Hacker News new | past | comments | ask | show | jobs | submit login
Tox: secure messaging for everyone (tox.im)
340 points by NotUncivil on July 29, 2013 | hide | past | web | favorite | 199 comments

Oh, I see you helped yourselves to my Secure Chat logo -



https://www.google.ca/search?q=secure+chat+logo - first page hit too

Not cool at all, "cool guys around the world".


(edit) Regardless of whether this was copied, over-inspired or independently conceived (but let's be realistic here), the generally accepted rule of the game is that the first to the finish line gets to keep the logo. I don't make my living with logo design, but I did kill a week of sketching, refining and re-balancing on this one and I do happen to like it a lot. For what it's worth, I wrote a P2P VPN system in the past (called Hamachi) and I am involved in p2p and crypto domains in general. So I expect you to extend some professional courtesy, change the logo and close this matter in an amicable matter.

Honestly, I don't see the concept being so unique and original that someone else couldn't have come up with it independently, and frankly the Tox logo has a much nicer balance (in the Tox logo, the person/keyhole works much better, whereas in yours it doesn't really work as a "keyhole" in my opinion) than the versions you linked.

EDIT: The logo was originally made in /gd/ (4chan's graphic design board), and since the board is archived I managed to track down the thread it was made in.

Here's a somewhat different version that people were playing around with at first (which also featured a lock, a speech bubble and a keyhole doubling as a person):


Then someone thought about moving the speech bubble to the keyring here:


And then after some iteration they got to the current version:


Strong disagree. That was a clever logo and one I hadn't seen before.

Whether or not you "strongly disagree" doesn't change the fact that it was created independently by other people as well, evidenced by the third comment in one of the links latitude posted (http://logopond.com/gallery/detail/165288) and in archived threads where multiple people came to the current design on 4chan's /gd/ that Daiz posted.

As I said in the (edit) of the original comment, the originality is secondary to the timing.

When you finalize a logo, you typically run a quick due diligence (a Google search) to see if you reinvented a wheel. If you did, you scrape it and start afresh. Tox didn't do that and they should've.

Except, you run that check to make sure your not running afoul of someone's trademark restrictions/ using a logo associated with an existing brand. (Which, unless I am missing something here, they are not.). They should have run it, but just because they found your result doesn't mean they had to scrap something they (allegedly) did themselves.

If they came up with it independently(a very legitimate question given the similarity of the --- very nice by the way --- logo, but one they seem to have evidence for) then there seems to be no moral problem or even a legal issue.

You're basically claiming "I thought of it first, there for it's mine" which is both legally wrong in the US for copyright(independent creation is a defense) and morally bullshit in the same way that Amazon's one click ordering patent is.

> Your basically claiming

I am not claiming this, this is how things work in the logo design industry. There are of course copyrights, trademarks and legal matters, but there are also professional ethics. Ideas and concepts are getting recreated all the time, that's life. But it's also why people post sketches and ask if anyone has seen anything similar, only to discard them and move to another concept.

You don't actually seem to be using the logo anywhere, though. On your site you write that "I had (have) plans to write an Instant Messenger client with proper support for privacy. This was the logo concept for the project"[1], but this project does not actually seem to exist (at least not in any public manner).

As such, why not just leave the logo of Tox in peace? Especially since it's a FOSS project with noble goals (even if they have yet to reach those goals, which is not surprising considering how early in the development the entire project is) and not some commercial entity intending to profit off of it.

[1] http://swapped.cc/#!/logotypes

> As such, why not just leave the logo of Tox in peace?

I have plans for it. It wasn't just an idle doodle.

Many people make plans, few carry them out. You posted that March 21, 2012. Now, 1 year and 4 months later, someone apparently independently created a similar logo and is actually doing something with it, not just planning to do so. If you do something with it as well then great! I don't see what the big deal is.

And I'm quite sure that the logo's in the link below are intended to be used or are IN use. So, tell me, why are these companies with many highly experienced legal advisers not fighting eachother over a logo?


You can trademark using a round M for burgers, but that doesn't get you the trademark for banks. Witness Apple Records and Apple Computers.

