How to Chat Anonymously Online

A guide to anonymous encrypted communication in 5 easy steps.


Chatting anonymously on the Internet isn't used solely for shadowy criminal hackers and government operatives. From journalists to congressmen, learning how to adjust the privacy of our digital communication is becoming an ever more important skill.

When Edward Snowden first reached out to reporter Glenn Greenwald, he insisted on only using encrypted communications.

Greenwald's lack of technical skills nearly cost him the story of the century, but with a colleague's help, Greenwald learned how to use encrypted chat servers, a prerequisite to gaining Snowden's trust and a far more efficient and secure method than even encrypted chats or text messages, which can still leave evidence on local devices.

Browsing and communicating on the internet anonymously is difficult, time-consuming, and painstaking. One weak link or careless trace of metadata can expose your identity to the world. But that doesn't mean you need a Master's Degree in computer science to avoid the prying eyes of the NSA. 

In five easy steps, Reason TV shows you the basics of "How to Chat Anonymously Online."

Step 1. Download Tor Browser.

Unlike other web browsers, that store your personal information and browsing history for corporate advertisers and government subpoenas, Tor is completely decentralized.

The user-driven free software reroutes your information through a network of thousands of computers worldwide to hide the user's identity.

Now known publicly through Snowden's revelations, the Five Eyes (the Anglophone allies who frequently collaborate as the greatest global spying behemoth ever known) have admitted being unable to directly de-anonymize any specific Tor user.

And although they have been able to de-anonymize a few random Tor users, they can't do it on demand. 

From this point on, for the purposes of maintaining anonymity, you should always be using the Tor browser when downloading subsequent applications and creating personal accounts associated with those applications.  

Step 2. Use Off-the-Record Chat Servers

Like Tor is for web browsers, Jabber chat servers are decentralized; and unlike mainstream chat services, Jabber doesn't require you to enter any verifiable personal information to create an account. 

The encryption protocol known as Off-the Record (or OTR) allows both sides of a the chat to be encrypted. 

There are literally hundreds of Jabber servers around the world available to use, click on the link to find a recently updated list

Once you've selected a Jabber server, create an account, but remember, only use a server that lets you sign up using the Tor Browser. When creating a username and password, use random number and letter combinations for each account and never use the same name or password twice. Also, be sure to write down this information and keep it in a safe place, uploading this information to an insecure cloud-based server like Dropbox or Evernote or god-forbid, email, puts your security at needless risk and jeopardizes your anonymity. 

Step 3. For Mac Users, Download Adium 

For Mac users, download Adium, using Tor. And make sure to keep your Tor Browser open when using Adium to maintain connectivity. 

There are programs specifically for Windows, but for this lesson, we'll stick with Mac OS X.

Once it's up, ignore the Adium Assistant Window, you can just close it.

Select Adium's drop down box, then choose Preferences. Select the Accounts tab, then click the plus sign to add a new account. Select XMPP Jabber.

I know it's getting a little detailed now, but stick with me. Following these instructions to the letter WILL work. The next steps ensure that Adium will only work using Tor.

Switch to the Proxy tab. Click "connect using proxy," then choose "SOCKS5." 

Type "" into the server field. Create a new username and password. You see where it says, PORT? Type 9150 there.

Go to the Privacy tab, and where it says "encryption" switch it to "Force encryption and refuse plaintext."

Go to Options, and in the Resource box, delete your computer's name and type "anonymous, then check "Require SSL/TLS"

Go back to Account, and type in your Jabber ID (which you created in Step 2), Your ID is comprised of the Jabber username you created in Step 2, followed by an "@" sign, and finally the Jabber server your choice. 

Enter your password, click OK.

Finally, to test your account's connection, switch your status to "available." 

Step 4. Create encryption keys and fingerprints. 

You'll need a key to unlock encrypted messages. 

To create a key, click Adium, then choose Preferences. 

After that, go to Advanced and click Encryption. 

Select your account and click Generate, which will create your encryption key and fingerprint. 

To have an encrypted chat, a person needs to know your Jabber username, server, and your fingerprint. You'll need to know theirs, too. Exchange fingerprints over another communication channel.

