Stop Google recording your chats

Many Gmail users also use Gchat to talk to their buddies. Why not – the Gchat window is right there, next to their emails and very easy to use.

Problem is, Google automatically analyzes everything Gmail users are emailing or chatting about. It’s obvious that Google stores your emails, but if you’re sceptical about how much of your chats Google records, just go to any of your Gchat contacts and click “More” -> “Recent Conversations”.

Recent Google Chat conversations

Bringing up your recent chats with another Google user

You can now see the contents of all conversations you’ve had with this user. This should make it obvious that everything you type in Google Chat is recorded and stored.

Why is Google recording our chats?

But why do Google record all this? Because by knowing everything you talk about, Google can perfect your “behavioural profile”. The better this profile, the higher its market value.  Remember, if you’re not paying for it, you’re not the customer, you are the product! And everything you say or do while logged on to Google services is used to make you a higher-yield product. Google then charges marketing companies (Google’s real customers) for access to this massive data set. Marketers are aching for an opportunity to directly target the more than 350 million Gmail users (as of Jan 2012) with personally targeted, customised ads. Of course this is done automatically with software, and Google is not the only “free services” provider to sell your data for profit. Facebook follow the same business model, and it appears to be working out quite well for them. Facebook recently reported $3.7 bn (yes, that is billions of US dollars) in revenues. There is a lot of money to be made for companies that turn our entire lives into sellable products.

This is one of the two reasons you would want to stop Google recording your chats.

Why is this dangerous?

The second reason why Google recording your chats is not a good idea is that Google hands over this information (your emails, chats, things you have searched for, YouTube videos you have watched) to the law enforcement agencies of your country. They have no choice – they have to. Google provides a “Transparency Report“, which is commendable. Unfortunately it falls short of giving us a clear view of just how much personal information has been handed over to government agencies due to the way the numbers are presented.

The following table attempts to answer the question:

“For how many user accounts was Google asked to hand over data to government agencies between January – June 2011″?

Country

# of users (approximate)

USA 11,057
UK 1,444
 Spain  709
 Italy  1,263
 India  2,439
 Germany  1,759
 France  1,552
 Brazil  1,822

You can look up your country by following any of the links in the table.

Given just how much Google knows about us, our friends, and our friends’ friends, it is a troubling thought that all this data, all of our contacts, the videos we have been watching, our chat messages, things we +1’ed, services we use from other service providers (Flickr etc) are recorded by Google and therefore being handed over to government agencies all over the world at this unprecedented rate.

If you believe that nothing you ever type or click on will be of interest to any law enforcement agency, government or court around the world until you and your entire family pass away (but what about your grandchildren? Think 40 years ahead. Could someone in 2052 dig up a record of an internal joke with one of your buddies back in 2012, cast it as proof of extremism and use it to harm your family?), AND you subscribe to the “I have nothing to hide, therefore I have nothing to fear” camp, you can stop reading here.

If you are genuinly uncomfortable with how your online life is harvested and recorded and wish to take steps to protect what little parts of it you can, read on.

Going “Off the record” in Google Chat

Google provide a mostly-hidden feature on their Gchat client that allows you to indicate you want to go “Off the record”. You can see it under the “Actions” menu when you are chatting with someone on Google Chat.

Google say that going “Off the record” means that “Chats [...] aren’t stored in your Gmail chat history…” which sounds good, but does not actually promise your chats are not being recorded.

Google Chat: You are now off the record

Google Chat: You are now off the record

Given that Google “will share personal information with [...] organizations [...] outside of Google if [...] preservation or disclosure of the information is reasonably necessary to meet any [...] enforceable governmental request“, it is a safe assumption that Google Chat’s “Go off the record” option does not really buy you any privacy.

Getting some real privacy for Google Chat

We will use Free Software tools that allow you to be reasonably confident that Google is not recording what you say over chat.