In this case, the products/ideas are straight-up competitors.

Only Apple go so far as to take such petty things to court. Most of their law suits can be generalised as "It looks similar from this side of the room"

I think I'm safe in assuming when you say "Only Apple" you mean Apple Computers. However, it was actually Apple Records who sued Apple Computers, not the other way around.

Yeah, I get the two confused all the time.

Oh wait

A pre-binary of an existing project and an idea that you had that you've conveniently been sitting on for a year are very different things.

This isn't competition. It's complaining on a professional level.

Using your logic, we can conclude that no one should be able to use the wheel, because at some point in the past someone else invented it?

I'm not invested in this issue enough to argue about it. I look at a lot of systems like this and was struck by the novelty of the logo, is why I commented. Take that for whatever you think it's worth.

If you aren't invested, how can you open with "strong disagree."

Seems like you're invested up to the point when you're wrong, which is a pattern I've observed on this site in general.

Incidentally, your anecdotal "feelings" about whether something feels original or not make for a pretty weak argument.

If you extrapolate my comment into points I wasn't trying to make, I think you'll find those arguments very easy to tear down. If that's a productive exercise for you, be my guest.

I don't really see the straw man here, but my larger point wasn't about this particular argument at all. Just the fickle commitment to the discussion.

I strongly disagreed that the concept was't unique and original. I'm clarifying though, not trying to give you flak; like I said, I don't much care about this leg of the thread.

It's saddening that so much of the thread is spent dwelling on this issue. I'd love to hear your take on the actual crypto at play here, if you have time for a critique?

Why should people invest past the point of being wrong? If someone proves you wrong, you should change your mind, not keep arguing just to save face.

I like admitting that you are wrong instead of saying "meh I didn't actually care about this."

I like admitting you are wrong too.

haha you got me :)

People invented calculus independently at the same time.

That was before the internet.

Cool story bro. However, these links seem to prove GP's claim: that his design has priority.

Those time stamps are from 2013, much later than parent's links from 2012, or am I missing something?

you are missing nothing. But you can also see the development of the logo into what it became. There were also many doodles and whatnot in threads for weeks before this logo was developed.

Where are my subs for RnL S2, Diaz?

Still his work. So flagged.

An hour in, a complaint about icon-plagiarism-via-anonymous-bikeshedding-session is still the top comment on HN for a software project with ambitious technical goals. That in itself is a strong argument for doing one's own work and creating original icons. Assuming for the sake of discussion that Tox is or could be a technically superior solution, do they really want that obscured by this sort of extraneous bullshit?

EDIT: and now I remember where I've heard that name before, as well: http://testrun.org/tox

Perhaps a rebranding effort is in order? That sort of work seems to be right up /g/'s alley? Google is your friend!

It'd be nice if HN allowed us to collapse entire conversations. Maybe with a TL;DR summary.

[+] [137 messages] "Bunch of people arguing about logo copyright & design for an open-source project."

>It'd be nice if HN allowed us to collapse entire conversations.

There's a whole bunch of extensions/plugins/userscripts for HN out there, including ones that implement thread hiding. I personally use Hacker News Enhancement Suite for Chrome.

Hacker News Enhancement Suite Hacker News Enhancement Suite Hacker News Enhancement Suite ?

Hey, that's a great idea! Now excuse me while I come up with it independently.

You better trademark/patent/copyright that idea right there before somebody does it and "steal" your precious work :)

Agreed. Though it's a Litmus test of how willing they are to cut corners. Imagine having this discussion if it were Linux kernel.

TOX is just the project name. The product name is yet to be decided.

This is still a pretty heavy argument about it on the 4Chan threads.

>This is still a pretty heavy argument about it on the 4Chan threads.

The only reason that occurs is because all the non-technical lurkers want a way to contribute.

Maybe they should do just what I'm doing.

Sit in the thread monitoring progress. Then congratulating progress when it's made.

Or, if they want to contribute without causing arguments. Go upvote this on Reddit, WOT, Twitter, and whatever else in a way which won't cause a shitstorm in /g/.

tox = talks because tox sounds like talks.

