PSST User Manual

(note - PSST II has been completely rewritten.
Updated manual is included in PSST II downloads)

PSST is distributed (for windows) as a single EXE file.

No installation is required. Just copy the file psst.exe to a safe place. You can even store it on a floppy disk if you want.

When you run PSST, an old-style MS-DOS console window will appear.
This is the PSST user interface (basic, huh!).

Seeding the Random Number Generator

When PSST first runs, it will ask you to type in a line of gibberish.

This is a precaution for your own safety - it will make sure that the encryption keys are really secure.
Make sure you type in a full line of crazy stuff.

I've chosen to do this because humans with their unpredictability are a much better source of chaos than software, and chaos is what makes the encryption work.

Having a conversation

To start a private conversation, either you connect to another party, or they connect to you.
That's your choice.

If you're the one connecting, then you'll need to know the other person's IP address, or a hostname where their computer can be reached. Vice-versa, if they are connecting to you.

Perhaps the easiest way to start a PSST conversation is:

  1. Talk to the other user, via normal telephone or chat, ICQ, MSN Messenger etc, just before you want to talk via PSST.

  2. Ask the person to find out their IP address, by clicking on the 'Tell me my IP address' link on the left of this web page. Alternatively, you can find out your IP address or hostname.

  3. You and the other person both start up the PSST program

  4. A black window will appear. If you're the one initiating the connection, then type '/conn <address>', where <address> is the hostname or IP address of the other party. If the other party is initiating the connection, just wait - they will use this command instead.

    So for example, if the other party's IP address is, you would type

    After a few seconds, you and the other party will see a message saying 'connected'.

  5. Once connected, you can both type messages to each other.

    These messages are automatically encrypted during transit, and decrypted at the other end.

    Also, like some other chat programs, messages appear at the other end as soon as you type them and press the ENTER key. It's probably a good idea to press ENTER at the end of every phrase or sentence, so your messages aren't too big.

  6. To terminate a PSST conversation, type '/disc' on an empty line.

  7. To quit the PSST program, type '/quit' on an empty line.

  8. At any time, even during a PSST conversation, you can type '/help' to see a list of commands.

What about Firewalls?

If you're behind a firewall, the simplest approach is for you to initiate the connection to the other party. Many firewalls restrict inbound connections, but not outbound.

If you and the other party are both behind a firewall, the issue gets a little more tricky. One of you will need to configure the firewall to accept connections on port 4516 and route those connections through to your own PC.

If neither you nor the other party can configure the firewall to allow inbound port 4516 connections, then you may be able to receive connections on another port.

You can run psst with a port number as an argument, to cause PSST to receive incoming connections on that port. Note though that on Linux, you need to be root to receive connections on a port below 1024.

Records of PSST Activity

Note - PSST does not write any registry keys.

It does not store any files, or leave any records of your specific activity anywhere on your computer.

If your computer ever got seized, there would be no record of any specific conversation ever having taken place. All anyone can determine is possibly that you ran the PSST program at some time, but no idea of who you may have communicated with, or how often.

But if you're concerned, you can make sure that nobody even knows you've run PSST. To get this added security, follow this simple procedure:

  1. Put PSST on your own personal floppy disk. Don't put it on your computer's hard disk.
  2. Don't run PSST by double-clicking on the PSST icon in Windows.
  3. To run PSST, open up a DOS Command Processor window.
  4. Within the DOS window, type 'A:\psst'.
  5. When you finish the session, close the DOS Command Processor window
  6. Don't forget to remove and hide the floppy disk.

If you follow these steps, then even if your computer is seized or inspected, a managerial or forensic audit will not reveal that PSST was used or even existed on your machine.

Security Threats

The main security vulnerabilty of PSST 0.1.1 is a 'Man In The Middle' (MITM) attack.
This has been solved in version 0.1.2. See downloads page.
Thanks to 0x90, UserX and the correspondents on who got on my case and encouraged a more timely fix.


Have fun, and safe chatting :)