As you may have guessed, this article focuses on encryption of personal messages online. Most people (you are likely to be one of them) do not consider that most of their conversations contain any secrets. Yet, some written chat messages are better to be kept from surveillance of anyone you like: your chief, journalists, wife, etc. You are not going to hide anything from the police, are you? So many people would agree that the encryption of private conversations online is the right thing to do. But how it works?
Until recently the most common method to encipher personal conversations were to use the Pidgin client with installed Off-the-Record Messaging plugin. It supports multiple instant messaging protocols such as ICQ, Jabber (XMPP), etc. That is, if previously you were using, for example, the official ICQ client and you really loved it, now you will have to say goodbye to it, install Pidgin instead, link your account to other messaging protocols, download and install Off-the-Record Messaging plugin, configure it and … ta-dah! Now try to persuade your friends to do the same. A small remark to those geeks who still trust this method: even that does not fully protect your conversations, because a hacker can use logs stored on the centrilized servers.
Realizing all this most people may disappointedly give up on the idea of keeping personal conversations safe from the snooping eyes. But here is a good news. There’s a free online service named OTR.to (shorted from Off-the-Record), meaning there’s nothing on the record. It is very easy-to-use and can solve the problem of encryption completely. Just see for yourself.
This service is browser-based and requires no registration. So in order to start a private chat you should go to OTR , copy a generated URL and send it to a person you plan to talk to. On following the link, he/she will open a chat window.
Or you can send an automatically generated ID instead of the URL. The second method may seem more complicated than the first one, since your talker will have to open otr.to page by himself and paste the ID number there. However, it is very convenient. You can send a short ID in sms, dictate it over the phone or just send it using the owl post delivery (not meant to be serious).
So you have a chat window opened. You will see two buttons below, their names speak for itself: sound and encryption. In all other respects this a simple chat window, with the only difference that after closing your conversation disappears completely.
Another nice feature is the Self Destructing Message, the second tab in the main menu. This feature allows you to create a message that your recipient will read when it is convenient to him. You can tick ‘Delete after reading’ box, indicate the expiration time (from 5 minutes to 1 year), and you can activate ‘Create message for every new line’ (then you will have as many messages as the number of lines, each with its own password).
Once you have typed your message, press ‘Create message’. You will get two URLs generated to choose from. The first contains the information about the password, so the person who receives this message encrypted will have just to click ‘Decode Secret’ to read it. The second URL does not have the information about the password, so you’ll have to send a password, too. To maximize security you can give it through other communication channels. Thus, in order to read the message your recipient will have to follow the link, insert the password into a required field and click ‘Decode Secret’.
Therefore, otr.to service solves the problem of protecting personal conversations just perfect. For the first time neither you, nor your friend will be burdened with security measures.