Neither of you guys invented these concepts:

1.) Using a padlock to represent computer security.

2.) Using a cartoon chat bubble to represent a way to chat on your computer.

3.) Using a little oval on top of a bigger oval to represent a person.

Is it really that much of a stretch to combine the three? I would think that this concept would be pretty standard output from someone with even a moderate amount of visual communication skills.

It's a rather simple visual sentence and I can easily imagine quite a few people having come up with this concept.

Please realize that both logos are built on top of an already existing visual language and that neither of you are really all that original to begin with.

I don't think this argument is very powerful. If two authors come up with exactly the same sentence, no one would dismiss the coincidence on the grounds that "both sentences are built on top of an already existing language".

What matters is how similar the precise combination of visual elements are in the two logos.

Yes, it is possible that they were created independently. However, after looking at the "evidence" provided by Daiz, it seems more likely that an anonymous channer borrowed the design without crediting it.

"Today I went to the grocery store and bought a few bananas."

"I just got back from the store. I picked up some bananas while I was there."

Both sentences say the same thing. No, they are not completely the same, but neither are the logos in question.

If you want to talk about precise combinations of visual elements, there are LOTS of differences.

Look closely at the logos. The Tox logo makes the person more like a keyhole. The Secure Chat logo uses something more like a natural human silhouette. The ratios of the arc to square are different. The spacing is different. There's a bunch of differences. Frankly, my eye appreciates the the layout and design of the Secure Chat logo... the weights of the Tox logo are a little off... I DO really like the keyhole/person combo, though! So each design has its merits.

The only similarities are the padlock, the chat bubble, and the person.

Just like how in my textual sentences the only similarities are "store", "multiple bananas", and "at some point today".

The point is, the two sentences, one textual and the other visual, both "say the same thing" and are made up of "the same concepts" and "predefined elements of language"... and neither should be considered plagiarism or even that unique to warrant talking about originality...

It is combining previous ideas together exactly as all those ridiculous patents we complain about do. I never understood why the programming/hacker community was so against designers being inspired by one another (even if that wasn't the case here) but yet so outraged at the ridiculous patents.

On your second link someone posted "it's funny...i came up with the exact same mark a few months back and presented it to a client. Almost uncanny how close it was to this."

Perhaps the person who made the logo for this project had the same idea as this commenter.

Maybe he was "the first to the finish line." It all goes to show how silly this is. If there was two finished projects with such similar logos, that would be a real problem.

Disclaimer: I am in no way affiliated with this company/person.

Is it possible that they simply had a similar idea? It doesnt appear that they lifted the logo as is. Look at the person in their logo; it looks quite different (it doesnt stop at the shoulders like yours does). Other things are also slightly different. These differences lead me to believe that they at least made their logo by hand. Now if it was inspired by yours i dont know. To be fair, that google link does NOT show me your logo anywhere on the page. Furthermore, I tend to go with the principle of Hanlon's razor[1].

[1] http://en.wikipedia.org/wiki/Hanlon's_razor

I think this is a matter of coincidence. The lock and chat bubble leads itself to a familiar look. I'm pretty sure you aren't the first person to think of such a concept, and neither are we.

Besides, the icon was made by an anonymous person so it's not really like we can blame anyone.

Besides, the icon was made by an anonymous person so it's not really like we can blame anyone.

Isn't that convenient?

Because we made this project just to violate copyright. Sure thing.

I think their point was that the person who made the icon is anonymous, so it's harder to blame and therefor benefits you. Not that you had that goal in mind to begin with.

I understand that. It's still a ridiculous claim.

If you don't know the identity of the person who created your logo, how can you be sure that they didn't steal it?

Sounds like you know a lot about this. Maybe it was you all along then. Just confess and save us all a lot of trouble.

We definitely did not steal. People were making mockups for weeks.

It is OK. However if you are making a community project you should definitely change your logo to be distinctive of existing projects. Please fix. The original project expressed their desire to be visually distinct and it would be very nice of you to respect their wishes.

