[OPSEC/Computer] Pidgin Security Questions

Hi guys. I have two small questions about Pidgin.

  1. If someone would want to see from which IP a guy connected to Pidgin, could he find out?

  2. It is possible to crack Pidgin encryption? If so, how hard it is?

Thanks!


Comments


[3 Points] DarknetHeroesLeague:

  1. If he tries hard enough , YES. Connect via tor . It is easy. Also there are jabber hidden services.

  2. You mean OTR? there are different plugins. PGP/GPG is available as well.

Both are very safe bets.OTR is especially useful as each session has its own temporary key. NSA documents have shown they are not able to crack it.Still you should change your accounts from time to time. Also research the jabber server you are using.

OTR jabber via Tor is probably your best bet.


[2 Points] hksupport:

If you use Pidgin not with Tor/Tails, yes it is possible. How difficult depends on the type of service you are using Pidgin for.

But why worry -- just use it with Tor. Tails comes with Pidgin installed. Having to setup your account each time is a small price to pay for the peace of mind of knowing you're safe.

As far as encryption, I'm assuming you mean OTR. And that has not been cracked. You are safe using it. If you use Pidgin on Tails, with OTR, and using a new account not connected to your IRL, (which you signed up for via Tor/Tails!!!), you will be secure.