Who are you worried about? Security And Privacy Threat Model
http://www.infoanarchy.org/en/Encrypted_Chat_Clients - AdiumX and Pidgin offer encryption, but obviously that doesn't work if the other party isn't using a client that supports it.
The connection between the GoogleTalk client and the Google Talk server is encrypted, except when using Gmail's chat over HTTP, a federated network that doesn't support encryption, or when using a proxy like IMLogic. End-to-end messages are unencrypted. Google plans to add support for chat and call encryption in a future release. Some XMPP clients natively support encryption with Google Talk's servers. It is possible to have end-to-end encryption over the GTalk network using OTR (off-the-record) encryption.
- Note that GTalk uses the phrase "OffTheRecord" explicitly, but only to indicate the lack of logging. There is still no encryption involved.
- Matthew Green looks (Mar'2013) at Silent Circle, RedPhone, Crypto Cat, Wick R. Some services actually know and store your private keys, while others operate as a Certificate Authority, allowing you to 'certify' new public keys under your name. Either of these models makes eavesdropping relatively easy for someone with access to the server.
- Matthew Green explores (Jul'2014) the OTR and Crypto Cat protocols. None of the issues I note above are the biggest deal in the world. They're all subtle issues, which illustrates two things: first, that crypto is hard to get right. But also: that crypto rarely fails catastrophically. The exciting crypto bugs that cause you real pain are still few and far between.
Whisper Systems' Signal
- Guardian Project's Chat Secure (GibberBot) is a secure chat client capable of firewall and filter circumvention, surveillance blocking and end-to-end encryption. It works with Google, Facebook, any Jabber or XMPP server, such as Open Fire or eJabberD. Unlike Blackberry BBM’s broken single key security, Gibberbot uses the Off-the-Record (OTR) encryption standard to enable true verifiable end-to-end encrypted communications. To use encryption, the person you are chatting with must also be using Gibberbot, or a compatible app like Chat Secure (iOS), Pidgin (Linux/Windows), AdiumX (Mac) or JitSi.
Edited: | Tweet this!