WEBVTT

00:01.380 --> 00:01.830
Okay.

00:01.830 --> 00:08.970
So so far we signed up with X NPP, which, like I said, can be more private and more anonymous than

00:08.970 --> 00:10.710
normal messaging services.

00:11.220 --> 00:17.460
We're also using this from Thales, which is live and MiSeq, and comes with the latest patches and

00:17.460 --> 00:19.940
more secure than normal operating systems.

00:19.950 --> 00:27.600
So right now, our method of instant messaging is more private and much more anonymous than normal instant

00:27.600 --> 00:28.440
messengers.

00:29.100 --> 00:31.530
We're also using end to end encryption.

00:31.530 --> 00:38.220
So whenever we send a message, it gets encrypted on our end and never gets decrypted until it reaches

00:38.220 --> 00:39.240
the destination.

00:39.240 --> 00:42.420
So no one can read the content of the message.

00:42.420 --> 00:49.080
Even the server that we are using to facilitate the connection cannot see the messages that we send.

00:49.110 --> 00:50.870
So this is really, really good.

00:50.880 --> 00:57.040
The server servers, you also use TLS, so everything is set up properly so far.

00:57.060 --> 01:04.650
The only problem that we have is you can see here at the bottom it's still telling us that the communication

01:04.650 --> 01:06.060
is unverified.

01:06.660 --> 01:09.960
So it is private, but it's just unverified.

01:10.170 --> 01:16.620
And what's meant by this is right now, we're still not sure that the person on the other end, this

01:16.620 --> 01:19.800
person right here is who they're claiming to be.

01:20.190 --> 01:26.970
What if someone managed to hack into this person's account, or what if someone has managed to impersonate

01:26.970 --> 01:27.810
this account?

01:27.810 --> 01:34.740
So how can we be so sure that the person using this account right here is the person that we want to

01:34.740 --> 01:36.060
communicate with?

01:36.420 --> 01:38.880
So this is what the warning is telling us.

01:38.880 --> 01:41.730
We haven't verified the person on the other end.

01:41.730 --> 01:46.770
And in this lecture, I want to show you a number of methods on how we can do this.

01:47.130 --> 01:52.950
So we're going to click on the notification and we're going to click on Authenticate Body.

01:54.000 --> 02:00.090
And as you can see in here, we have a dropdown menu in which we can select the method that we want

02:00.090 --> 02:04.530
to use in order to verify the person at the other end.

02:05.010 --> 02:08.640
So the first method is very simple question and answer.

02:08.640 --> 02:15.360
And the way this will work is you do want to use a question in here that only the right person can answer.

02:15.360 --> 02:21.210
So you want to make sure that if anybody hacks into their account or impersonates them, they won't

02:21.210 --> 02:24.270
be able to answer the question that you enter in here.

02:25.020 --> 02:29.340
So for example, let's say I want to ask him, where did we meet?

02:29.490 --> 02:34.890
Now, this is obviously a really bad question to ask in terms of privacy, because this will reveal

02:34.890 --> 02:37.260
the location where you met this person.

02:37.260 --> 02:39.180
But just for testing, it's fine.

02:39.630 --> 02:41.940
And you want to put the answer to this question.

02:41.940 --> 02:46.710
So let's say Ireland and we're going to click on Authenticate.

02:46.950 --> 02:52.230
So right now, as you can see, we're waiting for the person to respond to this question.

02:52.230 --> 02:57.690
And if we go to the person's account, as you can see, he got this message telling him that the other

02:57.690 --> 03:00.150
person is trying to authenticate you.

03:00.180 --> 03:02.340
The question is, where did you meet?

03:02.340 --> 03:04.410
And he has to put the answer here.

03:04.740 --> 03:09.360
So if I put the correct answer in here, click on authenticate.

03:09.900 --> 03:16.020
As you can see, it's telling this person that your body has successfully authenticated you and you

03:16.020 --> 03:17.580
may want to authenticate them.

03:17.580 --> 03:23.280
So you may want to use a different method of of authentication to make sure that that person is who

03:23.310 --> 03:24.360
you think they are.

03:24.480 --> 03:31.290
But if we go back here, you can see that it's telling us that the authentication is successful and

03:31.290 --> 03:34.260
the communication right now is private.

03:34.260 --> 03:35.910
The warning is gone.

03:35.910 --> 03:38.730
So right now we're using end to end encryption.

03:38.730 --> 03:42.570
Everything is encrypted on our end and only decrypted at the other end.

03:42.570 --> 03:49.200
We also verified that the person at the other end is the person that we actually want to communicate

03:49.200 --> 03:49.740
with.

03:50.010 --> 03:52.710
We're using XRP to send the messages.

03:52.710 --> 03:59.490
Like I said, this is a decentralized messaging protocol that is not really owned by a single company

03:59.490 --> 04:03.720
and you can even set up your own XRP servers.

04:03.720 --> 04:09.930
So therefore there isn't a single entity that could spy or could see what's happening.

04:10.860 --> 04:11.310
Now.

04:11.310 --> 04:14.850
There are actually other methods to verify the other person.

04:14.850 --> 04:23.820
So if we go here and click on Authenticate Buddy, you can also choose a secret, a shared secret.

04:23.820 --> 04:26.370
So this way you don't ask a question.

04:26.370 --> 04:32.730
You need to have you need to agree with the other person on a secret that you use to authenticate them.

04:32.730 --> 04:35.400
So you would only put the secret in here.

04:35.400 --> 04:37.680
They'll be prompted for the secret as well.

04:37.680 --> 04:42.210
And if you both put the right correct secret, they will be authenticated.

04:42.210 --> 04:48.900
And the last method of authentication, you can use manual fingerprint verification where you will have

04:48.900 --> 04:54.480
to send your fingerprint, which is this one right here, this code to the other person.

04:54.480 --> 04:58.110
But you want to do this using another method of communication.

04:58.110 --> 05:00.330
So you want to either call them or.

05:00.520 --> 05:05.470
Send it to them by email or another secure method of communication.

05:05.470 --> 05:12.400
And then once they get it, go to the authenticate, go on the fingerprints as well, and compare the

05:12.400 --> 05:16.750
fingerprint that you send them to, the fingerprint that they see in here.

05:17.350 --> 05:22.270
Now, as you can see, this method is a little bit more complex and would require more steps.

05:22.270 --> 05:28.450
But the other two methods that I showed you earlier are only available in the recent pidgin versions.

05:28.450 --> 05:33.880
So if your buddy or your friend is using an older version, you might have to use this method.

05:34.660 --> 05:36.150
So that's it for now.

05:36.160 --> 05:43.450
You can go ahead and start communicating with your friends, using pigeon with X and P and otter, and

05:43.450 --> 05:45.910
this way your communication will be private.

05:45.910 --> 05:51.520
You'll be able to authenticate your friend, make sure that the right person, and therefore your communication

05:51.520 --> 05:53.260
will be more anonymous.