Jabber For Mac Otr



This document is intended to help people quickly get started encrypting their Instant Messages on Mac OS X.

Some background:

Adium is a free and open source instant messaging client for Mac OS X that supports multiple IM networks, including Windows Live Messenger, Yahoo! Messenger, Google Talk, AIM, ICQ and Jabber / XMPP.

Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations.

Important: Known Limitations:
- Adium is capable of having direct one-on-one chats as well as group chats. However, due to limitations of the OTR protocol, Adium does not support encryption during multi-user group chat. It only works in one-on-one chats.
- Adium keeps unencrypted logs of OTR chats by default. See Step 6 to learn how to disable logging of encrypted chat sessions.

Now let's jump right in.

Step 1: Download Adium

About Jabber for Mac Jabber is a new, next generation Unified Communication and collaboration client designed natively for the Mac OS X platform that brings together key Cisco technologies - Enterprise IM, presence, telephony and visual voicemail. Jabber is an all-in. Cisco Jabber for Mac. When you receive a voicemail message, you will see a counter appear on the Voice Messages tab displaying the number of. Voicemails you have received. You can play a message by clicking the Play button to the right of the entry. SJ IM PREMIUM for. SJ IM is an app for OS Android which grants safe messaging on mobile devices. In other words this is a jabber client for mobile phones and tablets with built-in automatic encryption algorithms based on PGP (OpenPGP) and OTR (Off-the-Record Messaging).

Begin by opening your favorite web browser ( Safari, Firefox, Chrome, Tor Browser Bundle or the browser of your choice ) and loading up the Adium website: https://adium.im

You will see the mascot for Adium, a green duck. Underneath the duck it will say 'Download Adium'. Click on that link. You will be taken to the Adium project's download page at Sourceforge.net. That page will say 'Your download will start in 5 seconds...' and will count down to 0. The download will begin.

The file that you get will be called Adium_x.y.z.dmg' where x.y.z is the version number. At the time of this writing, the current version is 1.5.7. The download may take a while to complete, as it is over 20MB in size.

Step 2: Install Adium

Open the Adium_x.y.z.dmg file by double clicking on it. In a default configuration the file will be in your Downloads folder inside your account's home directory. In the menu bar at the bottom of your screen, next to the recycle bin icon, there will be an icon for your Downloads directory. Click on it and inside you should find the Adium.x.y.z.dmg file. Click on the file. A dialog box will open up saying 'Opening Adium_x.y.z.dmg' it will go through several stages: verifying, checking volumes, mounting. After a few seconds, a folder will open up containing the Adium application. If you have ever installed a Mac OS X application this should be familiar to you. Simply drag the Adium icon onto the Applications Folder icon that is also inside the folder. This will install the application on your system.

Step 3: Running Adium for the first time

When you run Adium for the first time you will have the option to import your account information from other IM clients such as iChat. Or you can manually enter in your account information.

Jabber

If you don't have an instant messaging account on any of the supported services you can try creating an account on Calyx's free jabber server, jabber.calyxinstitute.org. To set up an account on the Calyx server, in Adium, navigate in the menu bar to File > Add Account > XMPP (Jabber).

Jabber For Mac Otr Download

For your jabber ID, choose a username and append @jabber.calyxinstitute.org. So for example if you choose 'mickeymouse' as your username then fill in 'mickeymouse@jabber.calyxinstitute.org'. Then choose a strong password. ( See: Generate a Strong Password using Mac OS X Lion’s Built-in Utility )

Alternately you can use the jabber.ccc.de server ( a public XMPP / Jabber server run by the Chaos Computer Club ) by selecting 'XMPP' for the Service, and making up an account in the format user@jabber.ccc.de and the password of your choice.

Once you have filled in the Jabber ID field and the password field, you can click 'Register New Account'. A new window will pop up asking you for server details. If you chose the Calyx server then use jabber.calyxinstitute.org for the Server. If you chose the CCC server then use jabber.ccc.de.
You can leave the port at the default of 5222. Then click the 'Request New Account' button.

You will be prompted to again enter your Jabber ID and password

Step 3: Generating your Encryption keys

After getting online with your IM account, go to the Adium menu and select Preferences.

In the preferences window that opens up, click the right-most icon, Advanced. In the Advanced preference pane, there will be a column of icons along the left-hand side. Select 'Encryption'.

This is where you will generate a key pair for your account. The key pair has two components, the public key and the private key. The public key is used to encrypt messages to you. Your private key is used to decrypt messages that are encrypted with your public key. You don't need to know all of this in order to encrypt your Instant messages, but the more you know the better. To learn more, check out the wikipedia entry on public key cryptography

The Encryption preferences page will say 'No private key present'. There will be a button next to your account name that says 'Generate'. Press that button.

