|torxmppu5u7amsed.onion||Register via client.||Problems to connect to other servers.|
|m2dsl4banuimpm6c.onion||Register via client.|
|anonboy5e4z6vxdl.onion||Register via client.|
|ijeeynrc6x2uy5ob.onion||Register via client.||Problems to connect to other servers.|
Most companies castrate their internet access for their employees with a firewall and proxy. Normally only port 80 and 443 are open, which means no access to the xmpp port 5222. With this instruction you can tunnel through the firewall to use special xmpp servers. The magic feature is called BOSH and some fairy dust.
First of all you need a xmpp account with the BOSH feature. Click on the BOSH-URI before you register an account. If you get a 404 error, then contact the administrator of the server or choose another server. Sometimes the administration of the servers is poor.
You can choose a server from this list:
|trashserver.net||https://trashserver.net/http-bind/||Register here: Web|
|jabberpl.org||https://jabberpl.org/http-bind-xmpp/||Register via client.|
|wiuwiu.de||https://wiuwiu.de/http-bind||Register here: Web|
|patchcord.be||https://patchcord.be/http-bind/||Register here: Web or via client.|
|5222.de||https://5222.de/http-bind||Register here: Web|
|danwin1210.me||https://danwin1210.me:5281/http-bind||Register here: Web|
|dismail.de||https://dismail.de/http-bind||Register here: Web|
The next thing you need is the xmpp client Gajim. Enter your login data for your account.
At the account configuration choose the tab connection.
The default configuration is here none. Press the button manage on the right of the combo box, which is set to none to configure the BOSH connection.
In the next dialog add a new entry at the bottom. Name it your-server-name + BOSH and choose in the combo box under the name: BOSH. The BOSH-Adress must be set as shown in the table above. Try port 80 or 443.
If only the firewall was your problem, then you are finished now.
If not, you have to set the proxy, too.
There is a checkbox for HTTP-Proxy in the dialog, where you set the BOSH data. Choose this checkpox and enter the proxy data. Enter the autentification, if needed.
If this works, then you are done.
If not, we need a special program to tunnel through the proxy called: cntlm
Install cntlm and enter your data into the cntlm.ini – see here. The default port is 3128. Set the Proxy-Adress in Gajim to 127.0.0.1 / localhost and the Proxy-Port to 3128.
Advanced features for encryption.
Install the plugins called OTR and OMEMO via the Gajim plugin dialog.
You can find me at digitalangel (at) trashserver.net if you need help or something else …
If you know more servers with BOSH, please write a comment!
On basic principle of the hacker ethic is decentralization. So please don’t use all the same server. Only one server can easily be monitored or censored, by taking down the server.
Here is a list of XMPP servers, which can be also accessed via the Onion:
You can find me at anonymiss (at) creep.im if you want …
If you know more servers, please write a comment!
[UPDATE] 2017-03-19 – Added some new servers to the list. My thanks are going to the readers for their input.
[UPDATE] 2017-03-26 – Added two new servers: metalgamer.eu and jabjab.de. Thanks for the input.
[UPDATE] 2017-05-21 – Added a new servers: evil.im. Thanks for the input.
[UPDATE] 2017-11-13 – Deleted some obsolete servers.
[UPDATE] 2017-11-26 – Added some new servers.
[UPDATE] 2018-01-03 – Added a new servers and updated others.
I want to point out, that through the new iPhone finger print scan it is not only detectable from which device something was sent or received, but also from which person it was sent or received.
I got some questions where to go after leaving Gmail to send real secure and private emails. If you decode my public key then you will see I use an email hosted in the U.S. That’s not really secure because the NSA can get access to this emails and I can’t do anything against it. I also use an Email in the I2P darknet: http://www.i2p2.de ← That’s really secure but the end to end encryption is only inside the I2P network. Most email servers outside I2P in the real Internet refuse emails form I2P – guess why 😦
The second best way for beginners is to use an email in Iceland. In Iceland after the Wikileaks scandal and the change of the government, you will get the best privacy in this world. As far as I know there is no secret service in Island like the NSA. They only have a normal police, which is doing the counterintelligence. They only take a look inside your emails if you do criminal thing, which are criminal after law in Island. So whistleblowing will be allowed.
You can use 1984 which is a web company in Island with an English web interface for emails: https://1984hosting.com
If you have more suggestions, please let me know in the comments 🙂
If you are searching for a fast secure chat running in a browser then here is a solution:
You can share files with Cryptocat, too. Use the disk symbol at the top right. Cryptocat is open source and can be installed on any server with SSL (https) support.
All these features makes Cryptocat to the number one tool for a fast secure communication on the internet.
The encryption key is controlled by the server. For a real top secret secure encryption the key must be controlled on your own.