Here’s a free, open source programme for online chat / video chat: Jitsi. The corporate equivalent is Skype, which is now owned by Microsoft.
This is how it works
You don’t have to download anything. This is the address – https://meet.jit.si – everything happens on the site.
Just add a code word or phrase at the end – anything you like.
So, for example, you could choose https://meet.jit.si/cheese-sandwich. The bit you add to the end (in this case, cheese-sandwich) is in effect a password. You can then tell anyone you want to chat with what the ‘password’ is, or just send them a link, and tell them what time to meet up.
Anyone who clicks on that link (or types in the address), at the right time, can join the conversation.
When you click on the link, first youโll probably be asked for permission to use your microphone and camera. Click yes (share selected device).
Anything else, just ignore it, and after a few seconds, you’ll see yourself on the screen (if you have a camera).
There’s a little toolbar at the top of the screen – it might be a good idea to stop the camera, as it sometimes takes up too much bandwidth.
And that should be it!
I’ve tried it a couple of times. I chatted (with video) with someone in the States and it was crystal clear (and when I tried it with someone in Shropshire, we had to turn the video off to chat).
What’s wrong with Skype?
Corporations like Microsoft and Google are trying to normalise the invasion of internet privacy and the harvesting of our data for marketing purposes.
Apparently, people who use Microsoft products can have information such as calendar events, emails, browsing history, contacts etc. swiped so that Microsoft can ‘serve’ you by delivering targeted corporate advertising.
Microsoft pleads that getting access to your data means that not only can they ‘serve’ you in this way, but advertising revenue means that they can provide services for free. But open source services are already free, without contributing to Microsoft’s advertising revenue or pestering anyone with corporate ads.
Worse – according to Wikipedia, Austrian Interior Ministry officials admitted that they could listen in on Skype conversations – which almost definitely means that any country can. Plus Skype handed over data of a pro-Wikileaks activist to a private security company without a court order; and global surveillance disclosures show that the FBI and NSA are able to eavesdrop on Skype conversations.
But we don’t have to put up with it now that there is a huge range of free and open source programmes around that don’t do those things.
So dump Skype, and use the very, very easy Jitsi site instead.
30 Comments
The developer is a Nasdaq registered [TEAM] Australian Plc corporation.
“Jitsi Meet” is on the Android PlayStore.
The corporation (Atlassian Ltd) behind it does have a customer’s agreement that mentions costs, hosting,…
https://www.atlassian.com/legal/customer-agreement
https://en.m.wikipedia.org/wiki/Atlassian
This is an interesting site (Jitsi). I would add though that it is good to be aware of the weak points in such communications…
‘Opsec’ (operational security) is very important. Basically is your computer secure? If you run Windows the answer is simple – No, absolutely not! M.S. telemetry siphons off any data it feels like, including messages you might send through Jitsi. http://bgr.com/2015/07/31/windows-10-upgrade-spying-how-to-opt-out/
You also have to be aware that the receiver of your communications could well be using an insecure system.
I’m not sure about Mac’s, though as it’s a closed system you can bet your not secure there either.
Linux, possibly the better option of the three, is still vulnerable to hardware issues, i.e. the boot loader is not secure on many mother boards. UEFi is not secure http://www.ghacks.net/2016/08/10/secure-boot-bypass-revealed/ and https://www.bit-tech.net/news/bits/2017/03/10/intel-chipsec/1
Plus Linux is still a computer operating system and can be hacked, it’s just a hell of a lot safer than the other two options mentioned above.
Jitsi is not end to end encrypted. It’s relying on SSL which is of course encryption, but MITM attacks can be made and CA’s are not entirely reliable, https://news.netcraft.com/archives/2014/02/12/fake-ssl-certificates-deployed-across-the-internet.html
SSL isn’t as safe as you think, though still well worth using for browsing the web, just maybe not secure com’s.
Jitsi do seem to be using sha256 which is reassuring. Though the site does seem to be supporting SHA1 which is bad.
They use Digicert which is an American authority and as such could be forced by the US government to compromise a system.
Also Jitsi relies on Javascript, and that is known to be a vulnerability. To be safe online you should block JS. http://www.tomshardware.com/news/websites-outdated-insecure-javascript-libraries,33885.html – https://noscript.net/
Just a few (over the top?) thoughts ๐
Seems I’m wrong about Jitsi. It’s developer is a Nasdaq-registered plc called Atlassian. Don’t know how they make their money – it’s not advertising. Any information / alternatives welcome.
Here is what I found – Jitsi is still Open Source – https://bloggeek.me/jitsi-open-source-apache/
There used to be Firefox Hello, but that’s been discontinued. The press release in which the firefox team announced they’d discontinued “Hello”, provided a link to Talky: https://about.talky.io/privacy/
Usually a free software package is something that anyone can charge a fee for – the business models include customizing the software for certain companies and modifying the interface. Not sure about this one – thanks for the info, I will ask people that know more than me:)
Thanks Micky/Josh. It seems (https://blog.andyet.com/2015/06/09/what-is-being-open-sourced-from-talky/) that Talky is based on Jitsi software (as it’s open source), but a) Jitsi is open source (hooray) but corporate (boo), and b) Talky is not (yet) corporate (hooray) but not open source (boo). Talky worked first time for me though, and didn’t tell me my camera is broken (Jisti does).
