How To Go Off-The-Record With Your Facebook Chats
Facebook chats are a great way to communicate with a major drawback: Facebook keeps a record of everything. Unless you delete chats manually, they will remain on Facebook for years to come.
I have always found it strange and honestly, quite troubling that a social media juggernaut like Facebook has no provision to turn off chat recording or at least provide some self-destruct functionality . If you have used Google Hangouts, then I’m sure you are familiar with the “off the record” feature that allows you to chat without leaving any trace of the conversation. This is one area where Hangouts beats Facebook .
There are many reasons you may not want to keep a record of your chats, the most basic being that privacy is a basic human right. You also may not want confidential business information or an intimate personal conversation falling into the wrong hands. And, the fact that spies like the NSA and law enforcement agencies can access your Facebook chats on a whim, should be reason enough to find a way to conduct private, unrecorded conversations on Facebook.
Unfortunately, Facebook is the most popular social network in the world, so simply avoiding it may not be possible, which would be the easiest way to deal with this matter. But, there are ways to thwart Facebook’s default chat recording feature.
Off-the-Record Messaging (OTR)
The answer lies in using free third party applications that encrypt your messages. These applications make use of Off-the-Record Messaging (OTR), a cryptographic protocol for encrypting instant messaging applications. The OTR protocol keeps conversations private. Unlike other cryptographic protocols which produce output that can later be used as a verifiable record of communication, OTR provides complete confidentiality and “deniable encryption”; in essence, a snooping entity cannot prove that two parties had an Internet chat conversation or said anything specific. This feature has proved invaluable for journalism sourcing.
Client support for the Off-the-Record protocol is available natively and via a plugin in several applications.
There are several applications that provide OTR support out of the box. One of these is Cryptocat. We have reviewed Cryptocat before. It is a highly capable open source cross-platform application that uses OTR protocols to encrypt your IM conversations.
Cryptocat is currently available for Google Chrome, Mozilla Firefox, Apple Safari, Opera, Mac OS X, and iPhone [No Longer Available]. The developer is also currently raising funds on Kickstarter to develop an Android version. I’m using Chrome to illustrate Cryptocat’s off-the-record features on Facebook. The setup process is different on each platform, but uncomplicated.
Install the app from the Chrome web store. To use Cryptocat with Facebook, open a new tab and click the Apps icon in your Chrome bookmarks bar. Click the Cryptocat icon to launch Cryptocat. Click on the Facebook tab and Chat via Facebook to connect to your Facebook account.
Authorize the application to access your Facebook account. Click Skip to prevent Cryptocat from sending and receiving messages of your behalf.
Be patient as encryption keys are generated. You may want to mute your speakers, I personally found the continuous “techno-ish” tune played during the connection process a tad irritating during this part of the set-up.
Finally, find out which of your Facebook friends are using Cryptocat and set up a chat with them. You can also invite people you want to chat privately with to install the application.
Other applications that provide OTR include ChatSecure for Android and iOS, Xabber for Android and SafeChat for Chrome, Firefox and iOS.
With A Pidgin Plugin
Pidgin is popular Internet messaging client for Windows and Linux. It allows you to combine all your instant messaging applications in one client.It is also one of the easiest plugins to use to encrypt your chats. Download Pidgin and run the installer. Next, you need to download the Off the Record plugin to encrypt conversations and provide security. Download it from cypherpunks.ca and install it on your computer. The first time you run Pidgin, you will be presented with a screen similar to the one shown below.
Click Add and a new window comes up. In the Login Options, select Facebook (XMPP) from the Protocol menu options. Enter your Facebook username and password. Enter your Facebook username and click on Pidgin. In the resource field, enter Pidgin or leave blank.
Next, click on the Advanced tab and fill in the Connect Server field with the entry “chat.facebook.com”.
Click Add to complete the setup. You should be connected to Facebook Chat and a Buddy list with all your Facebook friends should come up.
Next, go to the Tools menu and scroll down to Plugins. In the list of plugins, scroll down, enable “Off-the-Record Messaging” and click Configure Plugin. Make sure Enable Private Messaging, Automatically Initiate Private Messaging and Don’t Log OTR Conversations are all ticked.
That’s it! You are now set to chat privately with Facebook friends who also use the OTR plugin. To start a private conversation, double click on a friend’s name then on Not private and request Pidgin to Start private conversation.
Pidgin will start a secure channel. You can verify the identity of the person on the other end by using so called “fingerprints”. A fingerprint is a string of 40 letters and numbers that allow you to identify the OTR user on the other end.
With these applications, the only thing that Facebook can tell is who you chat with and when you chat with them but they cannot decipher or store the content of your chats. But, please take note that encryption software is not a magic bullet. While encrypted chat can prevent Facebook from storing your chats, remember to never trust any software with your life.
Do you know of any other way to prevent Facebook from storing chats? Have you used any of these applications before? Please share your insights with us in the comments below.