Once you've established a new chat, you can verify each other's fingerprints. If they match, mark this person's contact info as "trusted." If they don't match, your communication has been compromised. Either try again at another time, or create new accounts. In fact, Micah Lee, an encryption expert and journalist with The Intercept recommends dumping chat accounts frequently, and even making single use chat accounts when contacting someone for the first time, ensuring you both leave no trace of your true identity. 

Step 5. Verify contacts.

To verify contacts, add a person's Jabber ID (reminder, this is your username plus an @ plus the Jabber server) to your Contacts. 

If the contact is online, you will only be able to see them if they have authorized your contact request. Once they have, you can authorize them back. 

Finally, you can click on the contact and begin chatting. 

Though you've sent a message, you will only be certain your chat is secure if the fingerprints match. Compare them in the OTR Fingerprint Verification box which should pop up after the first message has been sent. 

If every single character matches, you can trust this contact. 

And that's it. Happy anonymous chatting!

About 5 minutes. 

Produced by Anthony L. Fisher and Joshua Swain.

Music: "Mensa," "Dark Water," "Undersea Garden," "Loll," and "Motivate," all by Poddington Bear.  

Scroll down for downloadable versions and subscribe to ReasonTV's YouTube Channel to receive notification when new material goes live.

NEXT: Independents Rule but GOP, Dem, & Media Establishment Says Everything Is Fine

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Step 6: Everything you just read has been put into a file at the NSA. You are not anonymous, nor will anyone else be. *puts on foil hat and walks into woods with no electronics

    1. Agreed.

      If communicating this way it would behoove you to not say anything you don’t want them to know.

      Given NSA and FBI hoarding and use of zero-day exploits, proven deliberate weakening of crypto standards by the NSA, proven NSA hoovering of data at major Internet exchange points and the (possibly deliberate) shittiness of the source code for OpenSSL, it would be best to assume your Internet communications are insecure no matter what steps you take to secure them.

      Also, using Tor probably gets you on a list. So does owning guns, though, so fuck it.

      1. Using Tor or TAILS definitely gets you on a list.

        The key is for enough ordinary citizens to use these products that the NSA can’t possibly keep track of them all. Together we be a haystack so that needles can hide.

        1. Good plan If fifty million get Tor accounts, whether we use them or not, before long who WON”T be on their lists? They’re already buried in muck. A few more dump truck loads on top of what’s already here will have them scratching their heads. Sleepless nights, overtime and fat pensions… until it all comes crashing down in aheap. Then it will be time to rejoice, as Babylon will have fallen. And great will be the fall thereof.

          1. All these lists, and they seem incapable of stopping terror attacks.

            Maybe they need smaller lists and more focus.

        2. were already kinda at that point i think. theyre definitely past the point of diminishing returns at least

        3. Reading Linux journals gets you on the list.
          Reading Reason surely gets you on the list, especially if comment about federal judges and Fargo.

          Hell, reading probably gets you on the list, so was can you do. Fuck it.

          1. .. what can you do?

  2. What a dangerous recipe for illegal conduct! All forms of online anonymity should be carefully eradicated by appropriate legislation, like in China. See the documentation of America’s leading criminal troll (and criminal “satire”) case at:

  3. Start working at home with Google! It’s by-far the best job I’ve had. Last Wednesday I got a brand new BMW since getting a check for $6474 this – 4 weeks past. I began this 8-months ago and immediately was bringing home at least $77 per hour. I work through this link, go to tech tab for work detail.

    ? ? ? ?

  4. So, does anyone else get a 404 Page Not Found error when they try to go to page 2 or 3? That’s, um… interesting…

  5. Start working at home with Google! It’s by-far the best job I’ve had. Last Wednesday I got a brand new BMW since getting a check for $6474 this – 4 weeks past. I began this 8-months ago and immediately was bringing home at least $77 per hour. I work through this link, go to tech tab for work detail.

  6. I believe you can use a QTOX chat client without the TOR browser and still have anonymity. I got tired of TOR quickly and was banned from at least one bittorrent tracker for signing in with TOR.

  7. too late now to start worrying about that. I might as well just be tweeting dick-pics directly to the DoJ, i’m already on so many watch-lists.

