聊天室私人聊天原理_如何设置极其安全的私人群组聊天

聊天室私人聊天原理

Chat room tools like Discord and Slack are more popular than ever. But they were never intended as a place for sensitive discussions or secure file sharing.

像Discord和Slack这样的聊天室工具比以往任何时候都更受欢迎。 但是，它们从未打算用作敏感讨论或安全文件共享的场所。

Discord was built primarily for voice chat during online games. And Slack's roots are in corporate communication.

Discord主要用于在线游戏期间的语音聊天。 Slack的根源是公司沟通。

Neither of these chat tools were designed with privacy at their core.

这些聊天工具都不是以隐私为核心而设计的。

Another de-facto chat tool a lot of people use - Twitter - was designed for quick, public status updates. They tacked on Direct Messages, but these aren't particularly private, either.

许多人使用的另一个实际聊天工具-Twitter-旨在进行快速的公共状态更新。 他们使用直接消息，但是它们也不是特别私密的。

According to PrivacySpy – a website that analyzes the privacy policies of big tech companies – neither of these three options may be private enough for you.

根据分析大型科技公司隐私政策的网站PrivacySpy的说法，这三种选择对您来说都不是足够私人的。

According to their privacy policies, Discord, Slack, and Twitter may all be willing to turn over your data to someone else without even requiring a subpoena or a court order.

根据他们的隐私权政策，Discord，Slack和Twitter可能都愿意将您的数据移交给其他人，而无需传票或法院命令。

There could be situations where the government – or even a private corporation – could gain access to your messages. They might even make them public.

在某些情况下，政府甚至私人公司可以访问您的消息。 他们甚至可能将其公开。

If this possibility bothers you, fear not. If you really want to be able to talk with friends without risk of your group being compromised or your secrets getting out, there are plenty of options at your disposal.

如果这种可能性困扰您，请不要担心。 如果您真的希望能够与朋友交谈，而不会有小组受到威胁或秘密泄露的风险，则可以使用很多选择。

This article will show you several ways of creating group chats where no company has the power to hand your conversations over to anyone.

本文将向您展示创建群聊的几种方法，这些方法没有公司可以将您的对话移交给任何人。

如何使用消息传递应用程序安全聊天 (How to Chat Securely Using Messaging Apps)

First, there are messaging tools designed by security experts.

首先，有一些由安全专家设计的消息传递工具。

You may hear Mark Zuckerberg talk about how WhatsApp and Facebook Messenger use encryption. Or Tim Cook talk about how iMessage uses encryption.

您可能会听到马克·扎克伯格(Mark Zuckerberg)谈论WhatsApp和Facebook Messenger如何使用加密。 或Tim Cook谈论iMessage如何使用加密。

All three of these messaging tools are closed-source, so it's hard to know how securely they're encrypting your messages, and who inside (and outside) the company can access them.

这三种消息传递工具都是封闭源代码，因此很难知道它们对消息进行加密的安全程度以及公司内部和外部的人员可以访问它们。

That means these are not sufficiently private tools for sensitive conversations.

这意味着这些还不足以进行敏感对话。

There are truly private messaging tools that are open source, though. Which gives them additional accountability.

但是，确实有一些开源的私人消息传递工具。 这给了他们额外的责任感。

使用Signal Private Messenger进行安全聊天 (Using Signal Private Messenger to Chat Securely)

Signal Private Messenger has end-to-end encryption and uses verification numbers.

Signal Private Messenger具有端到端加密并使用验证码。

Signal also offers disappearing messages, encrypted phone calls, and a whole lot of other secure communication features. And to the topic at hand, Signal offers group chat.

Signal还提供消失的消息，加密的电话以及许多其他安全的通信功能。 对于当前的话题，Signal提供了群聊。

Signal is free and works on iOS, Android, and on your desktop. I've used it for several years.

Signal是免费的，可在iOS，Android和台式机上使用。 我已经使用了几年了。

The main downside to Signal is that you need to download an app and associate your account with your phone number. This is not an anonymous communication tool. If you were - say - a journalist meeting with sources - you might need to find a more secure option.

Signal的主要缺点是您需要下载一个应用程序并将您的帐户与您的电话号码相关联。 这不是匿名通信工具。 如果您是(例如)记者会见消息来源，则可能需要找到一个更安全的选择。

使用Keybase安全聊天 (Using Keybase to Chat Securely)

Another messaging tool is Keybase. This is a file-sharing tool that also has secure chat built into it.

另一个消息传递工具是Keybase 。 这是一个文件共享工具，还内置了安全聊天功能。

Unlike Signal, Keybase does store your encrypted messages on their server, so in theory it is less secure. But it is open source, and the encryption they use would in theory cost billions of dollars worth of supercomputer time in order to crack with today's technology.

与Signal不同，Keybase确实将加密的消息存储在其服务器上，因此从理论上讲它的安全性较低。 但是它是开源的，理论上他们使用的加密将花费数十亿美元的超级计算机时间来破解当今的技术。

Keybase also requires installing software and proving your identity - most commonly through making public posts from your social media accounts.

Keybase还需要安装软件并证明您的身份-通常是通过在您的社交媒体帐户中公开发布信息。

但是，如果您确实希望不进行安装就可以将群聊设为私人聊天... (But if you really, really want your group chat to be private without installing apps...)

I'm going to lay out the tools I would use if I wanted to form a group around a sensitive topic, or from inside a country with an authoritarian regime.

如果我想围绕一个敏感的话题或者在一个拥有专制政权的国家内部组建一个小组，我将介绍我将使用的工具。

And a word of warning - we're going to get into some real spy thriller stuff here. Nothing as elaborate as communicating through crossword puzzles in daily newspapers, but similarly esoteric.

还有个警告-我们将在这里介绍一些真正的间谍惊悚片。 没有什么比通过日报中的填字游戏进行交流更复杂了，但同样具有深奥的意义。

如何创建您的私人聊天室 (How to Create Your Private Chat Room)

If you just want to be able to chat securely without a lot of set-up time, this is the most secure chat room tool I know of: LeapChat.

如果您只是想在没有太多设置时间的情况下安全地进行聊天，那么这就是我所知道的最安全的聊天室工具： LeapChat 。

This bare-bones chat room uses end-to-end encryption. It encrypts messages both in transit and at rest. And it decodes the messages when they reach your browser.

这个基本的聊天室使用端到端加密。 它对传输中和静止时的消息进行加密。 并且当邮件到达您的浏览器时，它将对邮件进行解码。

There is no need to sign in using an email address or phone number - or to even remember a password. If you know the room's URL, you can just choose a username and start chatting.

无需使用电子邮件地址或电话号码登录-甚至无需记住密码。 如果您知道房间的URL，则只需选择一个用户名并开始聊天。

But the only way to know a LeapChat room's URL is to get it from someone else. You aren't going to guess it. Because the URLs are 25 English-language words long, and each of these words come from the EFF list of 7,776 words. That means the number of possible combinations is about 1 googol (10 to the 100th power - more possible combinations than there are atoms in the known universe).

但是，了解LeapChat会议室URL的唯一方法是从其他人那里获取它。 您不会猜测。 由于网址的长度为25个英语单词，因此每个单词都来自7776个单词的EFF列表。 这意味着可能的组合数量约为1 googol(10到100的幂次-比已知宇宙中的原子有更多的可能组合)。

But one benefit of the URL being a long list of English words is that you can memorize it using a mnemonic tool if you have to, and you can easily read it out loud to someone.

但是，URL包含一长串英文单词，其优点之一是可以根据需要使用助记符记忆该URL，并且可以很容易地将其朗读给其他人。

如何安全共享聊天室的URL (How to Securely Share Your Chat Room's URL)

So you might be wondering - what's the most secure way to share a URL to my new LeapChat room?

