Hacker News new | past | comments | ask | show | jobs | submit login

Be warned, Tox claims to protect users from "governments", which is a huge claim.

Yet, it's written in C, it hasn't had a security audit, it does not publish a list of security risks and mitigations, and, regarding its roots in 4chan, see for yourself: https://github.com/irungentoo/toxcore/issues/1186

We're in the process of writing a specification (https://github.com/TokTok/spec) and new implementation in Haskell (https://github.com/TokTok/hs-toxcore). There is also a Rust implementation in the works (https://github.com/zetok/tox).

As for security risks and mitigations, I'd like to do that when we have a web presence with space for it. Right now, the web presence is fairly poor (http://toktok.github.io/). The specification contains some security risks and mitigations.

Rust seems reasonable, but why Haskell? Also why not improve current core while writing new implementation?

We are doing exactly that: we are improving the current core and at the same time modelling the behaviour in Haskell. The Haskell version does not do networking and only represents an executable model of the environment. We use that to test core functionality. See http://toktok.github.io/design/testing.

When I was thinking about contributing to Tox it was way too hard to find out its development is alive at all: https://www.reddit.com/r/projecttox/comments/4vmfhn/is_tox_d...

P.S. Now I see activity in new core repo,that's cool

Regarding security audit: my day job is developing high security software. I could do a formal audit, and it would take about 2-3 person-weeks, and be completely useless, because it would result in a huge number of trivial issues that need to be resolved before it could identify real problems. So instead of wasting time and money on that, I've decided to go and fix those trivial issues one by one, and once I'm a bit happier with the code, I'll have two other people do the formal audit.

What high-security software do you work on? With what methodologies addressing what risk categories?

I second this. A bibliography of some suggested reading - books, papers, etc. would be much appreciated if you have any.

List of security risks and Tox-ic (BDUM-KSSH) community are worrying, as is the lack of security audits.

As for the fact that it's written in C, GPG, Tor, Psyc, and many other pieces of security software that you trust are written in C. It's dangerous, but writing secure apps isn't impossible.

> It's dangerous

My point exactly. It's dangerous and if it's not paired with many good security practices, it's better not to advertise it as "protect you from XYZ".

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact