Keep in mind that the following options will only keep you safe for an indefinite period of time. A head start if you will. Technology is a moving target, every time we create a new technology, we have produced new vulnerabilities.
List of sections on this page:
- Off-the-Record (OTR)
- Pretty Good Privacy (PGP)
- Signal (iOS App)
- RedPhone (Android App)
- TextSecure (Android App)
Off-the-Record (OTR)
Off-the-Record/OTR messaging allows you to have private conversations over instant messaging by providing:
- Encryption: No one else can read your instant messages.
- Authentication: You are assured the correspondent is who you think it is.
- Deniability: The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
- Perfect forward secrecy: If you lose control of your private keys, no previous conversation is compromised.
So, it is known only a secure way for information exchange, it also provides post-talk security. OTR uses a combination of different encryption algorithms inter alia AES. To have a private conversation, you need a XMPP account. Extensible Messaging and Presence Protocol also known as Jabber is a communication protocol that allows you to chat with others online, doesn’t matter to which provider your account belongs. You can also, increase the level of security by sending your data through the Tor Network. Visit https://otr.cypherpunks.ca to download, donate or contribute to the project. For more information regarding the installation of the OTR plugin visit https://securityinabox.org/pidgin_main.
Pretty Good Privacy (PGP)
PGP is a technique developed by Philip Zimmerman for encrypting messages. PGP is one of the most common ways to protect messages on the Internet because it is effective, easy to use, and free. PGP is based on the public-key method, which uses two keys — one is a public key that you disseminate to anyone from whom you want to receive a message. The other is a private key that you use to decrypt messages that you receive.
Here are a few alternative programs for email encryption:
Gnu Privacy Guard (GnuPG)
A step-by-step guide on how to run GnuPG in combination with Thunderbird, TorBirdy & Enigmail can be found here: https://securityinabox.org/thunderbird_main.
For more on GnuPG, its source code and ways to donate visit: https://www.gnupg.org
Gpg4win (Windows)
A step-by-step guide on how to install, run Gpg4win and encrypt/decrypt emails: http://www.deepdotweb.com/2013/11/11/pgp-tutorial-for-newbs-gpg4win
For more on Gpg4win, its source code and ways to donate visit: http://gpg4win.org
GPG Tools (Mac OS X & Apple Mail)
A step-by-step guide on how to encrypt & decrypt your emails: http://support.gpgtools.org/kb/how-to/first-steps-where-do-i-start-where-do-i-begin
For more on GPG Tools, its source code and ways to donate visit: https://gpgtools.org
Signal (iOS App)
Signal provides end-to-end encryption for your calls on , securing your conversations so that nobody can listen in.
- Signal uses your normal phone number to make and receive calls, so you don’t need yet another identifier.
- Signal calls are encrypted end-to-end, but function just like you’re used to.
- Free and Open Source, enabling anyone to verify its security by auditing the code. Check out the source code: https://github.com/whispersystems/signal-ios
- Uses WiFi or data, not your plan’s voice minutes.
Signal is compatible with the iPhone, iPad, and iPod touch. It requires iOS 7.0 or later and can be downloaded from the AppStore: https://itunes.apple.com/app/signal-private-messenger/id874139669
RedPhone (Android App)
RedPhone makes private communication simple. Free, world-wide, end-to-end encryption for your calls, securing your conversations so that nobody can listen in.
- RedPhone uses your normal phone number to make and receive calls, so you don’t need yet another identifier.
- RedPhone calls are encrypted end-to-end with ZRTP, but function just like you’re used to.
- Free and Open Source, enabling anyone to verify its security by auditing the code. Check out the source code: https://github.com/WhisperSystems/RedPhone
- Uses WiFi or data, not your plan’s voice minutes.
- All RedPhone calls are free, including long distance and international.
RedPhone is only compatible with Android devices, it requires 2.3/Froyo or later and can be download it from the GooglePlay Store, for free:
TextSecure (Android App)
With TextSecure you can communicate in real time while saving SMS charges, create groups to talk simultaneously with multiple and share media and attachments with one another – and all completely confidential.
- Confidential: TextSecure uses an advanced end-to-end encryption protocol to ensure the confidentiality of all messages at any time. The message can be decrypted only on the recipient’s phone, and not during the transfer.
- Open Source: TextSecure is free and open source, so that the safety of the app can be understood by examination of the program code. TextSecure is the only messaging app, the encryption process is free of cost and frequently checked. Check out the source code:
- Group conversations: TextSecure allows you to create encrypted groups in which you can make confidential conversations with several at the same time. This not only your messages are encrypted, the TextSecure server has no access to group members, group name or symbol of the group.
- Fast. The text Secure protocol was developed to work in the most restricted environments: Your messages are sent immediately to the receivers.
TextSecure is only compatible with Android devices, it requires 2.3/Froyo or later and can be downloaded from the GooglePlay Store, for free: