Gibberbot is designed for people who need to chat securely. If you and the person you are communicating with are both able to use it, secure chat can be used as a replacement for email and text messaging.
Gibberbot should work on any Android phone. It’s probably best for users who are reasonably comfortable chatting and handling their phone, and it’s only currently available in English.
Gibberbot is an instant messaging app for Android phones, developed by The Guardian Project. Gibberbot implements off-the-record messaging (OTR). Off-the-record messaging is a way to conduct an instant messaging conversation with the following attributes
Encryption. An eavesdropper cannot read your messages
Authentication. You can verify the identity of the person you’re chatting to - or at least of the account they are using.
Deniability. It is not possible for a third party to prove that a particular user sent or received a particular message.
Perfect forward secrecy. It is not possible for an attacker to decrypt a previous conversation, even if he/she obtains the encryption keys used to encrypt it.
Gibberbot can also use Orbot to route your chats over the Tor network. This prevents an observer from following the source and destination of your messages (effectively, from knowing you are chatting) and provides a way to circumvent web censorship that may involve chat servers being blocked.
Off-the-record messaging only works when both parties in the conversation are using it. This means both parties need to use Gibberbot, another mobile app, or chat software that supports it. Currently Gibberbot is the only option we know of for mobile phones. Off-the-record plugins are available for several PC chat programs, including Pidgin (Windows and Linux), Adium (Mac), Trillian (Windows) and Miranda (Windows).
Tool Category:
App resides and runs on a mobile phone
App resides and runs on a server
Key Features :
When used with Orbot, Gibberbot combines the security, privacy and anonymity provisions of off-the-record messaging with the additional anonymous browsing and circumvention protection of the Tor network.
Gibberbot is currently the only implementation of off-the-record messaging for mobile phones that we are aware of.
The code for Gibberbot is open source and freely available for download - there are no costs involved except your airtime while chatting.
For many, mobile devices are an indispensable tool for storing and sharing increasingly sensitive information. Contacts, emails, and mobile browsing history can easily be compromised without taking the proper measures to ensure that that information is safely in the right hands... and out of the wrong ones. Newly added to our mDirectory are the following how-to guides on securing mobile email, mobile anonymity, backups, and data deletion from our SaferMobile team:
Securing Your Mobile Email - This guide catalogs the different tactics you can take to keep mobile email safe. It covers email security basics, TLS/SSL enabling, and email encryption. The guide also provides customized tactics and suggestions for Android, Blackberry, iPhone, and Nokia/Symbian phones.
Mobile Tools for Backups, Data Deletion and Remote Wipe - Anyone who has ever had their phone stolen knows how frustrating and potentially dangerous that can be. Here we have a comprehensive review of some of the tools out there for data backup and restore, data deletion, and remote wipe.
For all other materials produced by the SaferMobile team, check out this complete list (and watch for a new SaferMobile site soon!)
Mobile Anonymity and Censorship Circumvention: How to Browse the Web Anonymously On Your Phone data sheet 3553 Views
Author:
MelissaLoudon
Abstract:
If you don’t want someone to know that you were accessing a particular web site (or that you were accessing it at a particular time, such as when inflammatory content was posted), you need to anonymize your mobile browsing. Depending on how your network is set up, the site you are accessing may be able to see and keep a record of your IP address. Your network administrator, Internet Service Provider and/or Mobile Network Operator can see and keep records of the IP addresses of both your Internet-connected mobile device and the sites you are accessing. IP addresses can nearly always be linked to a geographic location, whether a zip code or a city, and your ISP or mobile network provider can link your IP to your individual device.
However, using HTTPS does not hide your identity. If you don’t want someone to know that you were accessing a particular web site (or that you were accessing it at a particular time, such as when inflammatory content was posted), you need to anonymize your mobile browsing. Depending on how your network is set up, the site you are accessing may be able to see and keep a record of your IP address. Your network administrator, Internet Service Provider and/or Mobile Network Operator can see and keep records of the IP addresses of both your Internet-connected mobile device and the site you are accessing. IP addresses can nearly always be linked to a geographic location, whether a zip code or a city, and your ISP or mobile network provider can link your IP to your individual device.
Organisations and countries that block websites can do so by blocking communication to and from specific IP addresses. For this reason, anonymizing your browsing is also the first step to circumventing Internet censorship.
This article describes two tactics for anonymous browsing and censorship circumvention - using a proxy, and using a mobile version of the circumvention tool Tor. Both are used on cpmputers as well as mobile devices. Specific tools for mobile phones are described in the second part of the article.