Before you continue, please understand:

  1. To have a private chat, both you and the person you wish to privately chat to, need to follow these steps.
  2. If you use multiple computers to chat (e.g. a work computer and a home laptop), you have to repeat these steps in every computer before you use it to chat. You will only have to “prepare” every computer once.

First, download and install the Pidgin instant messaging software

Get the software from http://pidgin.im and install it on your computer.

Done installing Pidgin? Great. Continue to the next step.

Download and install the OTR plugin

The Off The Record (OTR) plugin allows Pidgin users to encrypt their communications. Get it from http://www.cypherpunks.ca/otr/ and install it on your computer.

Configure Pidgin for Google Chat

The first time you start Pidgin you will see this:

Click on “Add…” – a new window comes up. (this may happen automatically before you even press “Add”)

Adjust the settings as shown, using your Google username and password:

Pidgin Google Chat settings – basic

Click on the “Advanced” tab and adjust the settings as shown:

Pidgin Google Chat settings – advanced

Almost there! Now click on “Add” to complete setting up your account.

You should now be connected to Google chat! A list of your online contacts (or “Buddies”) will come up right away:

Pidgin buddy list when logged onto Google Chat

If you see something like the above, congratulations – you are successfully connected to Google chat.

If you get error messages, likely causes are:

  1. You didn’t type all settings exactly as shown above
  2. You are using Google’s two-step authentication. In that case your “main” Google password is not accepted. You need to create an application-specific password for Pidgin on the computer you’re currently setting up. Why?
  3. Your (corporate or national) network firewall is blocking the chat protocol XMPP. It may be possible to bypass it with Tor.

Activate and configure the OTR plugin

From the Pidgin “Buddy List” window go to Tools -> Plugins as shown here:

Scroll down the list until you find “Off-the-Record Messaging”. Tick the box next to it – this will enable the plugin:

Now click on the “Configure Plugin” button:

In the new window that comes up, configure the default OTR settings as follows:

Congratulations! You can now chat privately with buddies who also use the OTR plugin.

You have just made it very difficult for Google or anyone else to eavesdrop or record what you say. Just point your Google chat buddies to this page and get them using the OTR plugin!

Start a private conversation

Note: You can communicate privately only if the chat buddy you’re communicating with has followed the above steps, or is using other software that uses the OTR plugin.

Double-click on a buddy’s name to bring up the Conversation window. Notice the “Not private” button on the bottom right?

This means you have not activated the privacy features yet. But you’re about to!

Click on “Not private” and ask Pidgin to “Start private conversation”:

Pidgin will now attempt to create a secure channel and should display the following:

This is the result we want. “Unverified” is not a problem (but see Improvement 2 below). Pidgin tells us that it has established a secure channel to the other end, and you can use it to chat with your buddy without Google being able to read & record your messages.

Remember to always check the bottom-right OTR status icon. If it says “not private”, you should assume that Google is recording everything you type in that window.

Improvements (optional)

Improvement 1: Ask OTR to always try to initiate private messaging

You can ask OTR to always try to “automatically initiate private messaging” from the OTR plugin configuration menu you used above. Here’s the option you need to tick:

Improvement 2: Verify the identity of people you chat with

You have stopped Google reading, analysing and recording what you discuss with your buddies. But if you have reason to believe someone might be trying to read what you say (e.g. if you’re a whistleblower, journalist, activist,  lawyer, live in the wrong country etc) you can not yet be 100% certain that the person you are talking to, is indeed your buddy and not an impostor, pretending to be your buddy.

To rule out this possibility you should always verify the people you chat with. You only need to do this once for every buddy you wish to chat with.

To do this, click on the “Unverified” button:

Encrypted, but not authenticated. You are talking to someone through a protected channel, but you don’t know yet who that “someone” is.

This brings up the following menu, allowing you to “Authenticate Buddy”:

Asking Pidgin to authenticate the buddy you’re chatting with

You are now presented with the easiest option to authenticate your buddy – asking them a question, and checking that they know the right answer. There are other methods as well, like entering a secret passphrase you have agreed on in advance.

