General security recommendations can be found here. This page briefly describes our recommended software solutions.

P2P, Hybrid

on wikipedia

A program for messaging, audio, video calling, and transferring files. (Equivalent to Skype) Advantages:

• Does not require registration on any servers, your public key serves as your account.
• Is able to use intermediaries (relays) to solve NAT problems.
• Can run via HTTP and SOCKS5 proxies.
• User profiles are encrypted with a password by default.
• Uses e2e encryption.
• Source code available here.

Disadvantages as of 2018.05:

• Does not have offline data storage (you cannot send a message to a recipient that is not currently online, and after disconnecting, the message will only be delivered once the sender and recipient are both online)
• Cannot work with multiple devices at the same time using the same account (key)

Basic use:

1. Send your public key to a companion, which can be found in program settings after launch.
2. Add your companion's public key to the program by pressing the “Add New Contact” button.
3. Enjoy.

Directory:

• Project site: https://tox.chat/
• Download the latest tested 64-bit version of QTox for Windows here.

on wikipedia

A program for text messaging. (Equivalent to Email). Advantages:

• Does not require registration on any servers, your public key serves as your account.
• Data exchange is carried out by copying the database between all network participants, which makes it impossible to identify both the sender and the recipient of the message.
• Is able to use intermediaries (relays) to solve NAT problems.
• Can run via HTTP and SOCKS5 proxies.
• Can run in hidden service mode on Darknet networks.
• Uses e2e encryption.
• Source code is available here.

Disadvantages as of 2018.05:

• Lack of attachments (cannot upload files).
• Message transmission delay (depending on the network status could take up to an hour or more, takes only 1-5 minutes under normal network conditions).
• There may be large traffic consumption and CPU load (depending on the network load)

Principle of the program:

1. Alice wants to send a message to Bob.
2. Alice encrypts the message using Bob's public key, then saves it in a local database.
3. Alice sends her database to all network users with whom she is currently connected.
4. Bob receives a new database from each user that he is connected with.
5. Bob tries to decrypt each new message from the database using his private keys, and if the new message is not meant for him, then “Bob” will not be able to decrypt it.
6. Bob successfully decrypts the message sent by Alice, which is located in one of the versions of the database, received by one of the network users.

Basic use:

1. Generate at least one (key pair).
2. Send the public key to your companion (after that, they will be able to send you messages).
3. Add your companion's public key (after that, you will be able to send them messages).
4. Enjoy.
5. If the program creates a heavy load on your computer, you can try limiting the connection speed in the program to a value less than 100 KB.

Directory:

• Program site: https://bitmessage.org
• You can download complete builds here

on github

This project resembles a kind of social platform (as opposed to social networks). It works on the principle of f2f, however, at the moment it is more of an f2f and p2p hybrid, since most users do not follow strict f2f principles when using RetroShare. List of main features of the program:

• Forums. Implements the functions of forums, looks about the same as forums on various websites.
• Channels. Intended for public data and files, includes a rate/comment system.
• Mail. The functionality is reminiscent of classic email.
• File sharing. Supports collections, which functionally have a lot in common with torrents, that is, through local forums or channels and collections it is possible to use it as an alternative to a torrent tracker.
• Real-time chat rooms.
• Identity system. A rather interesting approach which, when used correctly, allows you to be completely anonymous if necessary, it also allows you to sign data so that its source can be verified.

Advantages:

• Does not require registration on any servers, your public key serves as your account.
• Is able to use intermediaries (relays) to solve NAT problems (manual configuration only).
• Can run via HTTP and SOCKS5 proxies.
• Can run in hidden service mode on Darknet networks.
• Uses e2e encryption.
• Source code is available here

Disadvantages as of 2018.05:

• Complexity of initial setup. You must manually exchange keys with at least several people.
• Program took some concepts from the PGP philosophy and introduced many of its own, such as anonymous identities….
• Rather high resource consumption (CPU, RAM, Internet traffic).
• In order to use the program to its fullest potential, additional reading of information, setup articles, and program documentation is required.

Basic use:

1. Run the program and follow the setup wizard's instructions.
2. Send your public key to a companion.
3. Add your companion's public key via the add contact wizard.
4. Enjoy.

Links:

• Program site: http://retroshare.net/
• You can download the latest builds here
• Articles and documentation: a detailed article from a user (Russian)

about program solutions type Solutions in this category oftentimes fail to provide a solid level of privacy and security, but if you need to use this type of solution, we have compiled a list of the best solutions from this category below.

on wikipedia

A protocol used to exchange files and text messages (in some client programs you can also make audio/video calls). Advantages:

• A large number of open-source servers and clients under different operating systems are available
• Availability of servers all over the world and on the Darknet
• Can run via HTTP and SOCKS5 proxies.
• Ability to create your own server (inside an organization or closed network on a rented internet server, using your own hardware).
• The protocol has many optional extensions, such as e2e encryption, history storage on the server (not safe), audio/video calls, ….
• Multi-user conferences are supported.
• Ability of users to communicate with each other on different servers.