But neither of them will harvest your data or snoop on you, and neither are owned by Microsoft, and you don’t have to download anything for either of them, like you-know-what.
I think these two (Linux only) are of interest, particularly Tox – https://tox.chat/index.html and https://ring.cx/
Both the websites are hosted in the U.S. which doesn’t make me feel good but they are P2P, free, and encrypted end to end I believe.
i recon that everything, open source or not, is open to corporate and gov infiltration digitally or physically. just get over it. stay awake.
Very interesting. It means I can only talk with other people using Linux though – but that percentage is growing. When we launch the noncorporate website (in the summer), we hope to persuade more people to switch.
You can’t link up chat / video chat for free though (can you?), and if not, how do they pay for it?
Thanks for the other info too (too rarified for me, unfortunately).
“Just get over it” – That’s exactly what they want (‘they’ being the people that wish to intercept our communications), an easy ride to full control. Do you want to lay down and let them walk all over you?
Apathy is possibly the biggest barrier to change. Fortunately, it only takes a tiny minority to start a huge ball rolling. The best we can hope for is that most people won’t oppose it – and that’s where apathy will start to work in our favour.
“thatโs where apathy will start to work in our favour” – maybe true, and to the advantage of the truth and justice, which is good. But sad, so very sad :-/
I see that most of you are security conscious almost to the point of being paranoid. As 99.9% of the conversations on VOIP are probably about nothing that would interest the security services I do not think we have a lot to worry about. If MI5 want to listen in to a conversation on how to make compost them let them, they could always go to the pub and listen to the conversation at the next table. People go on about how lax the security is on certain products, go home after work and close the curtain in case any one is watching them then proceed to lay down their whole life on Facebook or some other selfish media software. Security has it’s place but should be targeted to where it is needed rather than trying to secure everything.
Sorry John, have to completely disagree with you on this one. The state and the corporate sector harvest our data, and I have a problem with that for 2 reasons.
1. the corporate sector don’t do it for fun. They do it to target advertising and increase their profits, and I don’t want them to increase their profits, I want to build the non-corporate sector (worker co-ops, housing co-ops, platform, land, consumer and multi-stakeholder co-ops, the self-employed, open source, blockchain, community land trusts, community energy, community-supported agriculture etc. etc.) to take market share from the corporate sector. I’m assuming I don’t have to explain why I want that?
2. the ‘you don’t have anything to worry about’ argument has been used many times when it comes to state surveillance. The best counter-argument is the Dutch census in the 30s that collected information about people’s religion. The Nazis were later able to access a handy list of all the Jews in the country.
You never know what’s coming, and I don’t trust either the state or the corporate sector.
Hi John,
I don’t know if you realize that this website will be seen as highly subversive by the powers that shouldn’t be, you know, the ones surveilling us. Therefore I would bet there is a very high chance all people looking at and involved with this website (including commenter’s such as yourself) are being profiled as we represent (in their eyes) a serious threat to them, (particularly you Dave).
I have to say that being a part of this conversation makes me fell ill at ease as I know it will be being monitored, but I’ll be f***ed if I’m going to just let the bas****s get away with it without so much as an utterance.
People seriously underestimate the oppression happening right here and now, and how it is rapidly ramping up.
Dark days, and they’re getting darker. It’s forward thinking people like those involved with organizations like this that give everyone a chance for a fair and just world. People actively offering powerful and peaceful alternatives.
Well, no-one needs to surveille(?) me very hard, as everything I say is in the public domain, I don’t do anything secretively and have never advocated violence. There are millions out there criticising capitalism – and really, there’s not much ‘the powers that be’ can do, ultimately, because capitalism is on the way out. Either we replace it with something soon, or nature will kill it (and, if we’re lucky, without killing everyone else as well). But it doesn’t have a future.
Most people don’t need to be ‘surveilled very hard’, but that doesn’t mean there aren’t very large data sets being built up about everyone (in fact we know that there are). As you alluded to in your last post, the next in power (or possibly the current) can do so some very nasty framing with that amount of data should they have the desire – to stop/slow opposition for example.
Just look at the disgusting lengths the state will go to… https://www.theguardian.com/uk/2012/jan/20/undercover-police-children-activists http://www.independent.co.uk/life-style/gadgets-and-tech/news/uk-government-rewrites-surveillance-law-to-get-away-with-hacking-and-allow-cyber-attacks-campaigners-10253485.html
Plus as we have seen very clearly from people that oppose the state in any way, particularly when the state is caught with it’s pants down (too many times to mention) the state can hit back hard.
There is, I imagine a scale of threat, but to be on that scale at all gives me the creeps and you can bet this site and it’s supporters are on that scale somewhere.
