Chat control 2.0 prepper guide (just in case)
The chat control controversal EU proposal aims at breaking messaging apps end-to-end encryption introducing a state of mass surveillance in Europe. Motivated by the alleged defense of minors on the internet it’s in fact violating EU people civil and privacy rights. This proposal could lead to false positives, data leaks and law enforcement abuse.
This guide shows how to configure a safe XMPP server with OMEMO cryptography, to protect confidentiality of personal comunications.
You will need a VPS and a domain name associated to it from a cloud provider of your choice, possibly choose a datacenter near your location, you can choose on prem hosting as well. In this guide I use Debian 12 running openfire XMPP server and Conversations an Android FLOSS app that supports e2e encryption that you can download from f-droid on your phone.
Once you secured your server and logged with SSH to it, you can run:
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_5.0.1_all.deb -O openfire_5.0.1_all.deb
sudo su
apt update
apt install openjdk-17-jre-headless
apt --fix-broken install
dpkg -i openfire_5.0.1_all.deb
systemctl start openfire
apt install ufw
ufw allow 22 # or the custom port you use for SSH
ufw allow 9090
ufw allow 9191
ufw allow 5222
ufw allow 5269
ufw enable
At http://domain.federation.org:9090 (a template domain name, you can choose yours) you can follow this setup wizard steps, it would be safer if you completed the setup locally and only then opened ports on firewall:
Then from f-droid at this link https://f-droid.org/it/packages/eu.siacs.conversations/ you can download Conversations and register your username to the federation like so:
OMEMO will be implemented by default, and you will be able to add contacts from your federation or others and begin an end-to-end encrypted chat.