaging account on any of the supported services you can try creating an account on Calyx's free jabber server, jabber.calyxinstitute.org. To set up an account on the Calyx server, in Adium, navigate in the menu bar to File > Add Account > XMPP (Jabber).

For your jabber ID, choose a username and append @jabber.calyxinstitute.org. So for example if you choose 'mickeymouse' as your username then fill in 'mickeymouse@jabber.calyxinstitute.org'. Then choose a strong password. ( See: Generate a Strong Password using Mac OS X Lion’s Built-in Utility )

Alternately you can use the jabber.ccc.de server ( a public XMPP / Jabber server run by the Chaos Computer Club ) by selecting 'XMPP' for the Service, and making up an account in the format user@jabber.ccc.de and the password of your choice.

Once you have filled in the Jabber ID field and the password field, you can click 'Register New Account'. A new window will pop up asking you for server details. If you chose the Calyx server then use jabber.calyxinstitute.org for the Server. If you chose the CCC server then use jabber.ccc.de.
You can leave the port at the default of 5222. Then click the 'Request New Account' button.

You will be prompted to again enter your Jabber ID and password

Step 3: Generating your Encryption keys

After getting online with your IM account, go to the Adium menu and select Preferences.

In the preferences window that opens up, click the right-most icon, Advanced. In the Advanced preference pane, there will be a column of icons along the left-hand side. Select 'Encryption'.

This is where you will generate a key pair for your account. The key pair has two components, the public key and the private key. The public key is used to encrypt messages to you. Your private key is used to decrypt messages that are encrypted with your public key. You don't need to know all of this in order to encrypt your Instant messages, but the more you know the better. To learn more, check out the wikipedia entry on public key cryptography

The Encryption preferences page will say 'No private key present'. There will be a button next to your account name that says 'Generate'. Press that button.

Once the generation process completes, where it said 'No private key present' it will now say Fingerprint: and there will be a set of random characters, probably 5 groups of 8 characters for a total of 40 characters.

Step 4: Using Off The Record to encrypt your messages

Mac

At this point you can test out OTR Encryption by starting an Instant Message conversation with a contact of yours who also has Adium or another OTR-capable IM client installed.

You will notice that when you open the conversation with your contact that there is a padlock icon which starts out in an 'unlocked' state. If you click on that icon and select 'Inititate Encrypted OTR Chat' then the key exchange process will begin.

The first time you attempt to communicate over an encrypted channel with your contact, you will get a pop-up window stating that your contact has sent you an unknown encryption fingerprint.

You will be asked whether you want to accept that fingerprint as verified. This is actually a vitally important moment because verification of your contact's fingerprint is the only way you can be sure that your messages are not being intercepted by a 3rd party.

In security circles, people sometimes print their fingerprints on the backs of their business cards, or publish them in a public place such as on their website, on their twitter account's about page, or something along those lines.

You can even confirm the fingerprint with your contact either by hand in person, via email ( preferably encrypted / signed email ) or over the phone if you want.

However you choose to verify the fingerprint is up to you. But to have any real assurance of security you must actually verify the fingerprint. Do not simply click 'Accept' and assume that all is well, especially if your safety may be at risk if your communications would be intercepted by a 3rd party.

Once you hit the 'Accept' button, your contact's public key will be saved within your Adium preferences. You can view it at any time by going to the Encryption preferences pane and selecting their username.

After you hit Accept, the padlock icon should change to a locked state. Now your communications are being encrypted and are protected against being easily intercepted and read.

Step 5: Verifying that your messages are being encrypted

Note: Do not intercept network traffic on a network where you do not have legal authority to do so. Interception of traffic may violate the law in your jurisdiction. This is not legal advice. Check with an attorney to be certain.

The simple and straight-forward way to accomplish this is to verify that the padlock icon is closed which indicates that your instant message session is encrypted.

If you really need strong communications security then don't simply trust that a padlock icon says your traffic is being encrypted. You should directly verify it yourself using network tools. Here are some ideas on how you could accomplish that:

If you are using AOL IM as your Service then tools such as dsniff can be used to intercept the traffic and extract the raw messages. If you are using XMPP then something like tcpflow or wireshark would work well to intercept your messages.

Step 6: Disable logging of your Encrypted chats

Adium keeps unencrypted logs of OTR chats by default. By design, OTR supports Perfect Forward secrecy, but by logging OTR enabled chats, it violates one of the design goals of OTR, and may put you at risk if the contents of your computer are ever captured by an adversary.

Jabber

To disable logging of OTR encrypted chats, go to the Adium Preferences panel, and select 'General' and uncheck the box that says 'Log OTR-secured chats'

1-19-2017

NOTE: This guide is not being actively reviewed or updated, and is currently retired. If you would like to use Adium or another form of OTR messaging for macOS, please refer to those services’ websites and documentation for information on how to install and use them.

Adium is a free and open source instant messaging client for OS X that allows you to chat with individuals across multiple chat protocols, including Google Hangouts, Yahoo! Messenger, Windows Live Messenger, AIM, ICQ, and XMPP.

OTR (Off-the-record) is a protocol that allows people to have confidential conversations using the messaging tools they’re already familiar with. This should not be confused with Google's “Off the record,” which merely disables chat logging, and does not have encryption or verification capabilities. For Mac users, OTR comes built-in with the Adium client.

OTR employs end-to-end encryption. This means that you can use it to have conversations over services like Google Hangouts without those companies ever having access to the contents of the conversations. However, the fact that you are having a conversation is visible to the provider.

