Welcome to the post snowden era where we don’t know who is seeing what and the worst thing about it is we can’t do much about it.
As the NSA revelations made their way into our world we began to demand a more secure communication channel and then the thought of encryption in personal communications was started to be taken some seriously.
Encryption, we now need it more than we ever did in the past but problem which arises is that this type of encryption is difficult for people like you and me to implement (Okay! Not me, I am a Geek 😀 ).
Now why I am writing about it today,
I have just found out a way for end to end encryption in your Facebook messages and it is something which is really simple and by that I mean really really simple to use.
Using it you can converse with the people you know and share all your personal information without the risk of being intercepted.
But before I dive any further into the topic I would clear the doubt in your mind about “I am a normal guy, I don’t need any kind of encryption”.
Why don’t you take out an hour of your precious time today and watch the Edward Snowden TED talk where he counters this same question by saying, “You don’t need to care about surveillance now but that doesn’t mean that you might never need it, You never know when will you need it.”.
Here I am embedding his TED talk, once watch it and then decide you need any such service or not.
Catching up where I left off, Facebook is the largest social network on the web and processes billions of messages every day but what you don’t know here is that Facebook messages don’t support encryption.
Well they do support encryption, the chat is protected by SSL encryption over the HTTPS channel but the problem is that the encryption is only between the user and Facebook and making it difficult is the fact that the company has access to the plain text of the conversations directly from their database which you never know can get into wrong hands (I mean, The Government).
There is an open source application called Cryptocat which solves this problem and adds end to end encryption to your Facebook messenger.
This App which I just mentioned, Cryptocat has existed since last three years and is really popular among activists and journalists as it brings this end to end encryption to the public.
Its mission is to make encrypted chat easy to use and accessible to all, they have added feature in the latest version, i.e. The 2.2 Update. They use the Facebook chat API to work which…(I’ll continue this later in this article)
Though it doesn’t solve the complete problem but you have to agree it solves the problem of conversing in an encrypted environment to some extent and we respect the Cryptocat guys for that.
The interesting this about this technology is Mark Zuck and team will only know that at a given time two guys are talking over an encrypted conversation but they will not be able to see the plan text messages, not only they, every other server other than Cryptocat’s will be able to see the messages.
Interested? Wanna try it out?
Cryptocat is available as a browser extension for Chrome, Safari and Opera and also on your iPhone in the form of an app. Their android App is undergoing construction and sources have it that they are also working to bring it to Mozilla and Mac desktop too.
Here I’ll show you setting up their browser extension and how you can then chat with your friends using Cryptocat.
Go to this link and click on the Download for Chrome button (I am using Chrome for the demo).
You will be asked whether you are sure to add it to your browser or cancel, click on add and the download will start.
Once the download is finished it automatically gets installed on your browser. To use it click on the Apps button in your bookmarks bar and you will be taken to your apps page. Click on the cryptocat icon and you will be then taken to Cryptocat application.
As you need to chat on Facebook click on the facebook button and then click on the Chat via Facebook button.
You will be asked to give permissions to use the Chat to cryptocat and then will be redirected to the application in your browser.
Then the app will take few seconds generating encryption keys for chat and after that’s done, you will find the Chat box with your friend’s list organised alphabetically on the left and the conversation box on the right.
You’ll see the Cryptocat icon before the names of people who are also using Cryptocat. You can only chat with people who are using cryptocat as the person on the other end needs to decrypt your messages and Cryptocat is required for that. (Hope you got the idea).
I asked one of my friends to enable Cryptocat so that I can show him this thing and at the same time try and test it. You can see in the screenshot below how to identify people using cryptocat.
If you try to chat with a person who isn’t using Cryptocat you will be shown the notification in the Chatbox, and the conversation status as non-encrypted.
As when you are chatting with person who has cryptocat installed you can read the messages in the cryptocat app like normally you do while chatting but when you check the message in Facebook inbox you will only see [Encrypted Message].
So that was all for today, Wait! Remember me saying something about Cryptocat using Facebook Chat API. Well, Facebook like every other successful company who hates being exploited by Activists, Coders, Reverse Engineers or just to sum it CREATIVE people they have announced their Chat API to stop from 30 April 2015. That sounds quite awkward, Mark was the one who called president Obama regarding his anger on the NSA surveillance practices but I guess he hates this thing.
Don’t know the inside story on it but you have nothing to worry about, you still have a few more months to use Cryptocat and by the time it ends I am sure the guys behind Cryptocat would have come up with something new and more secure.
What do you think about this post? Tried Cryptocat, any reviews? And make sure to share it with your friends on an encrypted chat 😀