Jabber For Mac Os 10.12

Once the generation process completes, where it said 'No private key present' it will now say Fingerprint: and there will be a set of random characters, probably 5 groups of 8 characters for a total of 40 characters.

Step 4: Using Off The Record to encrypt your messages

At this point you can test out OTR Encryption by starting an Instant Message conversation with a contact of yours who also has Adium or another OTR-capable IM client installed.

You will notice that when you open the conversation with your contact that there is a padlock icon which starts out in an 'unlocked' state. If you click on that icon and select 'Inititate Encrypted OTR Chat' then the key exchange process will begin.

The first time you attempt to communicate over an encrypted channel with your contact, you will get a pop-up window stating that your contact has sent you an unknown encryption fingerprint.

You will be asked whether you want to accept that fingerprint as verified. This is actually a vitally important moment because verification of your contact's fingerprint is the only way you can be sure that your messages are not being intercepted by a 3rd party.

In security circles, people sometimes print their fingerprints on the backs of their business cards, or publish them in a public place such as on their website, on their twitter account's about page, or something along those lines.

You can even confirm the fingerprint with your contact either by hand in person, via email ( preferably encrypted / signed email ) or over the phone if you want.

However you choose to verify the fingerprint is up to you. But to have any real assurance of security you must actually verify the fingerprint. Do not simply click 'Accept' and assume that all is well, especially if your safety may be at risk if your communications would be intercepted by a 3rd party.

Once you hit the 'Accept' button, your contact's public key will be saved within your Adium preferences. You can view it at any time by going to the Encryption preferences pane and selecting their username.

After you hit Accept, the padlock icon should change to a locked state. Now your communications are being encrypted and are protected against being easily intercepted and read.

Step 5: Verifying that your messages are being encrypted

Note: Do not intercept network traffic on a network where you do not have legal authority to do so. Interception of traffic may violate the law in your jurisdiction. This is not legal advice. Check with an attorney to be certain.

The simple and straight-forward way to accomplish this is to verify that the padlock icon is closed which indicates that your instant message session is encrypted.

If you really need strong communications security then don't simply trust that a padlock icon says your traffic is being encrypted. You should directly verify it yourself using network tools. Here are some ideas on how you could accomplish that:

If you are using AOL IM as your Service then tools such as dsniff can be used to intercept the traffic and extract the raw messages. If you are using XMPP then something like tcpflow or wireshark would work well to intercept your messages.

Step 6: Disable logging of your Encrypted chats

Adium keeps unencrypted logs of OTR chats by default. By design, OTR supports Perfect Forward secrecy, but by logging OTR enabled chats, it violates one of the design goals of OTR, and may put you at risk if the contents of your computer are ever captured by an adversary.

To disable logging of OTR encrypted chats, go to the Adium Preferences panel, and select 'General' and uncheck the box that says 'Log OTR-secured chats'

Placing Calls

NoteU-M doesn’t support the Contact List feature.

For
  1. Enter telephone number in the Jabber hub Search or Call field.
  2. Click the phone icon next to the Search or Call field.

IMPORTANT When entering a non-U-M number, enter a 9+1+ 10 digit or 5 digit telephone number.

Otr

Receiving Calls

In order to receive a call using Jabber, you must be logged in to the application. Settings affect a telephone number regardless if it is set on the desk phone or softphone. Changing the setting on one also changes the setting on the other.

When you receive an incoming call, a call window opens on your screen.

  • Click Answer to accept the call
  • Click Decline to forward the call to voicemail

Placing a Call on Hold

  1. Click icon with 3 dots.
  2. Click Hold.
  3. Click Resume to return to the call.

Transferring a Call

Transferring allows a call from the softphone to be transferred to other phones on the U-M system.

  1. Click icon with 3 dots.
  2. Click Transfer.
  3. Enter phone number to which you want to transfer the call in the search box.
  4. Click Transfer to complete the transfer.

Forwarding Calls

Note: We ask that you do not forward your university phone to a personal or home telephone number in an emergency shut down of the U-M campus. This feature is reserved for critical operations. Please keep in mind that staff members using softphones can log into the application directly to take calls from home.
  1. Click the Jabber window icon in the bottom right.
  2. Select Forward Calls.
  3. Select Voicemail or select New Number to enter another phone number. For non U-M numbers, use 9+1+ 10-digit or 5-digit phone number. Then select the new number from the Forward Calls to: drop-down menu. The forwarding number will show on the main Jabber page.

To Stop Forwarding

  1. Click the Jabber window icon in the bottom right.
  2. Select Forward Call: and select Off from the drop-down menu.

Sign out of Jabber from Mac

  1. Upper-left corner of your MAC screen select Jabber.
  2. Select Sign Out.

This will log you out of the Jabber Client