I tried using qTox & uTox with a friend a couple of years back. Mostly worked, but audio chat broke (became one way or both streams died) after a few minutes or if you tried to transfer files.
I’ll have a look at it again, see if it’s improved :)
It’s been around for a long time, and works well with simple UX, but never gained much adoption. I think the reason is that the mobile Tox apps were unusable, although they might be better now.
I triedit some years ago and there was no easy way to set up the same I’d on my phone and my computer. No import or export key functionality in any of them IIRC.
It would never get anywhere if it doesn’t have a direct way of using your identity across devices.
most of the problems people recall having had tried Tox years ago in this thread do not apply anymore. With qTox, calls, file transfers, and group chats all work.
It’s nice to have a chat system that cares about metadata protection, and has no option to turn off encryption.
I tried Tox a few years ago and there were two big problems:
I couldn’t easily move a conversation between devices. There were plans to add this to the protocol, but they were all in the design phase.
The peer-to-peer nature of the protocol made it very battery-intensive on mobile devices.
There were some smaller problems as well. I don’t think the protocol had had a rigorous security review by any cryptographers and the UI for setting up an account and connecting to contexts was a bit much for most non-technical folks.
I looked at Tox, GNU Ring, XMPP (again), and Signal at the time, and Signal was the only one that met all of my requirements (in no particular order):
Desktop and mobile clients with feature parity between them.
Conversations can move between devices without the remote party needing to do anything.
Protocol subject to external adversarial security review.
Complete data and metadata encryption.
A setup process I was confident that my mother could do without in-person assistance
Mobile clients that won’t drain the battery or otherwise annoy people I want to talk to who use their phone in preference to a desktop for messaging
Tox came second but since I started using Signal I’ve been incredibly happy with it (in particular, how easy it is for folks who have used WhatsApp to install it and use it instead) and an alternative would need a compelling reason to make me switch. Tox doesn’t provide one.
It doesn’t have the same degree of metadata protection as Tox,
In what way? The only metadata that is not protected in Signal is the last time you connected to the network. In Tox, if I remember the protocol correctly, this is visible to anyone who can get your public key.
and it’s centralized.
It has a centralised component but it is designed such that this component is out of the TCB for confidentiality or integrity, only for availability. As such, it combines the reliability of a centralised system with the security of a peer-to-peer one.
If we want better systems, then they have to start somewhere.
In what way? The only metadata that is not protected in Signal is the last time you connected to the network. In Tox, if I remember the protocol correctly, this is visible to anyone who can get your public key.
I can’t speak to Signal’s metadata protection. I’ve heard various claims -some contradictory- about what information the server can and cannot observe, and I am not in the position to audit the source code myself.
With Tox you have short-term keys which are used in the DHT which are not connected to your longterm keypair, so knowing these keys does not reveal anything except “some node” is participating in the DHT. There is also onion routing which in combination with the aforementioned temp keys allows for nodes to make and respond to friend requests without nodes knowing where they are (or what IP they are connected with).
It has a centralised component but it is designed such that this component is out of the TCB for confidentiality or integrity, only for availability. As such, it combines the reliability of a centralised system with the security of a peer-to-peer one.
What do you mean “reliablilty of a centralised system”? When Signal has gone down multiple times in the past year, I’ve continued using Tox… I find this design more reliable. Maybe you mean something else.
Also “[…] the security of a peer-to-peer one” - I don’t think p2p systems are inherently secure. I think Tox has made a lot of progress in making their p2p system secure. I also don’t think Signal is in any way a p2p system, so again, not sure what you mean by this.
As an aside: I don’t hate Signal, or try to dissuade anyone from using it. I tell most anyone who asks me what messenger to use to simply use Signal. I think it’s not up for argument that it’s made it much further than any encrypted-messenger has before, and its encryption protocol is great. I just don’t think it’s the be-all-end-all of privacy-preserving messaging, and my only true complaint is that I think it’s made people stop striving for more because it’s so good.
Tox strikes some initial similarities with something like Session with the primitives they use [for identities]. But the underlying details of Tox I have not yet looked into.
