Hacker News new | past | comments | ask | show | jobs | submit login
TOX – A New Kind of Instant Messaging (tox.chat)
138 points by nvk on Oct 7, 2016 | hide | past | web | favorite | 107 comments

So, what happens if I download the client on one of laptops/PCs (for example my work computer) use it to communicate with peers...And then i wish to setup the client on another laptop/PC (for example my home computer) to contact my same peer/friends...How does the overall network (I guess DHT?) know that "its me!" (the same "me"), and not a different/new peer? With a centralized system there was the concept of identity...but I just don't get how this would work here.

I'll admit I'm not a networking guru here, and I'm absolutely in favor of decentralized communications ...so my question above is not at all to knock on Tox; its me really wanting to know how the above scenario would play out...because I often need to bounce between a few different computers. Anyone know how this would work?

Side note: I am currently using matrix protocol via a synapse/matrix.org home server (using the chat client from https://riot.im/), so for any computer that I use/jump to, I'm represented by my home server (up in the cloud)...so that makes sense to me. I just don't get how jumping computers would work on Tox. Anyone know?

This has been the #1 reason that I havent convinced people to use tox yet.

I sometimes get up and walk away from a computer mid conversation, expecting to continue the conversation on my phone. It's the same reason I won't be using google allo. I need conversations to "sync" across mobile and PC.

I'm not going to sit at a desk all day chatting on my phone, and I'm not going to miss messages just because I went mobile.

I saw somewhere in a previous tox chat, that a possible solution would be a way to pin identities together (i say from desktop "this mobile is me" and from mobile "this desktop is me" and when they match, allow them to pair). And then send every message encrypted to both peers. If you have 5 devices linked, tox would behind the scenes send the message to 5 different destinations.

They havent done anything like this yet as far as I know.

> If you have 5 devices linked, tox would behind the scenes send the message to 5 different destinations.

I dislike existing systems that implement this kind of model since it is too easy for a ghost device to be getting copies of everything. My phone transitioning to different UX clients with notifications/verifications of transitions on its own UX is better.

I agree that I dont like that system (and may be the reason that it hasnt been done), but I'm not fully sure of alternatives either.

But, I dont think a client should transition from one to the other either. I often just get up and walk away from my computer with chats in the background. I wouldnt want to have to tell it to transition.

If you always have one device with you that you trust (your phone) then it can seemlessly transition to duplicating and accepting (some) content to other devices you trust less as you encouter them, in a temporary/renewing fashion. There can be lots of levels of convenience verse paranoia in that kind of system.

If you treat multiple devices equally (even when you routinely leave them unatended) then things quickly fall apart and no paranoia helps.

You could look at kerberos for an example of this style of loaning limited tickets for credentials.

Be warned, Tox claims to protect users from "governments", which is a huge claim.

Yet, it's written in C, it hasn't had a security audit, it does not publish a list of security risks and mitigations, and, regarding its roots in 4chan, see for yourself: https://github.com/irungentoo/toxcore/issues/1186

We're in the process of writing a specification (https://github.com/TokTok/spec) and new implementation in Haskell (https://github.com/TokTok/hs-toxcore). There is also a Rust implementation in the works (https://github.com/zetok/tox).

As for security risks and mitigations, I'd like to do that when we have a web presence with space for it. Right now, the web presence is fairly poor (http://toktok.github.io/). The specification contains some security risks and mitigations.

Rust seems reasonable, but why Haskell? Also why not improve current core while writing new implementation?

We are doing exactly that: we are improving the current core and at the same time modelling the behaviour in Haskell. The Haskell version does not do networking and only represents an executable model of the environment. We use that to test core functionality. See http://toktok.github.io/design/testing.

When I was thinking about contributing to Tox it was way too hard to find out its development is alive at all: https://www.reddit.com/r/projecttox/comments/4vmfhn/is_tox_d...