Why Should I Use Adium + OTR? Anchor link

Jabber

When you have a chat conversation using Google Hangouts on the Google website, that chat is encrypted using HTTPS, which means the content of your chat is protected from hackers and other third parties while it’s in transit. It is not, however, protected from Google, which have the keys to your conversations and can hand them over to authorities or use them for marketing purposes.

After you have installed Adium, you can sign in to it using multiple accounts at the same time. For example, you could use Google Hangouts and XMPP simultaneously. Adium also allows you to chat using these tools without OTR. Since OTR only works if both people are using it, this means that even if the other person does not have it installed, you can still chat with them using Adium.

Adium also allows you to do out-of-band verification to make sure that you’re talking to the person you think you’re talking to and you are not being subject to a man-in-the-middle attack. For every conversation, there is an option that will show you the key fingerprints it has for you and the person with whom you are chatting. A 'key fingerprint' is a string of characters like '342e 2309 bd20 0912 ff10 6c63 2192 1928,” that’s used to verify a longer public key. Exchange your fingerprints through another communications channel, such as Twitter DM or email, to make sure that no one is interfering with your conversation. If the keys don't match, you can't be sure you're talking to the right person. In practice, people often use multiple keys, or lose and have to recreate new keys, so don't be surprised if you have to re-check your keys with your friends occasionally.

Limitations: When Should I Not Use Adium + OTR? Anchor link

Technologists have a term to describe when a program or technology might be vulnerable to external attack: they say it has a large “attack surface.” Adium has a large attack surface. It is a complex program, which has not been written with security as a top priority. It almost certainly has bugs, some of which might be used by governments or even big companies to break into computers that are using it. Using Adium to encrypt your conversations is a great defense against the kind of untargeted dragnet surveillance that is used to spy on everyone's Internet conversations, but if you think you will be personally targeted by a well-resourced attacker (like a nation-state), you should consider stronger precautions, such as PGP-encrypted email.

Installing Adium + OTR On Your Mac Anchor link

Step 1: Install the program

First, go to https://adium.im/ in your browser. Choose “Download Adium 1.5.9.” The file will download as a .dmg, or disk image, and will probably be saved to your “downloads” folder.

Double-click on the file; that will open up a window that looks like this:

Move the Adium icon into the “Applications” folder to install the program. Once the program is installed, look for it in your Applications folder and double-click to open it.

Step 2: Set up your account(s)

First, you will need to decide what chat tools or protocols you want to use with Adium. The setup process is similar, but not identical, for each type of tool. You will need to know your account name for each tool or protocol, as well as your password for each account.

To set up an account, go to the Adium menu at the top of your screen and click “Adium” and then “Preferences.” This will open a window with another menu at the top. Select “Accounts,” then click the “+” sign at the bottom of the window. You will see a menu that looks like this:

Select the program that you wish to sign in to. From here, you will be prompted either to enter your username and password, or to use Adium’s authorization tool to sign in to your account. Follow Adium’s instructions carefully.

How to Initiate an OTR Chat Anchor link

Jabber For Mac Os

Once you have signed in to one or more of your accounts, you can start using OTR.

Remember: In order to have a conversation using OTR, both people need to be using a chat program that supports OTR.

Step 1: Initiate an OTR Chat

First, identify someone who is using OTR, and initiate a conversation with them in Adium by double-clicking on their name. Once you have opened the chat window, you will see a small, open lock in the upper left-hand corner of the chat window. Click on the lock and select “Initiate Encrypted OTR Chat.”

Step 2: Verify Your Connection

Once you have initiated the chat and the other person has accepted the invitation, you will see the lock icon close; this is how you know that your chat is now encrypted (congratulations!) – But wait, there’s still another step!

At this time, you have initiated an unverified, encrypted chat. This means that while your communications are encrypted, you have not yet determined and verified the identity of the person you are chatting with. Unless you are in the same room and can see each other’s screens, it is important that you verify each other’s identities. For more information, read the module on Key Verification.

Jabber For Mac Os X 10.13

To verify another user’s identity using Adium, click again on the lock, and select “Verify.” You will be shown a window that displays both your key and the key of the other user. Some versions of Adium only support manual fingerprint verification. This means that, using some method, you and the person with whom you’re chatting will need to check to make sure that the keys that you are being shown by Adium match precisely.

The easiest way to do this is to read them aloud to one another in person, but that’s not always possible. There are different ways to accomplish this with varying degrees of trustworthiness. For example, you can read your keys aloud to one another on the phone if you recognize each other’s voices or send them using another verified method of communication such as PGP. Some people publicize their key on their website, Twitter account, or business card.

The most important thing is that you verify that every single letter and digit matches perfectly.

Step 3: Disable Logging

Now that you have initiated an encrypted chat and verified your chat partner’s identity, there’s one more thing you need to do. Unfortunately, Adium logs your OTR-encrypted chats by default, saving them to your hard drive. This means that, despite the fact that they’re encrypted, they are being saved in plain text on your hard drive.

To disable logging, click “Adium” in the menu at the top of your screen, then “Preferences.” In the new window, select “General” and then disable “Log messages” and “Log OTR-secured chats.” Remember, though, that you do not have control over the person with whom you are chatting—she could be logging or taking screenshots of your conversation, even if you yourself have disabled logging.

Jabber For Mac Os X 10.10

Your settings should now look like this:

Jabber For Mac Os X 10.8