Disadvantages as of 2018.05:

• Centralized system, most servers store all correspondence by default on a server.
• You are required to register on one of the servers.
• User<>Server encryption, not User<>User (e2e) by default.
• You must configure an additional layer of encryption for transmitted data within the client program (does not protect against metadata leakage).

Basics of using client programs:

1. Register. Registration may vary in complexity and the amount of data required depending on the server. In the best case, just click the “register” button in the client program after typing the address of the selected server and the name of the account, and if the server supports registration this way, and the chosen name is available, then you will be registered immediately and will be able to use jabber. However, more and more servers are requiring web registration (via web browser) and a lot of personal data.
2. Send a companion your jid (jabber id), which servers as a user ID in the jabber network and appears in the form of user@server (like an e-mail address).
3. Add your companion's jid to your client program.
4. Enjoy.

Recommended client programs:

• Miranda-ng - a client program for many protocols (not just XMPP/Jabber), but is currently only available for windows, unfortunately The program has many settings, supports pgp, omemo, otr e2e encryption for jabber.
• Psi - a simple client available for windows/linux/mac with pgp e2e encryption support, has an add-on for omemo and otr e2e encryption.
• Gajim - a simple client for windows/linux/mac with pgp e2e encryption support, has an add-on for omemo и otr e2e encryption. Using this is not recommended if you have a lot of contacts, as the program is very demanding of computer resources (CPU, RAM, read and write hard disk).
• Vacuum-IM - a simple client for windows/linux/mac with pgp e2e encryption support.
• Pidgin - a simple client for windows/linux/mac with pgp e2e encryption support, has an add-on for omemo and otr e2e encryption.
• Xabber - client program for Android, has pgp e2e encryption support. The program can be installed from the F-Droid repository or bought in stores.
• Conversations - a client program for Android, has pgp and omemo e2e encryption support. The developer of this program invented omemo encryption. The program can be installed from the F-Droid repository or bought in stores.

Recommended server programs:

• ejabberd is a very stable and efficient server.Instructions for installing and configuring this server are beyond the scope of this article.

A voice-conference program that is presented as a program for gamers, but goes far beyond this framework. Advantages:

• Very high performance.
• Very low consumption of resources (in fact, it is the best voip solution in the world in terms of resource consumption).
• Source code for the client and server is available here.
• There is a client program for all common operating systems, as well as android and ios.
• Has an echo-cancellation system (although it is not ideal).
• Efficient sound coding (good sound quality at very low connection speed).
• Ability to create your own server (inside an organization or closed network, on a rented internet server, on your own hardware).
• Free access to many servers worldwide.
• Can run via HTTP and SOCKS5 proxies (although functionality is slightly limited).

Disadvantages as of 2018.05:

• Centralized system
• Has only User<>Server encryption, there is no way to use User<>User (e2e) encryption.
• All transmitted data is always available to the server.
• To ensure security and privacy, you need to have your own server on your own hardware.

Basics of using the client program:

1. Go through the initial sound configuration wizard and generate a client certificate.
2. Add the server that you want to use.
3. Connect to the chosen server. When connecting, enter the password if the server requires one (the password must be provided by the server administrator).
4. Enjoy.

Directory:

• Program site: https://wiki.mumble.info/wiki/Main_Page
• You can download the program straight from the main page of the site, we recommend using 1.3 (as of 2018.05)

on wikipedia

One of the first program solutions for e2e encryption was originally developed only for email, but is now widely used in other areas such as instant messaging and file encryption for transmission over insecure communication channels. Unfortunately there is no single way to use pgp for all data transmitted over the internet, there are add-ons/extensions for work programs with email, and some instant messaging programs support pgp. Advantages:

• Ability to use e2e encryption for all data.
• There is a lot of software support for data exchange.
• Good time-tested implementation.
• Reliable, proven encryption algorithms.
• Many open-source implementations.
• Ability to store encrypted binary data (files) in text format (i.e. for publications in the form of text on websites, social networks).

Disadvantages:

• Relatively complex configuration.
• Each application must be configured separately (configuring programs and add-ons for programs that use pgp)

Principle of operation:

1. You generate a key pair.
2. You send a public key to a user that wants to safely send you data.
3. You add the public key of the user you would like to send data to.
4. You encrypt data for the user with a public key.
5. You send encrypted data to the user through any available (including unsafe) communication channel.
6. The user decrypts the data with their own private key from the same pair.

Directory:

• Official GnuPG site: https://www.gnupg.org/
• Link to GnuPG download: https://www.gnupg.org/download/

An archiver-compressor of files and directories. It is able to use symmetric encryption with a password.Advantages:

• Easy to use.
• Is open-source

Disadvantages:

• Narrow scope.
• Absence of asymmetric encryption. (you must have a safe communication channel in order to transfer the key to the encrypted data to the recipient)

Method of application:

1. You create a password-protected archive with encryption enabled.
2. You send an encrypted archive via any communication channel (including insecure ones).
3. You send the user the password to the archive via a secure communication channel.
4. The recipient decrypts the data.

Directory:

• Official site: http://www.7-zip.org/
• Wiki link: https://en.wikipedia.org/wiki/7-Zip
• Download link: https://www.7-zip.org/download.html