Go ahead and type a question and its answer. It should be something obvious to your chat buddy (example question: “what’s the name of my dog?” or “who did we discuss about last time we met?”) but not to potential impostors. (If you have reason to believe someone is targetting you specifically, using a pre-shared secret is the best way to ensure you are talking to your real friend. After all, any serious adversary can find the name of your dog without too much hassle.)

Example of a question/answer pair

After you click on “Authenticate” you will have to wait for a few moments for your friend to answer the question using his computer:

Waiting for response to authentication challenge

Once your friend successfully answers the question you set, you will see this message:

If you get a “Authentication failed” message instead, your friend probably mistyped something. Please remember (and remind your friend too!) that the answer is CaSe SenSiTive – so in this example the answer “Maxx” is correct, but “maxx” is wrong!

Congratulations! You can now be confident you are talking to the right person! This is an additional benefit to what you achieved already – stopping Google (or anyone else) from monitoring & recording what you say!

A private & authenticated conversation over Pidgin. You know the person you’re talking to is who they say they are, and you know that noone else can eavesdrop on your conversation.

Next time you wish to talk to this person, you will just need to click on the OTR button on the bottom right and the conversation will immediately switch to “Private”. No need to re-authenticate,  unless you or they are using a different computer.

Now the only thing Google knows is

  • Who you chat with
  • When you chat with them

…which is a significant improvement from before.

What, you still don’t like that? What are you doing chatting on Google Chat then?! Go use CryptoCat over Tor at http://xdtfje3c46d2dnjd.onion/, or if your enemies are pros (and you trust your hardware), TAILS.

Improvement 3: Use Google’s two-step verification & an application-specific password for Pidgin

It’s a good idea to use Google two-step verification. This means that Google will ask you for two pieces of proof that you are the legitimate owner of your account whenever you log in from an unrecognised device. This is an improvement in security, but means that external applications (like Pidgin) can not access your Google account.

Google’s solution is application-specific passwords. These are passwords that only work for one designated application and can not provide full access to your Google account (e.g. to change your account settings).

See Getting started with Google 2-step verification and after you’ve activated it, create an application-specific password for Pidgin on your device.

Then, on Pidgin’s main “Buddy List” window go to Accounts -> USERNAME@gmail.com -> Edit Account, input the password you just created, ask Pidgin to remember it, hit “Save” and you should be all done.

Now starting Pidgin will automatically log you into Google Chat, without asking for your password.

3 thoughts on “Stop Google recording your chats

  1. So I used Adium for one of my google accounts and Gibberbot with another account. I added the accounts on each other and initiated OTR chat.

    But I noticed on the chat history in browser that even before the first encrypted message is sent, the accounts exchanged some random large string of text and numbers. Much like the subsequent encrypted chats.

    My question is: was the first exchange the key used for encryption? Because Google has that text, can they decrypt the chats?

    • Quick answer: No and no.

      Longer answer: I’m not a cryptographer, but the protocol description and the levels of trust I have for the people who designed the protocol compel me to answer “no, that first exchange was not the key used for encryption” (since OTR uses Diffie/Hellman aka asymmetric aka public-key cryptography for key exchange).

      See http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html for a high-level description of the steps taken for the Authenticated Key Exchange (AKE) and https://en.wikipedia.org/wiki/Off-the-Record_Messaging#Implementation for an overview of the protection you get with OTR.

      It’s not just public crypto – it also provides deniability (i.e. your messages are not digitally signed by you) and perfect forward secrecy (i.e. even successful cryptanalysis of one of your messages does not compromise your other messages).

      OTR is pretty serious crypto, with a solid theoretical background and well-respected people implementing and improving the protocol and implementations.

      UPDATE: See a more official response from the horse’s mouth:
      http://lists.cypherpunks.ca/pipermail/otr-users/2012-May/002006.html

  2. Pingback: Google and Your Private Information | Vancouver Private Investigators

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s