Privacy

30753 readers

1114 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

Tox.chat security (tox.chat)

submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

21 comments fedilink hide all child comments

Anone heard about it? Anything bad about security?

I've checked speeds with my friend, the're quite good, file transfer speed is insane compared to signal.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 12 points 3 months ago (2 children)

Have you read it's github front page?

This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.

BTW, if you look at its issues (including closed ones, which most probably aren't really closed) you'll find pretty interesting discussions about its crypto not being right. That said, I'm not sure what irungentoo brings to the picture...

At any rate, if you're looking for distributed messaging, I'd look into Jami. It also uses DHT and something similar to torrents mechanism. Jami is my only option so far for distributed messaging. There's also Briar, but I don't like it for regular messaging, particularly on phones (too much battery usage), neither its underlying technology, but if it's to your liking, then that's another option for distributing messaging.

[–] [email protected] 4 points 3 months ago (1 children)

Jami has the same issues as Tox. It needs a security audit and probably a rewrite.

[–] [email protected] 3 points 3 months ago (2 children)

The audit is true, but at least Jami didn't make up its own crypto lib, it uses standard already in use crypto stuff. To there's a huge difference there.

BTW, they are actually re-writing stuff... But yes, they need more recent audits...

[–] [email protected] 1 points 3 months ago

True there

I also think its funny that the fsf endorses it.

[–] [email protected] 1 points 3 months ago

Tox uses NaCl as its crypto library, don't spread misinformation

[–] [email protected] 2 points 3 months ago (1 children)

Worth mentioning that I could not for the life of me get Jami to work in any way the last time I tried it; I've seen many guides and overviews, but couldn't find a single one where it's actually successfully used. Cool idea, though

[–] [email protected] 3 points 3 months ago

I has improved quite a bit. The phone app still requires navigating over its settings to get less battery consumption, and having ntfy or any other unifiedPush notification provider available in the phone. But with the default configs, you get Jami working at least. I tried it before, and I found before synchronization between devices was a mess. Currently it just works. I still find it hard on immediate/urgent calls or messages, which might not happen when you expect, but other than that it's working.

On the desktop, the default configs are pretty sane.

And the best part, it's being actively developed. And the UI is undergoing through lots of improvements. So if usability is your concern, it's getting better, and each release improves over the prior one...