P.S. Now I see activity in new core repo,that's cool

Regarding security audit: my day job is developing high security software. I could do a formal audit, and it would take about 2-3 person-weeks, and be completely useless, because it would result in a huge number of trivial issues that need to be resolved before it could identify real problems. So instead of wasting time and money on that, I've decided to go and fix those trivial issues one by one, and once I'm a bit happier with the code, I'll have two other people do the formal audit.

What high-security software do you work on? With what methodologies addressing what risk categories?

I second this. A bibliography of some suggested reading - books, papers, etc. would be much appreciated if you have any.

List of security risks and Tox-ic (BDUM-KSSH) community are worrying, as is the lack of security audits.

As for the fact that it's written in C, GPG, Tor, Psyc, and many other pieces of security software that you trust are written in C. It's dangerous, but writing secure apps isn't impossible.

> It's dangerous

My point exactly. It's dangerous and if it's not paired with many good security practices, it's better not to advertise it as "protect you from XYZ".

from the FAQ: "How do I add someone to my contacts list?

Look in the profile or settings panel of your client to get your Tox ID which should look something like:


Yuk! I see this flaw so many products like this, just about anything p2p, blockchain addresses, commit ids, etc. I think there is zero chance of getting anyone who is not technology elite to adopt a product with UX that rotates around these untypeable/unpronounceable/immemorable identifiers. Why aren't Identicons(https://en.wikipedia.org/wiki/Identicon) or QR codes used more?

Choose two:

    Human-meaningful: Meaningful and memorable (low-entropy) names are provided to the users.

    Secure: Any entity in the system can act maliciously, including the majority of the entities or the available computational power.

    Decentralized: There is still only one, unique and specific entity to which a name resolves.

Zooko's Triangle is conjecture, and Namecoin has shown it to be defeatable, no?

Edit: Ah, I see; "including the majority of the entities" would exclude Namecoin from being a proper solution to Zooko's Triangle.

Interesting. So a NameCoin for QR codes would be progress?

ToxMe[1] seems to attempt to solve this issue by creating a public databases of emails and Tox IDs, though this defeats the object of the service being anonymous.

[1] https://toxme.io/

It's good that it is a choice you have though.

> Why aren't Identicons or QR codes used more?

Nothing stops you from turning that hash into a QR code (afaik Antox does) - but then how do you copy & paste it?

a common usage, if you're able to do in person meetings, is to produce and scan them with your smartphone. much better than spelling the whole fingerprint. this makes, for instance, gpg key exchange a nice thing finally.


This isn't a flaw, it's a feature. Whoever controls the phone book controls the keys to the kingdom. If the names are numbers generated by some cryptographic system, it is harder to subvert the system.

That still doesn't make a good idea to throw them at the face of the user.

You underestimate how alien "http://www.yahoo.com./" looked in 1995.

The difference is that there _is_ meaning to be found in that URL once you learn which standard boilerplate is ignorable. And once you know how to parse them, most web addresses are easy enough to remember. Random alphanumeric strings contain no human-parseable meaning and have no patterns to aid in memorization.

Once upon a time, we didn't have user names when communicating:


Bit ICQ numbers are a few digits, whereas a tox id is like, 32 characters

Right now I'm not really bothered about end-to-end encryption. If a government wants to track me, they will find a way. I'm more concerned about Facebook/Google/Microsoft/Apple tracking me, reading my private conversations, and selling my data to the highest bidder. I'd like an open source, decentralised messaging platform, that has good mobile apps.

Are suggestions?

"If a government wants to track me, they will find a way."

So just hand the data right to them?

"I'm more concerned about Facebook/Google/Microsoft/Apple tracking me, reading my private conversations, and selling my data to the highest bidder."

End-to-end encryption is the only solution to that problem. Open source software and decentralization is nice and all but to become a mobile app it'll have to be compiled and run on a closed platform and will almost certainly use APIs of that platform.

That's potentially a valid concern, but this attitude is why most people just use Messenger, iMessage, and WhatsApp etc.

I don't want something that is perfectly secure, I want something I can run on servers I control, so that every message I send doesn't go through, and be stored on, servers controlled by the big four.