I tried using qTox & uTox with a friend a couple of years back. Mostly worked, but audio chat broke (became one way or both streams died) after a few minutes or if you tried to transfer files.
I’ll have a look at it again, see if it’s improved :)
It crashed my Gentoo machine way back when. Good times.
I remember this being a /g/ project way back when, but it seems like Matrix ate their lunch at a certain point. Good to see it’s still in development!
Matrix is not a replacement for Tox.
Tox has no home-servers. Identities are generated locally.
Encryption is built into the protocol. It is not bolted on later or optional.
It is peer-to-peer instead of federated.
Calls actually work much more often than they do with Matrix (anecdotal)
Tox has several clients not written in Javascript.
I’m pleasantly surprised a /g/ project made it past the “I’ll make the logo” phase into something actually usable.
It’s been around for a long time, and works well with simple UX, but never gained much adoption. I think the reason is that the mobile Tox apps were unusable, although they might be better now.
I triedit some years ago and there was no easy way to set up the same I’d on my phone and my computer. No import or export key functionality in any of them IIRC. It would never get anywhere if it doesn’t have a direct way of using your identity across devices.
most of the problems people recall having had tried Tox years ago in this thread do not apply anymore. With qTox, calls, file transfers, and group chats all work.
It’s nice to have a chat system that cares about metadata protection, and has no option to turn off encryption.
Glad to see they are finally implemented.
I tried Tox a few years ago and there were two big problems:
There were some smaller problems as well. I don’t think the protocol had had a rigorous security review by any cryptographers and the UI for setting up an account and connecting to contexts was a bit much for most non-technical folks.
I looked at Tox, GNU Ring, XMPP (again), and Signal at the time, and Signal was the only one that met all of my requirements (in no particular order):
Tox came second but since I started using Signal I’ve been incredibly happy with it (in particular, how easy it is for folks who have used WhatsApp to install it and use it instead) and an alternative would need a compelling reason to make me switch. Tox doesn’t provide one.
Yes, Signal is more similar to WhatsApp. It doesn’t have the same degree of metadata protection as Tox, and it’s centralized.
If we want better systems, then they have to start somewhere.
In what way? The only metadata that is not protected in Signal is the last time you connected to the network. In Tox, if I remember the protocol correctly, this is visible to anyone who can get your public key.
It has a centralised component but it is designed such that this component is out of the TCB for confidentiality or integrity, only for availability. As such, it combines the reliability of a centralised system with the security of a peer-to-peer one.
They did, and that’s what I’m using.
I can’t speak to Signal’s metadata protection. I’ve heard various claims -some contradictory- about what information the server can and cannot observe, and I am not in the position to audit the source code myself.
With Tox you have short-term keys which are used in the DHT which are not connected to your longterm keypair, so knowing these keys does not reveal anything except “some node” is participating in the DHT. There is also onion routing which in combination with the aforementioned temp keys allows for nodes to make and respond to friend requests without nodes knowing where they are (or what IP they are connected with).
What do you mean “reliablilty of a centralised system”? When Signal has gone down multiple times in the past year, I’ve continued using Tox… I find this design more reliable. Maybe you mean something else.
Also “[…] the security of a peer-to-peer one” - I don’t think p2p systems are inherently secure. I think Tox has made a lot of progress in making their p2p system secure. I also don’t think Signal is in any way a p2p system, so again, not sure what you mean by this.
As an aside: I don’t hate Signal, or try to dissuade anyone from using it. I tell most anyone who asks me what messenger to use to simply use Signal. I think it’s not up for argument that it’s made it much further than any encrypted-messenger has before, and its encryption protocol is great. I just don’t think it’s the be-all-end-all of privacy-preserving messaging, and my only true complaint is that I think it’s made people stop striving for more because it’s so good.
Has the encryption protocol been audited yet? Until then, I probably wouldn’t recommend using Tox for anything sensitive.
Jami is another p2p e2ee voice/video/message platform that uses existing crypto (TLS 1.3).
Tox strikes some initial similarities with something like Session with the primitives they use [for identities]. But the underlying details of Tox I have not yet looked into.