    1. You don’t tweet dick pics. Amateur.

      There are other ways. Ask Lady B.

      1. I’m old fashioned. I still xerox my cock and send copies by regular mail.

          1. Yes, Kinkos *has* complained about it. But the library said they couldn’t break $100 bill for quarters.

  8. OT: Multitasking…

    (CNN)The man suspected of killing six people and injuring two more in a Saturday evening shooting rampage in Kalamazoo, Michigan, was an Uber driver who may have picked up passengers that same evening, according to the ride-sharing company and police.

    “Jason Brian Dalton had passed a background check, and was a driver-partner with Uber,” said Uber’s chief security officer, Joe Sullivan, in a statement. “We have reached out to the police to help with their investigation in any way that we can.”

    While the company did not address reports that Dalton picked up and dropped off customers Saturday night, authorities told CNN that it was “certainly part of our investigation.”

    “We’re looking into his connection to Uber and whether or not he was picking up fares in between the shootings,” said Public Safety Chief Jeff Hadley.

    1. tell me he was wearing a Trump 2016 t-shirt.

      1. If he was, it would be in the headline.

        1. “Was the Trumpkin killer targeting undocumented workers?” (just asking questions!)

    2. Oh like murderers aren’t allowed to make a side income

    3. Clearly we need to ban Uber since they are apparently in the business of hiring mass murderers.

  9. Aybemay weay ouldcay artsstay eakingspay in igpay atinlay.

  10. Tim Cook loves big govt when it suits his purposes, hates it when it does not. Shocking.

    1. I’ll take his efforts when he doesn’t.

      1. i’d like a little consistency. Yeah, silly me. I have no quarrel with what he’s doing, but the self-importance is a bit much.

        1. Who are his best customers, and how do they see themselves?

  11. So I heard Trump went Full Fascist over Apple. What a surprise. I’m sure we’ll continue to here from the usual area untermensch how he’s really not that bad and totally not a fascist.

    1. Maybe you can write your 8th grade honors theme on the evils of the Donald.

      1. Wow, what an incredibly witty and on-point comment as always John. So how’s life at the mental institution?

        1. I was trying to help. Most 8th grade teachers are pretty far left and would likely receive such a theme favorably.

        2. Just kiss already!

          1. That is what I keep saying Warren. But he just keeps playing hard to get.

  12. The funny part about this they would have the information if the county had not gone in and changed the phone’s cloud password. Had they not done that, they could have taken the phone and let it log into a wireless account it knew at the dirtbag’s home and then waited for it to do a periodic backup and then had Apple pull the data off the cloud. Since the phone doesn’t know the new cloud password, there is no way to do that.

    1. I’m not an IT guy, but can’t the password be changed back or something similar to let this play out as described? Maybe there is something about Apple systems that does not make nice with admin passwords, but this seems far more complicated than it should be. And the govt does not help itself with ham-handed demands and posturing and such.

      1. No. The phone thinks the i cloud password is whatever the Islamist ape made it. The county set the password to something new. So every time the phone tries to log on the cloud it will use the ape’s password and fail to log on. And you can’t tell the phone the new password because it is locked.

        I would have thought Apple would have some way to retrieve the old password so that it could be changed back. Apparently, once you change your password for the cloud, even apple can’t get it back.

        1. I would have thought the same about passwords. How ironic that the solution only required govt to avoid its default position of “do something” and let the phone do what’s it set up to do.

      2. ” ham-handed demands and posturing and such.

        I think its important to realize that the govt is probably completely unconcerned* about the san berdoo shooters device or the data on it.

        (*or, if not ‘completely’… it is not the reason *why* they are doing things the way they are doing them)

        If they just wanted the data decrypted, they could have quietly gone to Apple and had everything done on the DL. Apple has done that for them before.

        The fact is that they’ve tried on at least 2 prior occasions to get a judge to issue the same exact order. A judge looked at the subject last October (before the SB shooting even happened) and said that the request was stretching a legal concept (“All Writs”) to the breaking point.

        The entire point of the current request is to strong-arm Apple in public – using public perception and political pressure – to comply with a longstanding demand by the govt. They know that the courts aren’t 100% going to provide them cover in all cases, so they’re “Jawboning” – using ‘moral suasion’ – to try and make Apple look at this as a possible PR problem.

        They don’t give a shit about terrorism. The government hates the notion of consumer encryption becoming “normal”, and wants the companies that sell it to comply and will use “brute force” if the law proves insufficient.

        1. Exactly Gilmore. This whole thing is a farce.

        2. Apple has done that for them before.

          No, they haven’t. They have recovered files from devices running iOS 7 and below where a large amount of data was stored in the “No Protection” Data Protection class, a fact which even that awful Daily Beast story kinda-sorta touches upon before fucking things up.

          1. “No, they haven’t”

            you are still assuming that the ‘technical’ issues here are more important to Apple and the Govt than the legal ones.

            You’re an IT person, right?

            1. Ah, the “I didn’t actually know what I was talking about, but something something unfalsifiable secret government order.”

              See also “I didn’t actually know what I was talking about, but something something I’m sure the NSA knows how to do it.”

              Not interested, sorry.

              1. I think you’re missing my point.

                the central issue is not “getting the data” off of X device

                the central issue is “what can the govt compel a private company to do”.

                the technical details are ultimately irrelevant. in the prior cases where the DoJ got Apple to help access iOS7, did they do that because they couldn’t do it themselves, or because it was legally more important that they get compliance from the Manufacturer?

                the current issue is that they insist that the same access be available to them. even if they *could* break the tech themselves, they wouldn’t because what’s more important is the legal authority to compel compliance.

                1. I misinterpreted your non-reply, yes. My apologies.

                  Yes, it is obvious that this is about legal precedent and it is very frustrating how many people are oblivious to that.

                  The statement of yours I quoted was and remains incorrect.

                  1. “The statement of yours I quoted was and remains incorrect.”

                    the best kind of incorrect! *technically*

        3. I hadn’t known about the previous attempts. This is extremely important–why haven’t we seen this talked about elsewhere? Your last paragraph is frighteningly correct.

          1. why indeed. It’s almost as if there is a greater effort by many, media included, to keep govt work in the shadows rather than bringing it into the light.

      3. The thing is – nobody knows what the new password is.

        Its pretty standard when changing passwords that the new password is randomly generated, emailed to you, then you log in with *that* password and change it to the one you want.

        If they can’t get that password (or its encrypted in an email they already have but can’t read), nobody can log in to request a password change.

        1. How can the county IT people generate a new password and not know what it is?

          1. its an epistemological conundrum, the answer to which, “Its the government, duh”

            1. sure it’s govt, but does the way IT often works change because of that? I’ve had the same question Papaya has, or at least a variant of it.

              1. i interpreted the whole claims about how the “County IT person screwed up resetting the device” as just cover for the Govt insistence that Apple’s intervention is necessary

                i mean, it may be entirely true… but my point is that the whole pretense that ‘every other possible avenue is closed’ is just a convenient posture for the govt to take while demanding that Apple provide backdoors to their newest tech.

          2. Computer rolls a dice and sends the password to the email account registered to the device. Which is likely an Apple account and duly encrypted.

            1. And its not the county IT people making the password. They’re asking the APPLE system to change the iCloud password. They have authority to ask that, they don’t have the authority to generate iCloud passwords.

              The issue is, even if they know the new iCloud password, the *phone* doesn’t. Because you need to unlock it and enter the password into the Phone’s system so the phone can use it when syncing.

        2. They do not send you a new password. They send you a URL with an embedded reset token. When you go to the URL, it allows you to change the password; if you do not, your password remains the same.

          The fact that they were able to change the password suggests that the iCloud account used on the phone was registered under his work email address, which county IT would have access to.

  13. Given that it’s an Apple product, it’s probably rigged so there’s just one stupid thing you have to do to get the data that would happen automatically in a product built competently. I’ve never used a computer where I’ve had to manually turn off the Wi-Fi to get it to use the fucking hardline I just plugged in. Apple = retarded

    1. Maybe Donald Trump is behind it.

      1. A competently-built product would decrypt and spit out its data for the government on demand. Cmon don’t be stupid John.

      2. That would figure.

  14. Is anyone following this Ke$ha nonsense? I didn’t even need to know the facts to figure out who was in the wrong.…..1760142637

    She’s not suing to get a restraining order. She’s not suing to get the guy thrown in jail for assault. She’s suing to get out of a legally binding contract worth tens of millions of dollars. Jezebel doesn’t care.

    1. From the link:
      “…it’s the contract?the corporation?that comes first….”

      Uh, no. It’s her WORD that comes first. She signed the damn thing.

      1. Everything about it stinks, including the planted Jezebel story.

    2. Who?

      no, you’re not going to get me to read Jezebonkers.

      1. G, it’s written in single-syllable words; you can scan it in a couple of seconds, and ignore the whiny bits…

        1. no, i really don’t.

          I stopped djing in 2005 or so and went straight into full “old-man-mode” where i refuse to acknowledge the existence of any music since then

          which actually just made me go on a hour-long hunt to find the “last R&B tune i gave a shit about”. I couldn’t @#(*$&@ remember what it was and only knew it was based off a meters break

          And here it is. You have no idea how satisfying that was. its like the worst itch in the world to think of a song and not remember who the hell it was.

      2. And your missing the image of that whiny bitch tearing up as ‘her freedom (to welch on her agreements) is denied!”
        Poor little shit.

        1. All part of the act. Again, there are tens of millions of dollars at stake here.

          I can’t think of the last time I saw a client show up to court for a case like that. The lawyers handle it on both sides, and the parties to the lawsuit stay home and eat bon bons.

          There’s only one reason for her to be there: the facts aren’t on her side, and she wants to get in front of the cameras.

    3. The U.S. Supreme Court has already determined that corporations have similar rights to people, though if you look closely, you’ll find that theirs are far more enviable?especially compared to those of us who’ve been legally cursed with female bodies and female voices, which are meant to be soft and agreeable.

      Corporashun envy?

      1. The comments do not disappoint.

        1. I’d go play, but I know I’d get banned almost immediately.

        2. “Contracts are paternalistic”


          1. Plus handshakes are problematic, so what does one do? I guess don’t do business with anyone and vote for Bernie to pay you to loaf around and whine on the internet, but only when you feel like it

            1. They don’t have to shake my “hand”. There are other options

  15. “Tech helping fuel S.F.’s growing gender pay gap”
    “Lisa Vogt has always been on the margins of San Francisco’s tech sector. In the 1990s, she was learning basic Web design while the dot-com boom reshaped the city. In the late 2000s, as Twitter, Salesforce and other tech giants expanded in San Francisco, Vogt taught beginner computer users how to maneuver the Internet….”…..ate-result

    I read it in the dead-tree version; you’ll find a pay wall at the link
    So it runs anecdote, anecdote, poor me, anecdote, gee women don’t seem to stay in the same job (maybe they wanna have a kid? No one even hints), anecdote,…
    Finally, paragraph oh, 73 out of 100:
    “…Other data points, however, suggest that once education and work experience are factored into employee compensation, the gap in tech disappears”
    Naah, ya think?

    1. At least it’s in there! Let’s not look a gift horse in the mouth.

  16. All of these comments are anonymous, right?

    1. Sure. What was your social security number again?

      1. Same as the code in Spaceballs.

  17. OT: I know it’s wrong to laugh at an obituary, but I laughed. Just keep reading: the punch line is at the end.

    1. How awful.

      1. Yes, he is worse than Nikki.

    2. Well I guess that makes you sick and stupid.

      1. I should have known you’d have no sense of humor.

    3. I usually like black comedy, and I see the immense irony, but the article screams to me, “Liberal magazine writer laughing at hick who got himself sucked into a machine.”

      I guess I’ve just known too many of my relatives who’ve been in a similar situation—working dangerous construction or factory work for little pay, due to their own screwed-up choices, and seeing co-workers get fucked up from falls or getting graunched by the machinery—to find it all that funny. And yeah, I know this is close to Onion “That’s Not Funny” Guy, but humor is individual.

      I kept thinking, “Fuck, how is she going to pay for their kid now?”

  18. This does not protect your data from Apple. If they want to or have to write a kernel that sends memory dumps to themselves or to the FBI/NSA/CIA/KGB/MSS (and so on), they can.

