Security & Advanced Notes

Introduction

Security Considerations

bitlbee was primarily developed as a messaging relay, with the intention of being able to handle many different users, but in such a way that bitlbee users cannot see each other’s private messages and groups.

For example, user Bob can connect to bitlbee, and user Alice can too, at the same time. However, Alice and Bob cannot communicate with each other via bitlbee itself.

Local vs Remote Deployment

bitlbee can run both locally on your computer and on a server. Running it locally is pretty self-explanatory, I think; your attack vector is relatively small.

TLS/SSL Connections

The connection from the IRC client running on your phone, e.g., a BlackBerry, can be made with or without a TLS/SSL connection. Personally, I’ve deployed bitlbee on one of my servers with TLS/SSL, and everything works great.

Message Encryption

You can also encrypt each individual chat separately so that the messages on the hard drive itself are unreadable to anyone but you. I haven’t gone that far yet, though.

Configuring Other Plugins

Configuring other plugins, networks, and services follows a similar pattern. Once you get along with bitlbee, it’s easy to add more networks. For example, I had never used the Discord plugin before, though it was somewhat straightforward to set it up.

IRC Limitations

As bitlbee still relies heavily on IRC, sooner or later you may identify some hurdles introduced with IRC. I will add another follow-up on how to fix them and improve your whole experience.

Discord Setup Terminal Ecosystem