因此，您可能想知道-将URL共享到我的新LeapChat房间的最安全方法是什么？

In this case, you should use some sort of self-destructing redirect URL. That way, even if someone discovers the URL in one of your messages after you've already used it, they won't know where the link ultimately lead.

在这种情况下，您应该使用某种自毁式重定向URL。 这样，即使有人在您使用过其中一封邮件后发现了该URL，也不会知道该链接最终指向何处。

You can use an open source service like One Time Secret to share your URL.

您可以使用“一次秘密”之类的开源服务来共享您的URL。

And how about file sharing? You could just securely share a text file containing the link to your secure chat room using Keybase or Signal if you want to set those up.

文件共享又如何呢？ 如果要设置这些文件，则可以使用Keybase或Signal安全地共享一个文本文件，其中包含指向您的安全聊天室的链接。

But there's an even easier way. Mozilla offers an anonymous end-to-end encrypted file sharing service for files up to 1 gigabyte. You can even set the download links to expire after you use them.

但是，还有一种更简单的方法。 Mozilla为最大1 GB的文件提供了匿名的端到端加密文件共享服务 。 您甚至可以将下载链接设置为在使用后过期。

如何让痣远离您的聊天室 (How To Keep Moles Out of Your Chat Room)

Now you have all the tools you need to create a truly private, truly secure group chat with your friends. But how do you identify whether your friends are who they say they are?

现在，您拥有与朋友创建真正私人，真正安全的群聊所需的所有工具。 但是，您如何确定朋友是否是他们所说的人？

Any organization will have a potential "mole" problem.

任何组织都会有潜在的“痣”问题。

If an intruder can manage to get inside your group, it doesn't matter how seriously you practice security. They can just do whatever privacy countermeasures you tell them to do and continue to have access.

如果入侵者可以设法进入小组，那么您对安全性的重视程度并不重要。 他们可以执行您告诉他们的任何隐私对策，然后继续进行访问。

So before you transition your group to a more secure location, you need to establish that the people in your group are who they say they are.

因此，在将小组转移到更安全的位置之前，您需要确定小组中的人就是他们所说的人。

Assuming people in the group are supposed to know who one another are (and that it's not a meeting of anonymous people), I have a pretty sure-fire way to accomplish this. It's similar to Keybase's approach of confirming your identity using public posts to social media. But my method is even more discreet.

假设小组中的每个人都应该知道彼此是谁(而且这不是一次匿名会议)，我有一种很肯定的方式来实现这一目标。 这类似于Keybase使用公开发布到社交媒体的方式来确认您的身份的方法。 但是我的方法更加谨慎。

All you need to do is to ask them to update their LinkedIn profile to include a random word, like "pizzicato". Then you can check their LinkedIn profile to confirm that they have control over it.

您需要做的就是要求他们更新其LinkedIn个人资料，以包含一个随机单词，例如“ pizzicato”。 然后，您可以检查他们的LinkedIn个人资料，以确认他们对此拥有控制权。

LinkedIn is a great social network to use for this because almost every professional has one. It's a hassle to create a new account and accumulate real-world connections and endorsements. They don't need to create a post - they can just update their profile long enough for you to verify they are who they say they are, and can then revert their profile change.

LinkedIn是一个很棒的社交网络，因为几乎每个专业人员都有一个。 创建新帐户并积累实际联系和认可很麻烦。 他们不需要创建帖子-他们可以将个人资料更新足够长的时间，以便您确认自己是他们所说的人，然后可以还原其个人资料更改。

So once a member of your current chat has passed your real-world ID check, you can give them a self-destructing URL that leads to your LeapChat room, or exchange Signal or Keybase encryption keys, then chat there.

因此，当您当前聊天的成员通过您的真实世界ID检查后，您可以给他们提供一个自我破坏的URL，该URL可以引导您进入LeapChat聊天室，或交换Signal或Keybase加密密钥，然后在此处聊天。

如何删除现有的不和谐/ Slack / Twitter DM社区 (How to Delete Your Existing Discord / Slack / Twitter DM Community)

The bad news is most of these services will continue to store your data long after you've deleted your account.