TOX is a great example, as all the services like this try too hard to be perfectly secure, rather than trying to be user friendly. Most people just want something that lets them easily message their friends, and are willing to sacrifice privacy (quite possibly because they are oblivious to it) to have that.

Even OTR + ICQ/AOL/MSN Messenger were better than what we have now in terms of security and privacy, but people gave those up for simplicity.

-- "Open source software and decentralization is nice and all but to become a mobile app it'll have to be compiled and run on a closed platform and will almost certainly use APIs of that platform." --

That's not necessarily true. End to end encryption doesn't need to be a compiled mobile app or send messages over a closed platform.

We built a decentralized, open source, freely distributable, browser-based Twitter client utilizing end-to-end encryption at www.seecret.io specifically to address that.

I know this is a lofty goal... We need an open mobile platform.

Presently, mobile devices aren't (effective) general purpose computers. That must change.

riot.im [1] (which is based on matrix.org) seems a good, decentralized, open messaging app. They have relatively nice mobile apps and they promise to soon release end-to-end encryption based on the OLM [2] ratchet which is similar to the Signal encryption. In contrast to Tox, Matrix relies on federated servers. Tox is pure P2P which, in my experience, never works very well on mobile devices.

[1] https://riot.im/ [2] https://matrix.org/docs/spec/olm.html

> Tox is pure P2P which, in my experience, never works very well on mobile devices.

That's (UX) my biggest concern, honestly. UX is just too important, and it's becoming an increasingly fast moving bar. Simple things like hitting up arrow to edit your message, to more complex things like stickers and gifs, these are (unfortunately) requirements for me in my peer circles.

They sound silly, i know, but Telegram has (mostly) a great UX, and for such an important tool i can't currently give up features.. let alone convince my friends to likewise give up features.

(Fwiw, i love Matrix in design)

I totally agree. My hope is that because Matrix has an open protocol, there will be more competition in the client space which will lead (eventually) to good UX.

We (ZeroTier) do P2P on mobile just fine. I just randomly pinged my phone over a virtual network to check.

Granted it depends on how chatty a P2P system is and how much it depends on intermediate nodes for network assist. Ours is pretty idle when nothing is happening, so it doesn't impact battery life or bandwidth quotas very much.

The best design for a P2P network with more involved nodes would probably be to allow nodes to elect their level of availability to perform network assistance roles. Another alternative would be to build a network with two kinds of nodes: 'large' and 'small.' Large nodes could assist small ones.

It's a solvable problem. To some extent "you can't do P2P on mobile" is a dated idea that came from the era when phones were pretty tiny CPU and RAM wise, networks were slower, mobile OSes were more restrictive to background processes, and the battery cost of things like CPU and network I/O was higher. All these things have improved dramatically in recent (past 1-2 years) phone models. The iPhone 7 and the latest Samsung phones have near-desktop-class processors and radios have become more power efficient.

You do have to do a few things differently. One thing we do is to temporally group / quantize background I/O. Instead of sending packets whenever we feel like it, we do it in longer spaced batches when the network is otherwise idle. This saves a lot of battery power by causing the radio to only wake from sleep once for a batch of routine network traffic instead of waking constantly.

Thanks, that looks like it is what I'm after! I saw Matrix a few months ago but didn't realise there were mobile apps. Now time to get my friends on board...

I second that, so far so good. And the federation is cherry on top.

> If a government wants to track me, they will find a way

Things like OTR: https://en.wikipedia.org/wiki/Off-the-Record_Messaging Actually stops these people though, and is even labelled in some of the Snowden Files as being "Catastrophic" to their efforts. But you are right, if they can't get chat on you they can just target you inside the Internet and send a malware payload disguised as an update to your browser.

For high value targets yes, they can't really be safe but for avoiding mass surveillance it's good.

Maybe https://wire.com/ could allow decentralization someday?

Do you (or does anyone) know if the wire protocol is open source as well? I see from their website that some of the apps are...but not sure of the protocol...? Because if so, then "someone" could technically retrofit it to "allow decentralization someday".


That's from wire terms of usage: http://dump.bitcheese.net/images/nexikud/wire.jpg

Citations, please! I haven't heard that decentalization is a goal of theirs.