I agree, but I suppose my point is that you might put people off from saying or doing anything at all, and I think that any threat to an individual is minimal unless advocating or taking part in violence. I don’t think you’re suggesting that we do or say nothing, so I suppose we just have to suck it up (to a certain extent, whilst still using software etc. that prevents data harvesting etc.).
“you might put people off from saying or doing anything” Don’t shoot the messenger! ๐
“you might put people off from saying or doing anything at all” Yes, the chilling of speech, something that is very bad and ‘they’ want. I say less these days and it feels oppressive – because it is, that’s the idea ๐
“any threat to an individual is minimal unless advocating or taking part in violence” This depends on the threat(s). Simply the chilling of free speech is a major threat and that’s only one. There are many peaceful ways to protest and make change as you well know, you are talking about them here on a weekly basis. This is a threat to the status quo, is that not you intent?
“we just have to suck it up” Nooooo!!! That’s what ‘they’ want. We have to oppose. Talk to people, make them aware of the freedoms and power we are loosing to corporate power supported by the state.
I see the contents of this site and others ( corbettreport.com for one) as having some of the answers – keep it up! ๐
Just to be clear, when I said that we have to ‘suck it up’, I meant suck up the fact that we’re all under surveillance, because they’re not going to stop doing it just yet. yes, of course, keep trying to change the status quo, but accept that corporate/state power will do everything they can to oppose that. What I meant was – don’t stop doing those things because of some perceived threat.
All very interesting, but I have a question that brings things a bit more back on topic. I have recently been asked to use “Zoom” video conferencing. Has anyone any opinions on how corporate it is and/or how much data mining/monitoring that may go on (sorry if I’ve used the wrong terminology here as I am not very computer technical)? My first look at it was not promising. It seems very glossy and “Californian”, and although it looks like it has been created on WordPress, the first thing that it asks for is to register. Even the live chat asks for an e-mail address at the outset. I am therefore loath to sign up.
Hi Andrew,
It is Californian (and therefore American) and thus subject to their laws regarding intelligence agencies monitoring the system in great detail if they want, though this is basically possible for all communications of any type anywhere, hence end to end encryption being the best we can do, (remember that even that is not secure if someone has compromised your computer or the other parties involved).
The Zoom conferencing system isn’t based/built on WordPress, there is simply a plugin that makes integration of the Zoom system with a WordPress site easy/possible.
Bottom line is that yes, it is a corporate product run by a U.S. company.
For a bit of history on the company and it’s systems… https://en.wikipedia.org/wiki/Zoom_Video_Communications
Thank you Peter,
I have recently “cleansed” my computer of Microsoft, Google, Youtube, and other related things. It runs on Linux with Ubuntu, and I use Startpage, etc. I believe that Google doesn’t know about it, and I want to keep it that way, purely because it feels “clean” and I feel better, when I use it.
So (and please forgive my ignorance with online computing systems here) would advise on whether there is some way that by registering to use Zoom, people like Google could get access to my computer data such as what I look at for their advertising and my location, etc.? Or is it just a matter of my video conferencing being monitorable when I actually use the Zoom?
Thanks,
Andrew
To answer your two points you made:
1. If they read all my communications and glean all the information to target me with adverts that I block with advert blockers they are wasting their own money. Even on TV I only watch BBC as I do not like adverts.
2. If they want a list of people they only need to look at the census or the National Insurance databases.
John
If I did what you have done I might as well throw the PC in the bin ๐
John
John – I salute you for avoiding their adverts.
But to answer your points:
1. The corporate sector don’t harvest everyone’s data for fun. They do it for profit. That may not work too well with you, but it does for a lot of people. So one of the aims of the free software movement is to build an alternative from which the corporate sector can’t harvest people’s data. Therefore, corporate profits will be reduced, along with the power of the corporate sector (as well as the fact that the software – and operating system – is free, and we don’t have to pay the corporate sector for it. That works for me.
2. I have switched to Linux and free software completely. Now I don’t have to pay for an operating system or any software. My computer is faster, and I don’t need any virus protection. That works for me too.
3. It took some time and effort to get here, but I’m glad I did. Switching to Linux and free software is getting easier all the time, and I want to join the voices that are persuading more and more people to switch. If I can’t manage that with you, so be it.
John: if you don’t want to switch, don’t switch, but is your aim to persuade others not to give it a go? If so, why?
I’m completely Microsoft free, and use almost 100% free software. It’s cheaper, my computer’s faster, and I don’t need virus protection. That works for me. It took time and effort, and I understand if some people don’t want to do it. But for those who do, I’d like to help them, by making it easier to switch.
Having said that, I haven’t managed to kick the YouTube habit yet.
For those that feel there’s little to worry about regarding sharing their data, I recommend a particular BBC Word Service documentary. It isn’t specifically about this issue, but other interesting and possibly pertinent things. It points out how people willingly giving away their personal data may well be extremely detrimental to human existence itself!
Either way, for anyone interested in how computers and more specifically A.I. is shaping and may continue to shape the world, it’s an interesting listen…
http://www.bbc.co.uk/programmes/p050kvnz
(Available as podcast too).
Thanks for the great article