Digit Geek
Digit Geek > Recent Articles > Technology > How to set up a secure communication system using open source tools

How to set up a secure communication system using open source tools

For the truly paranoid

Internet users may feel the need to be careful while communicating. You can’t be sure whether someone is snooping in on those conversations or simply recording them at their end. It is also better to be safe when using public internet services since it’s difficult to determine whether the connection has been compromised. If you belong to this category of cautious interweb users, this is how to get started on maintaining privacy and security while communicating.

Install a secure messaging app: Signal

Texting is the easiest and quickest form of communication. There are hundreds of the instant messaging apps out there. Since most of them are directed towards regular users, they incorporate basic features for protection and privacy. End-to-end encryption is something that the big players have already introduced into their services. Some have also included password protection and two-factor authentication but that’s about it. Open Whisper Systems has a dedicated application where you can benefit from better security and privacy features. Apart from the end-to-end encryption and password protection, you can disable screenshots inside the app, relay your calls through their servers for complete anonymity and register your number with a unique PIN. Relaying calls will mask your IP address to the caller, so you can’t be tracked. This is done by relaying the calls through Signal’s server at the cost of lower call quality.

By registering a lock PIN for your number, every time you log into the application, say, on a new device, then only you can access your account with the unique PIN. Of course, all these features will only work when both the sides are using Signal. You can create groups with other users as well and continue using the same features. Signal also supports one-to-one video calls but not group video calls. Edward Snowden has himself endorsed Signal. It is available on Android, iOS and Windows Desktop.

Send files over an encrypted channel: Firefox Send

During conversations, you might feel the need to share documents or pictures or even videos. Firefox is working on an experimental feature called Firefox Send to send files securely to someone, hosted for a limited time. Although storing files for a limited time isn’t new, the feature allows you to restrict the number of downloads as well. So, if you intend on sharing the file with only one person, then you can set the number of downloads to just one. It’s a web-only tool where you upload your file from the web browser. Once uploaded, it generates a public URL that can be shared. To ensure security, you can attach a password to the file as well.

The one using the link will need to enter the password to be able to download the file. Currently, the feature holds the file you shared for 24 hours and we believe in the future they might allow you to change the duration. If you’ve already sent something from your browser, it will remember the files and list them down with the number of downloads, time since it was uploaded and the shareable URL. The file size is limited to 1GB covering all types of files. Firefox Send doesn’t ask you to create a profile or log into any service. Just visit the website, upload your file and share the link. Even though it’s an experimental feature, it’s pretty solid to use it on a daily basis without worrying about someone else going through your files. Since this is a web tool, the service isn’t restricted to Firefox users.

Create an encrypted email account: Protonmail

Without some basic levels of security, you won’t even know if you’ve been hacked and someone else is also using your email account. Gmail does notify you about new logins from different browsers and even locations, and it also incorporates two-factor authentication. However, Gmail still hasn’t implemented end-to-end encryption natively. There’s also the fact that Google reads or scans your emails. That’s how your flight and movie reservations are automatically added to your Google Calendar. If this already scares you, then you should switch to Protonmail. Things are a little different here where they have implemented end-to-end encryption in their email service.

It only works when the emails are sent between Protonmail users. The company goes on making a bold claim that even they can’t read your emails since every email kept on their servers are encrypted and they don’t possess the encryption keys of their users. This means even if someone hacks into their servers, no one is getting access to your email content. If you intend to share sensitive information with someone using a different email service, you can encrypt your email with a password. The encrypted email will appear as a normal email in the inbox of the recipient with an embedded link. The link takes you to another webpage where you enter the password and the subject body is finally revealed. You can also assign self-destruct timers to emails and add passwords to them. This is applicable to both users of the service and outside. Protonmail offers all the security services available in Gmail except the ability to generate physical security keys. Going the extra mile, this service allows you to generate and download your PGP keys directly from your account rather than relying on setting it up manually. The free version of Protonmail offers you a storage of 500MB, limit of 150 messages daily, and the capability to create up to three folders or labels. If you see yourself regularly using the service and wanting more features, you can opt for the paid subscription. Protonmail is available on Android and iOS as well.

Video chat with multiple people securely: Jitsi Meet

Once you get into the habit of securely communicating with people, you might want to take up video calls as the next step. Jitsi Meet is an easy-to-use tool and it runs right from your web browser. They do have a software called Jitsi but it’s used for old messenger accounts such as AOL or Google Talk. Rather than going through the hassle of logging in and using the software, Jitsi Meet doesn’t require anything. On their landing page, all you need to do is enter a nickname or use the auto-generated ones and hit “Go”. The nickname entered on this screen will also be appended to the URL, forming a custom URL that can be shared to invite people.

On the bottom right, you can find details for inviting people. There are several dial-in numbers present for different countries. You can also add a password to these invitations. The tool is targeted for video conferencing where you can chat, share your screen (after installing their browser extension) or write on a shared document collaboratively (buggy for now), etc. It includes an option to share YouTube videos which can be controlled by the user who shared it. The YouTube video is inserted into the UI as a regular user whose view can be switched and paused. Another interesting feature is to go live on YouTube straight from the tool. The feature is currently in beta testing. With the option of not having to create or log in with an account and having encryption implemented, your activity isn’t being stored anywhere. Snowden was also seen using Jitsi Meet at one conference. Jitsi Meet has apps on both Android and iOS, so you can use the custom URLs to join video calls from your mobile devices.

Abhijit Dey

Abhijit Dey

While indulging deep into conspiracy theories surrounding comic book movie plots, he can be found rewatching them looking for easter eggs. Otherwise, his weekends are spent on gaming and browsing memes.