I think your distinction between gov't tracking and corporate tracking is misguided.

Tech that provably prevents one will provably prevent the other.

Look at cloudmask.com

Does it still use 1GB of network traffic per day when idle?

That's by design to keep connections with other peers.

That is a fundamentally broken design. There is literally no excuse for a simple messenger app to suck up a gigabyte daily. How do you expect people to adopt this when they have broadband and wireless plans with data caps?

I know nothing about TOX design, but it makes (to me, at least) some privacy sense to saturate the network with noise that is in message length, their interarrival time and recipient characteristics similar to the actual communication. No idea if TOX does that.

Aside from the data usage - that will suck the battery life from your devices as well

Some kind of throttle would be a good idea, in that case. A gigabyte a day is unacceptable for some of us.

To get back on this, this might be only the Windows client, just had latest qTox idling on Linux overnight and network data usage is 1.3MB.

Please forgive my ignorance, but it talks a lot about peer-to-peer conversations - how would that work if the peers are behind NATs or Proxies?

That works with UDP hole punching (https://en.wikipedia.org/wiki/UDP_hole_punching), and there is a branch with uPNP (https://en.wikipedia.org/wiki/Universal_Plug_and_Play) support. We still need to review that code carefully before accepting it into master.

I'm reasonably sure it does a UDP hole punch to do it.

Probably leveraging STUN servers https://en.wikipedia.org/wiki/STUN

It seems robust, but I do worry about the client. Has the client been audited properly? I hope the track record's not like Pidgin's https://pidgin.im/news/security/

That's too bad, pidgin is the only client I want to use, regardless of the protocol...

The new version is out, seems to be getting much better.


I tried an earlier version of a tox client. At that time, there were at least two competing clients that looked the same and did the same things. Is the tox civil war over yet?

But you realize that's like saying "Well, I tried IRC but there are dozens of competing clients that all do the same thing."

The Tox protocol is really the core tool. As long as the protocol is well-defined and maintained, I think developers should be free to make whichever clients that they want.

I used tox ages ago, and I used the Blight client or whatever it was called, and I liked it pretty well.

I think a bigger issue is convincing people to use it in small groups. My whole team is just fine using Mattermost/Hipchat/IRC and the majority of them don't see the need for something like this.

In this case, it's not like saying anything about IRC chat clients or Hipchat or whatever your team uses or develops. The clients really did look and behave the same. There was so much overlap between them. Not exaggerating this point.

I had a similar experience and it seemed like they were both being developed by the same core group(s) dividing their time between both (again, my perception) which was confusing as they were very similar.

I think it'd be nice if the tox.chat domain would link to just one tox client implementation in the downloads section.

The preliminary plan is to deliver a high quality implementation of the Tox protocol and then deliver a high quality client. I personally don't have time to do both, and the team has very limited resources. The most actively developed client is currently qTox.

You did an incredible job, ignore all this trashing.

I'm not trashing or at least wasn't intending to. I see how it could have been interpreted in that way, though.

Looks like no, there's uTox and Toxic - can't get Toxic to run.... so maybe?

Strange choice of screenshot.

I've been a private beta tester for an iOS client for Tox called 'Antidote', and I can speak for its quality. I will not pretend to be an encryption or security specialist of any form however.

What makes this better than Signal for texting?

Signal still relies on Google Play Services, which is an issue for many people (see GitHub issue #127, #1000, #1106, #5450 etc....)

I was mad disappointed by signal. Not only does it require google play services, it also asks for about two dozen privileges on your phone. Not a great look for a privacy oriented app.

Moxie doesn’t consider that kind of privacy important. Governments listening to you is irrelevant, and third party clients are something he actively tries to prohibit.

His position is that it’s better if everyone gets a little safety, than if a few people get full safety.

Those "compromises" has caused me not to trust him/Signal. Seeing the collaboration for E2E encryption being used at Facebook and Google chat solutions as "opt-in" as a marketing tool doesn't break that distrust either.

> and third party clients are something he actively tries to prohibit.

