1
00:00:01,330 --> 00:00:09,760
OK so now that we know how to use e-mails to communicate on the darknet privately and anonymously the

2
00:00:09,820 --> 00:00:15,520
other method of communication that you might want to use is instant messaging.

3
00:00:15,520 --> 00:00:21,220
Now when it comes to instant messaging just like everything we spoke about so far there are a number

4
00:00:21,220 --> 00:00:24,580
of applications that we can use to do this.

5
00:00:24,580 --> 00:00:30,400
Such as what's up and Viber for phones and Skype for desktops and phones.

6
00:00:30,540 --> 00:00:37,290
And again similar to everything we spoke about so far a lot of these apps are not private and not secure.

7
00:00:37,300 --> 00:00:39,340
So a lot of them log what you do.

8
00:00:39,340 --> 00:00:44,980
They track what you do they track your messages they track the users that you talk to communicate with

9
00:00:45,220 --> 00:00:50,560
some of them have permissions to listen on your mike the list goes on.

10
00:00:50,560 --> 00:00:55,720
Not only that even the apps that claim that they use encryption and they are private such as WhatsApp

11
00:00:56,260 --> 00:00:59,220
we don't really know how this is implemented.

12
00:00:59,230 --> 00:01:00,640
We can't see the code.

13
00:01:00,640 --> 00:01:06,580
So there is even rumors that the end to end encryption in WhatsApp is not 100 percent secure.

14
00:01:06,580 --> 00:01:12,620
It's not 100 percent end to end and Facebook might be able to read the messages that get sent.

15
00:01:12,670 --> 00:01:18,250
Now you'll face this issue with everything that is owned by one specific company because a lot of these

16
00:01:18,250 --> 00:01:21,510
companies don't share the code used on their programs.

17
00:01:21,520 --> 00:01:25,390
So at the end of the day you will just have to trust them.

18
00:01:25,420 --> 00:01:31,810
All this aside all of these applications might be vulnerable to exploits and we all heard about the

19
00:01:31,810 --> 00:01:39,010
WhatsApp vulnerability that affected all smartphones in which hackers could hack into any phone by simply

20
00:01:39,010 --> 00:01:44,110
calling the phone and you won't even need to answer the call and you'll get hacked.

21
00:01:44,110 --> 00:01:47,990
Check out the link and the resources for more information about this vulnerability.

22
00:01:48,280 --> 00:01:52,720
But this is just an example on how these apps can be dangerous.

23
00:01:52,780 --> 00:01:58,780
And again putting all of this to the side even if the apps are 100 percent secure and even if they are

24
00:01:58,780 --> 00:02:05,950
100 percent private these apps are installed on operating systems that that are not secure and private

25
00:02:05,950 --> 00:02:09,190
such as U.S. Android Windows and so on.

26
00:02:09,220 --> 00:02:15,540
And we spoke about how all of these operating systems log data and track their users.

27
00:02:15,550 --> 00:02:21,610
Therefore if you want to protect your privacy and anonymity it's a better idea to first of all use an

28
00:02:21,640 --> 00:02:27,530
operating system that is more private than other operating systems such as tools.

29
00:02:27,640 --> 00:02:34,180
This will solve the problem of the operating system and then use a messaging service that is more private

30
00:02:34,270 --> 00:02:36,400
and a messaging app that is more private.

31
00:02:37,330 --> 00:02:40,060
So we're already using tools and we know how to do that.

32
00:02:40,060 --> 00:02:42,890
So we have the first part of the problem solved.

33
00:02:42,940 --> 00:02:49,330
The next thing that we want to do is to use an instant messaging service that is more private and to

34
00:02:49,330 --> 00:02:52,390
do this we're going to use x MPP.

35
00:02:52,480 --> 00:02:57,340
This is a free and open protocol that is not owned by anybody.

36
00:02:57,580 --> 00:03:00,490
So it's not controlled by a single company.

37
00:03:00,520 --> 00:03:02,000
It is decentralized.

38
00:03:02,110 --> 00:03:11,190
So anyone even you can go and create your own server and use that to communicate with other x MPP servers.

39
00:03:11,290 --> 00:03:16,930
We can also enhance its security by using OCR and we'll talk about that later on.

40
00:03:17,050 --> 00:03:21,570
And this is a widely used method of communication on the darknet.

41
00:03:21,610 --> 00:03:25,120
Therefore it is very important to learn how it works.

42
00:03:26,170 --> 00:03:32,260
So in this lecture I'm going to show you how to create an X MPP account and then we'll see how we can

43
00:03:32,260 --> 00:03:36,590
improve its security using OCR in the next lectures.

44
00:03:36,640 --> 00:03:44,440
Now like I said ex MPP is decentralized so anyone can run their own server and you can even use your

45
00:03:44,440 --> 00:03:47,210
own server to set up an account.

46
00:03:47,230 --> 00:03:54,610
So right here I have a list of public x MPP servers I'm going to include a link of this in their resources.

47
00:03:54,700 --> 00:03:58,240
Now as you can see there is a lot of servers that you can use.

48
00:03:58,240 --> 00:04:00,700
You can think of these as e-mail providers.

49
00:04:00,700 --> 00:04:03,540
So each one of them will allow you to create an account.

50
00:04:03,640 --> 00:04:11,650
And once you create an account you can communicate with any MPP server with any ex NPP account regardless

51
00:04:11,740 --> 00:04:13,560
of what server it's made on.

