How to Encrypt your Skype Messages to Thwart Snooping Eyes Using Pidgin

Skype is a great service. It allows a free solution for VoIP to VoIP calls, and cheap VoIP to landline calling. However, a very disturbing, little known fact that might push you away from Skype does exist. If you closely read the terms of service agreement, it clearly says that Skype is allowed to decrypt your messages whenever they please. Here at Null Byte, we tend to enjoy our anonymity, don't we?

A solution to our issue would be end-to-end encryption. This means that we would need to share a password with a contact, and create a private encryption key. Our messages would be encrypted and sent across the network, unreadable, and finally reach its destination, only to be decrypted by the receiving party. One issue, however, lies in this solution—Skype doesn't have extensible plugins.

Pidgin is a great, mutil-platform, multi-protocol instant messaging client. It supports nearly every protocol by default, and has a very dense list of plugins. Here are a few of the default protocols:

  • MSN
  • AIM
  • IRC (very rough)
  • ICQ
  • Facebook Chat
  • Google Talk
  • And more...

With the use of the great Pidgin instant messenger, and the Skype protocol, we can use end-to-end encryption on our messages in a breeze. This will protect us from Skype potentially snooping through our sensitive messages. That's our mission in this Null Byte!

How to Encrypt your Skype Messages to Thwart Snooping Eyes Using Pidgin

Requirements

  • Skype account
  • Windows, Mac, or Linux OS

Step 1 Download & Install Pidgin

Text in bold is a Linux terminal command.

Let's get our software installed, the method varies slightly based on platform.

Windows

  1. Download Pidgin from the official site.
  2. Double-click the installer.
  3. Check and uncheck the options that you want to keep.
  4. Click Next > Next > Next > Finish.

Mac

  1. Download Pidgin here (Look into Adium, a native port of pidgin for Mac).
  2. Run the installer normally, selecting and unselecting your needed options.

Linux

  1. Download the Pidgin source code.
  2. Extract the tarball.
        tar zxvf <pidgin package>
  3. Configure the installation.
        ./configure
  4. Compile and install Pidgin to your system.
        make && sudo make isntall

Step 2 Installing Skype4Pidgin

Skype4Pidgin is an addon that allows us to utilize the chat features from Skype via Pidgin. However, this will allow us to use Skype in conjunction with Pidgin's great plugin list.

Windows

  1. Download the plugin for Windows.
  2. Run the installer.

Mac

  1. Download the plugin for Mac OSX.
  2. Extract the zip file and double-click SkypePlugin. AdiumPlugin to install it.

Linux

  1. Download the plugin for Linux.
  2. Copy the file to the plugin's directory for Pidgin.
        cp libskype.so ~/.purple/plugins

Step 3 Install OTR

OTR stands for Off-The-Record, which is a plugin for Pidgin that provides end-to-end encryption for you and your contacts. It requires that the person you are chatting with use the plugin as well.

Installers and Source

  1. Add your Skype account to Pidgin's accounts.
  2. After the plugin is installed, right-click the Pidgin tray icon and click Plugins.
  3. Scroll down and check the box next to OTR to enable it.
  4. Click Configure Plugin.
  5. Select the account you are using from the drop down menu.
  6. Click Generate and wait.

The next time you chat with someone, make sure that they are using Pidgin with the OTR plugin, and select Start Private Conversation from the chat window to ensure the session is encrypted.

If you'd like to chat with the rest of Null Byte, please join the IRC channel, and idle as frequently as possible. You can also follow me on Twitter to recieve the latest updates and tutorials.

2 Comments

how about conversation, non single pm?

Updated instructions for current Mac OS X:

Get the latest version of Adium from http://adium.im and the Adium SkypeAPI plugin from http://eion.robbmob.com.

Adium has OTR built-in. To set it up, go to Preferences -> Advanced -> Encryption and generate a private key for each service you want to be able to encrypt.

Now, just start a chat with a buddy, click the padlock icon at the top left of the chat window, and select "Initiate Encrypted OTR Chat."

Note that OTR works across any of the IM transports that Adium supports, although using Skype is neat because you can see the encrypted mess that your chats become. Good luck reading my chats now, NSA...

Share Your Thoughts

  • Hot
  • Latest