how to:How to Securely Communicate Via Instant Message Using Pidgin
Pidgin is a free, open-source, and secure instant messaging (IM) client. With Pidgin, you can organize and manage the different instant messaging accounts you use on one interface.
Before using Pidgin, you must have an account with an IM service. Pidgin supports AIM, ICQ, Google Talk, Jabber/XMPP, MSN Messenger, Yahoo!, Bonjour, Gadu-Gadu, IRC, Novell GroupWise Messenger, QQ, Lotus Sametime, SILC, SIMPLE, MXit, MySpaceIM, and Zephyr.
You cannot use Pidgin to communicate between different IM services. For example, if you are using Pidgin to access your AIM account, you can’t chat with a friend who is using Pidgin with his Google Talk account. So make sure you download the appropriate IM service to communicate with your friends.
Point your browser to http://www.pidgin.im/ and download and install the Pidgin chat client on your computer.
When you load up Pidgin, you will see a buddy list welcome screen. To get started, you need to add your existing IM accounts. Select Accounts, then Manage. Click “Add” to add an IM account. Click on the Protocol drop-down list and select the particular protocol you want to use. Then add your screen name and password. You also have the option of adding a “Local Alias,” which is a nickname. Click “Save.” Once you do this, your Accounts screen and Buddy List screen will be automatically updated.
Set up any additional IM accounts you may have following the same process.
Now you are ready to add buddies. Select Buddies from the main menu, then Add Buddy. You will then see the Add Buddy screen. Select the proper IM account, type in the buddy’s screen name (which is usually their e-mail address). In the Alias field, you can add a nickname for your buddy. Then click “Add.” A message will then be sent to your buddy requesting approval and authorization.
Remember, you and any buddy you add must be using the same IM service, even if the other user is not using Pidgin.
Make sure your buddy also requests to add you as a buddy on Pidgin. You will receive the same authorization message upon the other user adding you. Click “Authorize.” Now your buddy will appear in your Buddy List.
To chat with a buddy, select his or her name on your buddy list. Right-click on the name, and you will see a pop-up menu with options. Select “IM” to activate a new chat window.
Make sure your chat is private and secure. Both you and your buddy must enable the Pidgin-OTR (off the record) plugin. In the Buddy List, select “Tools” then “Plugins.” You will then see a plugins screen. Scroll down, and check the empty box next to “Off-the-Record Messaging.” Click “Configure Plugin.”
Next you need to generate the encryption key. Under the “Config” tab, check the empty boxes next to “Enable private messaging,” “Automatically initiate private messaging,” and “Don't log OTR conversations.” Then click “Generate.” A screen will appear notifying you that the key has been generated. Now your messages between one another will be private and secure.
When you are chatting with your buddy, you will see the OTR icon at the bottom of your chat screen. However, you will also need to request a secure, private conversation.
You will also see “Not private” in red at the top of your screen.
Click on “Not private” and a menu will come up. Select “Start private conversation.” Your chat window will display a message that Pidgin is attempting to start a private conversation, but that you should authenticate (verify) your buddy.
Why should you authenticate your buddy? To make sure he or she is actually who they say they are.
To verify your buddy, you have two options: a code word or a question-and-answer process.
You will both need to share a code word together in advance. Meet in person or online and decide on a code word. Then, when you are starting a chat with your buddy, click on the “OTR” icon in the chat window and select “Authenticate buddy.” You will then need to select how you want to authenticate your buddy.
If you shared a code word before, select “Share secret.” Type in the code word and click “Authenticate.” Your buddy will do the same on his or her end. If the code words match, the session will be authenticated. The OTR button will then say “Private” in green.
If you select “Question and Answer,” type a question and an answer to that question. The question will be sent to your buddy. If your answers match, the session will be authenticated.
The next time you and your buddy chat, you only have to request a secure connection.
Now you are chatting securely and privately!
Pidgin also has various plugins you can download and install to enhance the user experience. Most of these plugins are developed by third parties. Visit http://developer.pidgin.im/wiki/ThirdPartyPlugins to see the different types of plugins.