52
00:04:13,570 --> 00:04:18,400
So it's similar to emails when you create a Gmail account you can use it to communicate with Hotmail

53
00:04:18,400 --> 00:04:20,510
Yahoo or any other email.

54
00:04:20,530 --> 00:04:21,960
This is exactly the same.

55
00:04:22,030 --> 00:04:25,630
You can set up an account with any of the servers right here.

56
00:04:25,690 --> 00:04:31,090
And once you do you can communicate with all of the others even if you're communicating with a server

57
00:04:31,300 --> 00:04:35,090
that is set up by a person not a public server.

58
00:04:35,110 --> 00:04:41,200
Now you can see for each server right here we have a hidden service that you can use to access the server

59
00:04:41,200 --> 00:04:43,330
from within the network.

60
00:04:43,330 --> 00:04:50,020
The inbound registration column here specifies whether you can sign up to this account without access

61
00:04:50,020 --> 00:04:50,750
in their Web site.

62
00:04:50,750 --> 00:04:56,920
So if you can sign up using the MPP protocol on its own using your instant messenger such as pidgin

63
00:04:57,460 --> 00:05:01,520
in many cases if even if it says it's enabled it doesn't really work.

64
00:05:01,550 --> 00:05:07,130
So it's better to click on the link of the server that you want to sign up with and manually sign up

65
00:05:07,250 --> 00:05:09,160
and I'll show you that in a minute.

66
00:05:09,440 --> 00:05:17,570
The ex ERP compliance gives an indication of the features and the specifications of ex MPP that this

67
00:05:17,570 --> 00:05:19,820
server has implemented.

68
00:05:19,820 --> 00:05:24,950
So if you click on this right here you'll actually get this link right here and it'll have a list of

69
00:05:24,950 --> 00:05:29,600
the servers that we have and we can see the features in here on the top.

70
00:05:29,810 --> 00:05:35,440
And each of these features or specifications will be green if the server is implementing it.

71
00:05:35,720 --> 00:05:40,500
So you can see this server right here is implementing all of the specifications.

72
00:05:40,580 --> 00:05:46,520
If we go down you'll see some servers have red in here which means that they haven't implemented this

73
00:05:46,520 --> 00:05:49,340
specific specification.

74
00:05:49,340 --> 00:05:53,860
Now you don't really need to go through all of this because again in this list it's telling you.

75
00:05:53,870 --> 00:05:56,620
Excellent for the ones that are implement everything.

76
00:05:56,690 --> 00:05:59,770
So you can just pick one of the ones that say excellent.

77
00:05:59,840 --> 00:06:08,420
And finally the IBM observatory grade is a grade of the security of the server of how well they implemented

78
00:06:08,450 --> 00:06:12,740
their telex which is their encryption their DNS Sec.

79
00:06:12,800 --> 00:06:16,250
Again if you see a for this that means it's pretty good.

80
00:06:16,280 --> 00:06:23,040
So you can go for one of these servers now like I said you can pick any of the servers in here before

81
00:06:23,040 --> 00:06:23,850
you do that.

82
00:06:23,910 --> 00:06:24,570
As usual.

83
00:06:24,570 --> 00:06:30,660
I highly encourage you to read the privacy policy and see reviews about the server before you actually

84
00:06:30,660 --> 00:06:32,070
go ahead and use it.

85
00:06:32,070 --> 00:06:37,770
But for this lecture I'm going to use this mail which actually is a good server and I've seen good reviews

86
00:06:37,770 --> 00:06:38,280
about it.

87
00:06:39,120 --> 00:06:41,340
And as you can see you get a normal Web site.

88
00:06:41,460 --> 00:06:45,000
And what we want to do with this right now is just simply register.

89
00:06:45,030 --> 00:06:51,090
So I'm going to click on register to register with them and it's asking us some very simple information

90
00:06:51,180 --> 00:06:52,710
such as a username.

91
00:06:52,920 --> 00:06:55,560
Again make sure you set this to your fake identity.

92
00:06:55,830 --> 00:06:58,130
So I'm going to sell it to John Wick.

93
00:06:58,530 --> 00:07:05,010
I'm going to set a password and answer the question and that's it we're done.

94
00:07:05,010 --> 00:07:10,710
So as you can see a very very simple registration process very similar to what you would do when you're

95
00:07:10,710 --> 00:07:12,450
signing up for an email.

96
00:07:12,570 --> 00:07:19,530
Did it ask us for any personal information and it took us a few seconds so you can actually even create

97
00:07:19,560 --> 00:07:24,660
temporary accounts so every time you want to communicate with someone or every week or every two weeks

98
00:07:24,870 --> 00:07:31,350
you can just create a new account and use that to improve your security and anonymity.

99
00:07:31,350 --> 00:07:38,970
So the user name that I picked was John Wick G H and W. C.K. and the server that we have is this.

100
00:07:39,270 --> 00:07:45,090
So my account is going to be G H and W. S.K. at this mail dot the E.

101
00:07:45,090 --> 00:07:50,550
So like I said it's very similar to the way e-mails work and even the format is very similar to the

102
00:07:50,550 --> 00:07:51,750
format of emails.

103
00:07:52,800 --> 00:07:53,400
So that's it.

104
00:07:53,400 --> 00:07:58,380
The account is created and in the next lecture I'm going to show you how we're going to use this account

105
00:07:58,680 --> 00:08:05,310
to log into the server using an instant messenger that comes with tales and we'll see how we can use

106
00:08:05,310 --> 00:08:07,740
it to communicate with other accounts.