A User Guide to Orbot - Anonymized Tor Browsing on Your Mobile Phone data sheet 3216 Views
Author:
SaferMobile
Abstract:
Orbot is an anonymizing and circumvention app that connects Android phones to the Tor network. Developed by The Guardian Project, it is currently the only way to use Tor on a mobile phone.
Orbot is for Android users who need to browse anonymously or circumvent blocked sites. It should work on both older and new model Android phones, and does not require a rooted phone (although there are some advantages to using it with one). Orbot is designed for proficient Android users.
Orbot is an anonymizing and circumvention app that connects Android phones to the Tor network. Developed by The Guardian Project, it is currently the only way to use Tor on a mobile phone.
Who should use it?
Orbot is for Android users who need to browse anonymously or circumvent blocked sites. It should work on both older and new model Android phones, and does not require a rooted phone (although there are some advantages to using it with one). Orbot is designed for proficient Android users.
How does it work?
Orbot sets up a connection to the Tor network and makes it available to apps through a local proxy.
Secure Chat on Android: Gibberbot, a User Guide data sheet 2380 Views
Author:
SaferMobile
Abstract:
Gibberbot is an instant messaging app for Android phones. Gibberbot implements off-the-record messaging (OTR), a way to conduct an instant messaging conversation with encryption, authentification, deniability, and forward secrecy.
Gibberbot is an instant messaging app for Android phones, developed by The Guardian Project. Gibberbot implements off-the-record messaging (OTR). Off-the-record messaging is a way to conduct an instant messaging conversation with the following attributes
Encryption. An eavesdropper cannot read your messages
Authentication. You can verify the identity of the person you’re chatting to - or at least of the account they are using.
Deniability. It is not possible for a third party to prove that a particular user sent or received a particular message.
Perfect forward secrecy. It is not possible for an attacker to decrypt a previous conversation, even if he/she obtains the encryption keys used to encrypt it.
Gibberbot can also use Orbot to route your chats over the Tor network. This prevents an observer from following the source and destination of your messages (effectively, from knowing you are chatting) and provides a way to circumvent web censorship that may involve chat servers being blocked.
Off-the-record messaging only works when both parties in the conversation are using it. This means both parties need to use Gibberbot, another mobile app, or chat software that supports it. Currently Gibberbot is the only option we know of for mobile phones. Off-the-record plugins are available for several PC chat programs, including Pidgin (Windows and Linux), Adium (Mac), Trillian (Windows) and Miranda (Windows).
Mobile communications are very easily surveilled. There is a need for anonymity services so that monitoring governments and networks cannot track user activities. This tracking should be prevented even if the surveilling party has information about what websites or information the user is browsing.
Orbot provides an anonymity engine which implements Tor on the Android Operating System. When coupled with a browser, or instant messaging client, Orbot can disguise the source of activities on the Internet. Anybody monitoring the connection to the internet-based service will not be able to tell the source of the web transation.
Tool Category:
App resides and runs on a mobile phone
Key Features :
Orbot is an application that allows mobile phone users to access the web, instant messaging and email without being monitored or blocked by their mobile internet service provider. Orbot brings the features and functionality of Tor (see technical overview or lay man's guide) to the Android mobile operating system.
A Guide to Mobile Security for Citizen Journalists data sheet 15162 Views
Author:
Melissa Loudon
Abstract:
Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism.
Mobile phones are used to compose stories, capture multi-media evidence and disseminate content to local and international audiences. This can be accomplished extremely quickly, making mobile media tools attractive to citizens and journalists covering rapidly unfolding events such as protests or political or other crises. The rise of mobiles has also helped extend citizen journalism into transient, poor or otherwise disconnected communities.
However, for those working under repressive regimes, citizen journalism can be a double-edged sword. Anything you create and disseminate can be used against you, whether through the legal system or in other more sinister forms of suppression.
This guide for Mobile Security gives an overview and provides recommendations for secure browsing, secure content uploading, and using "throw-away phones" for organizing and communications. We note that secure solutions for mobile communications are currently lacking, however!
Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism.
I recently had a chat with Patrick Meier, a doctoral student at Tufts University, and am thrilled to have started a conversation. Patrick is doing his dissertation on what he calls the "iRevolution," activism, repressive regimes and who is winning in the cat and mouse tech game. (And yes, I am paraphrasing!) He generously allowed us to repost one of his pieces on secure SMS and a mobile equivalent to TOR. We'll be in close touch with Patrick as he delves into the research - it's much needed and great work.
WirelessWeek: Analysts predicted SMS revenues of up to $80 billion worldwide in 2007, with the number of text messages expected to reach a whopping 1.8 trillion by 2010.