坏消息是，大多数服务将在您删除帐户后继续存储您的数据。

Even if you explicitly ask them to delete all of your data, there's just no way to know for sure your data has been deleted. It's impossible to prove your data no longer exists in some backup somewhere.

即使您明确要求他们删除所有数据，也无法确保您的数据已被删除。 不可能证明您的数据不再存在于某个地方的某些备份中。

What is done is done. What is said is said.

完成的工作已经完成。 说的话。

But you do have control over what companies are able to store about you in the future.

但是，您确实可以控制公司将来可以存储的有关您的信息。

If you have admin access to your old Discord or a Slack, you can delete it. And even if this doesn't actually delete all the data form their servers, it will prevent new people from being able to join the group and sift through your chat history. It will reduce the likelihood of any of your secrets getting out in the future.

如果您对旧的Discord或Slack具有管理员权限，则可以将其删除。 即使这实际上并没有删除服务器中的所有数据，也会阻止新人们加入该群组并筛选您的聊天记录。 它将减少您将来泄露任何秘密的可能性。

You can also delete your own accounts on the Slacks and Discords that you're a part of. This should remove your old messages.

您还可以删除自己所属的Slacks and Discords上的帐户。 这应该删除您的旧邮件。

同样，这是将您的Slack，Discord和其他群组聊天迁移到更安全的家庭的方法-所有这些操作都在一个流程图中进行。 (Again, here's how to migrate your Slack, Discord, other group chat over to a more secure home - all in one flowchart.)

几个额外的工具，如果您真的想要安全的话 (A couple bonus tools if you really, really want to be secure)

用Tor浏览 (Browse with Tor)

Tor stands for “The Onion Router” which is a reference to its use of many onion-like layers to mask network activity. It’s free, open source, and reasonably easy to use.

Tor代表“洋葱路由器”，指的是使用许多类似洋葱的层来掩盖网络活动。 它是免费的，开源的，并且相当容易使用。

Tor feels like any other browser, and has a similar feature set. It's a fork of Firefox. It's just a bit slower because of all the additional packet redirection.

Tor就像任何其他浏览器一样，并且具有类似的功能集。 这是Firefox的分支。 由于所有其他数据包重定向，它仅慢了一点。

But if you really want to browse the web with peace of mind, use Tor and it will be virtually impossible for anyone to track you.

但是，如果您真的想放心地浏览Web，请使用Tor，几乎没有人可以跟踪您。

Download the Tor Browser here.

在此处下载Tor浏览器 。

Once you've installed Tor, you can visit check.torproject.org to verify that everything is working right.

安装Tor之后，您可以访问check.torproject.org来验证一切是否正常。

使用Protonmail帐户发送电子邮件 (Use a Protonmail Account for Email)

Protonmail is a privacy-focused email tool. You know it's secure because it's Swiss. 😉

Protonmail是一个注重隐私的电子邮件工具。 您知道它是安全的，因为它是瑞士的。 😉

You will need to give Protonmail a real email address in order to create your account, but this email address will be stored in encrypted form.

您需要为Protonmail提供真实的电子邮件地址才能创建您的帐户，但是此电子邮件地址将以加密形式存储。

You will probably want more than one Protonmail address for each purpose.

每个目的您可能需要多个Protonmail地址。

Also remember that emails are also stored on the servers of your recipient's mail service. So if you email someone who has a Gmail address, your email is also going to be stored in Google's servers.

还请记住，电子邮件也存储在收件人的邮件服务的服务器上。 因此，如果您向具有Gmail地址的人发送电子邮件，那么您的电子邮件也将存储在Google的服务器中。

而已。 保持警惕，朋友。 (That's it. Stay vigilant, friends.)

翻译自: https://www.freecodecamp.org/news/how-to-secure-private-group-chat/

聊天室私人聊天原理