It's a solution that probably makes sense if you try to solve the problem from within the gilded cages of Google/Facebook/Apple, but it is a kind of exclusionary thinking that to me goes against the spirit of open standards and user freedom on the internet.

"that kind of privacy". So which 'kind' of privacy does it try to improve on? I've been thinking of switching to a different application for messaging and Signal came by a few times but I don't know a lot about it. Would you care to elaborate?

Moxie tries to provide privacy that protects everyone against the normal police, or hackers, or other adversaries – but it does and can not provide any protection against the NSA, or the FBI, and is not intended to do so.

Ah I see, thanks for clarifying that to me :-)

Signal requires you to use your phone number.

It may surprise some to know that this started as a project of 4chan's /g/ board

It may surprise less of us than you think ;)

A new kind of more of the same oh no not another bloody chat client wait i'm going to write a wordpress clone.

New? It's anything, but new!

Could someone please write a summary on what has changed in Tox project over last year?

Seems like XMPP is still a viable option.

Not so much on mobile phones.


Still no contacts sync?

This is a much wanted feature, and I have long term plans to solve this issue together with a lot of other issues using a distributed data store (file system, database, whatever you want to call it). See https://toktok.github.io/roadmap#distributed-file-system (milestone 9). More realistically, i.e. in the nearer future, milestone 4 (https://toktok.github.io/roadmap#optimisations-for-mobile) covers a simple multi-device feature.

GrayHatter has implemented a prototype and will deliver a design document for the full implementation likely by the end of Q4. It includes profile and contact sync as well as message history sync. If we follow the intended timeline, that feature would likely land somewhere in 2017Q1. uTox and qTox have preliminary support for the prototype.

You and everybody else are invited to review the proposal when it comes out. Be sure to follow the issues on https://github.com/TokTok/c-toxcore/issues. You are also invited to join #toktok on Freenode to bounce ideas around.

Offline messaging will be partially solved by message log sync, as mentioned in milestone 4. The idea is that if you have a desktop computer at home, you could sync the message from your phone to it, and the desktop computer will deliver the message to your friend when they come online. It could be that your desktop syncs with their desktop at some point, and later their desktop syncs with their phone which is the actual delivery. In any case, this solution requires at least one of your and their devices to be online at one point. So far, we have shied away from storing large amounts of data in the network itself. I think the described solutions are sufficient for a large group of users. Federated (email-like) server-based (still distributed, just not p2p) solutions could be used for the remainder.

It's open source, they take pull requests and donations.

What makes you think that parent has the knowledge, ability, and time to do this task?

I see this "it's open source, make pull request" type of comment quite a lot but don't understand how you'd know if the person you're saying it to could do it. If not, it's kind of a dick move, isn't it?

> What makes you think that parent has the knowledge, ability, and time to do this task?

Okay, what about money? They also take donations.

> I see this "it's open source, make pull request" type of comment quite a lot but don't understand how you'd know if the person you're saying it to could do it. If not, it's kind of a dick move, isn't it?

No. Trying to make people feel bad for not wanting to work for free, is what I call a dick move.

The way the feature was requested, come across as a dick move and very self entitled. The least the parent could have done is added some niceties or some reasoning in more than 4 words when asking something for free.

I know, people make the "I'd use it but for this feature" comment all the time. But I believe they do it without thinking rather than with the intent of being unkind. The "... pull request" is almost certainly knowingly mean spirited. (Even if true.)

Edit: here's a possibly better response than the "do it yourself" response:

XXX is a free and open source project. That means the developers put in the majority of their time on the issues that they want and enjoy coding the most, even if other good features are left out. If you're unable to help out with coding yourself, you could look through the open and closed issues and see of others have thought about your feature request too. If an open issue exists, a short "while I don't have the ability to code this, I'd like this feature too," added to the list would let the developers gauge interest and may sway someone into giving it a try. Thanks.

Edit 2: It's a bit long. This sentiment but shorter.

Put your profile in your Dropbox/Seafile/Whatever Sync Folder and use it with all your clients.

I did this once and ended up with corrupted profile.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact