CoyIM Configuration Howto
CoyIM is a cross-platform (Windows, Mac and Linux) chat tool oriented towards user security. An overt goal of its developers is to reduce the attack surface of your system to the minimum. For this reason, CoyIM supports only one communication protocol (XMPP, the same we use for our instant messaging services); it does not envisage the installation of third-party plugins; and features a minimal graphic interface, which doesn’t even include emoticons. The embedded components in the client are very limited and represent the recognized standard in the field of secure online communication.
Some interesting features of CoyIM are:
- Tor. CoyIM automatically detects whether Tor is installed on the user’s computer: in this case, it automatically routes its connections towards the onion network, thus making them anonymous.
- OTR. Every message sent through CoyIM is automatically encrypted with OTR. Moreover, CoyIM does not allow to send unencrypted messages to other XMPP clients.
- TLS. The communication channel between CoyIM and the chat server is encrypted with a further encryption layer.
Another important feature of CoyIM is its default configuration, which guarantees an optimal level of user protection from its first launch. Lastly, CoyIM implements a tool to easily import your OTR private key from other XMPP clients (like Pidgin, Adium or Jitsi). In this short tutorial we will see how to configure it for the Autistici/Inventati chat services.
Encrypt the CoyIM configuration
The first time you launch CoyIM this window will appear:
CoyIM gives you the chance of saving your client configuration file in an encrypted mode. In this way, should someone illegitimately access your computer, they will be neither able to see your username, nor your login password or the chat server you are using. If you choose to enable this option, click on “Yes”.
Choose a password to encrypt the CoyIM configuration and press “Ok”. Your CoyIM configuration file is now encrypted. You’ll be required to enter the password to decrypt it each time you launch the program. If you lose it by any chance, you will have to configure CoyIM anew.
Now let’s configure CoyIM in order to use it with the Autistici/Inventati chat services.
Click on “Existing Account”.
Your username (i.e. firstname.lastname@example.org) in “Your account”
Your account password in the “Password” field (or a Jabber specific password if you activated the Two Factor Autenthication on our services)
The nickname that will be visualized by your contacts in the “Display Name” field
Finally, click on “Save”. If your configuration works, this window will appear:
Hidden service configuration
If you wish to secure a further level of privacy and security for yourselves you can access Jabber by using our Tor hidden service. To do so, you need to apply some simple changes to the basic configuration we have just gone through.
Once you have inserted your username, password and nickname, check the “Display all settings” box
Now select the “Server” menu and add:
The Autistici/Inventati XMPP hidden service address (autinv5q6en4gpf4.onion) in the “Server” box.
The server port (5222) in the “Port” box.
Done! Now you can use the AI Hidden Service to chat with your friends on Jabber.
How to use OTR
As explained in the introduction of this tutorial, CoyIM will automatically encrypt the content of your conversations with OTR and will not allow sending unencrypted messages: this means that your contact must necessarily use an XMPP client that supports OTR at the same time.
Do not forget to verify the authenticity of the key!