    1. (This is referring to claims made in the blog post title / summary, i.e., There’s another way that customers can protect their private communications from the government?and Apple)

      1. Ah, the magical “if”

        1. Fucking adorable.

  19. OT: one of my connections just posted this on LinkedIn

    An anthropologist proposed a game to the kids in an African tribe. He put a basket full of fruit near a tree and told the kids that who ever got there first won the sweet fruits. When he told them to run they all took each others hands and ran together, then sat together enjoying their treats. When he asked them why they had run like that as one could have had all the fruits for himself they said: ”UBUNTU, how can one of us be happy if all the other ones are sad?”

    Goddammit, take that shit to FB people…that kind of drivel is why I left

    1. Progs love the “noble savage” thing.

      It works on so many levels. Racial, class, environmental. Everything was better when we were poor and communist and in touch with Gaia.

      Of course, they skip the stuff like “gastrointestinal parasites” and “infant mortality” and tribal warfare, etc.

      1. They don’t want to appear racist, but they’re afraid of letting them appear human. Or maybe incapable, I don’t know.

        1. It takes a special kind of epic-ignorance to try and make a case that “Africa” (lets just lump the continent all together, there’s nothing racist about that is there? its like, they all look the same, so why not) has some kind of secret-sauce model for human cooperation and has some kind of widely-shared, super-successful communitarian political/social philosophy that for some strange reason has never really made it further than the apocryphal ‘tribal village’…

          its just like, colonialism just fucked everything up, see? which is why they’ve never gotten their shit together. even remotely. with anything. ever. But seriously, they’re all like Ghandi-meet-Jesus and shit from birth. Ubuntu, motherfucker.

    2. I’m betting it was fabricated or orchestrated

      1. It was fabricated. By someone who doesn’t know what Ubuntu is.

        A genuine anecdote would have had the fastest guy get there first (showing off his capabilities) and then sharing with the rest because he’s not an arsehole.

        1. I thought it was a version of Linux

      2. Wait, you don’t think tribal children all share a creepily nice hive mind that allows them to instantly act and speak in perfect harmony for the good of all?

        1. I know a lot of people who seem to think that children generally are kindly and sweet and don’t naturally have any inclinations to evil. It’s astonishing to me that that many people have been able to completely forget their own experiences of being children.

        2. Are they all platinum blondes was laser eyes?

          1. +1 Children of the corn-y commie propaganda

    3. The anthropologist is a derivation of Linux?!

    4. there’s also this bit about the appetitive stimulus being a basket of fruit and it being placed by a tree, a detail which serves no purpose in the narrative. It seems to be suggesting that “African children” are something like marmosets.

  20. Off topic…
    Got my new WIRED magazine today. My god, the publication has gone full progressive.
    First, an article about how crowd-funding is bad because most of what is crowd-funded “should be” provided for free (classroom supplies, roads, health care ,etc) for the “common good.” First of all, why do they always mention ROADZ? Second, I like crowd funding because it spurs innovation. Maybe the guy down the street can pave potholes better and cheaper than the local government?
    Next, an article titled “America’s deadly gun addiction, by the numbers.” Please. They have several hipster-designed data graphics showing how many guns we have, but fail to mention how crime, in general, is declining. They even show a “U.S. deaths from firearms” line that is basically constant since 1999 next to a near exponentially increasing graph of civilian gun ownership. However, they fail to mention the lack of correlation between the two. Also no mention suicides, accidents, or homicides. Everything is lumped together as gun deaths.
    When mentioning rifles, they don’t show a bolt action hunting rifle; they show a scary-looking black AR variant. Sigh. John Lott could rebut the article in a few sentences I’m sure.
    Anyway, had to vent. Guess I won’t be re-subscribing. I usually let it run out and then reorder it through my kids’ magazine drive.

    1. You should write them and let them know.

  21. The technology is so developed that we can watch videos, live streaming, TV serials and any of our missed programs within our mobiles and PCs. Showbox
    All we need is a mobile or PC with a very good internet connection. There are many applications by which we can enjoy videos, our missed programs, live streaming etc.

Please to post comments

Comments are closed.