This will remove the unnecessary distraction for you. Note that this is not without precedent. Mozilla renamed Firebird to Firefox because of the community's opinion.


What existing projects?

The project that Latitude[1] was talking about. I am not saying you are legally obligated to do something (IANAL). I am just saying it is common courtesy.

Trust me. The logo does not make or break your program.


As far as we know, said project only exists in latitude's mind, and the only public information about it is that he may or may not still have plans for a "secure chat" program. I'd be hard-pressed to call that an "existing project", since for all practical purposes, it isn't.

You are asserting a made-up argument. Having an active public project behind a logo is not a necessary condition for not re-purposing the logo for another project. This particular concept just happens to be taken.

Every good logo is trivial in retrospect, it's finding a strong concept that's a bitch. I looked at /gd/ thread and virtually all of it revolves around shaping a keyhole this way or that way. Then suddenly someone says - "Here, done". Turning an empty space into a chat bubble requires a step up, it's an altogether stronger and more complex concept. It is possible that another person came up with it independently, but also consider that with all the variety of secure messaging apps no one had thought of it before 2012. It's not an easy concept to stumble upon.

(edit) This is getting meta. It is plenty obvious that Tox fellas think they are in the clear and it's OK to recycle an existing logo. I think that it's not. That's hard to reconcile.

>Re-purposing the logo >recycle an existing logo No-one is re-purposing the logo. You are going out of your way to make it seem as if they have literally stolen your logo, when in reality, they have a similar design that is not a copy.

What's the difference between what you're doing and domain squatting apart from the fact that we're dealing with a logo and not a domain name?

Just came here to say thank you for Hamachi, many hours of multiplayer Worms Armageddon were had thanks to you.

>the generally accepted rule of the game is that the first to the finish line gets to keep the logo.

Respectfully disagree. The generally accepted law is clear enough, as I understand it: that you have (automatic) copyright over your own design work, but not your idea. (Bad Analogy: I am free to make a for-profit game about flinging red birds at pigs, but I can't use Rovio's code or the Red Bird graphic) If you work as a graphic designer, you need to understand how this impacts on your work.

If you wish to protect your design any further, you need to specifically register a trademark to prevent confusion between businesses in the same industry.

It's clear that they haven't copied your design - the appearance of the work is quite different - and besides it seems plausible or even likely they came up with the (very nice) idea independently.

This is also important to understand for people hiring graphic designers for freelance work - in the UK at least, the designer maintains the copyright for commissioned work unless contractually agreed otherwise (even though the business can still trademark it). In theory, the designer can later prevent you from repurposing one of their designs. For example, if you later decide to start selling merch for your brand, you may have to renegotiate with the designer.

Edited to carefully note: IANAL, take this as advice at your own risk.

Further international edit, from wikipedia, emphasis mine: The United States, Canada and other countries also recognize common law trademark rights, which means action can be taken to protect an unregistered trademark if it is in use.

The legalities of this are very clear-cut.

1) Intellectual property laws state that the TOX project is not infringing on any copyright unless it directly takes assets from your logo. As you can plainly see, the TOX logo was created from scratch. 2) Even if intellectual property laws did work that way (again, they don't) it's also incredibly obvious that the TOX logo concept was arrived upon totally independently of your logo.

You have no legal ground to stand on in this regard, and a shaky ethical ground considering that you somehow think you're entitled to exclusive rights to this really quite generic idea. ESPECIALLY considering you've been sitting on this idea for well over a year - as far as I know, there's no risk of this project being confused with an existing brand or idea, and there are no actual pieces of software that use this logo.

I'm sorry that you feel like this TOX logo has violated your 'generally accepted rules'. Perhaps they aren't as general as you assume?

> As you can plainly see, the TOX logo was created from scratch ... the TOX logo concept was arrived upon totally independently of your logo

It is far from obvious. Linked posts show how they were stomping around a simpler logo for a long time busy with minor adjustments until someone posted a much improved logo, which just happened to be almost identical to the OP's. That was not an evolution.

But even that aside, you are viewing this situation all wrong. "Legalities", "legal ground to stand on", etc. The way Tox handled this is nothing short of peeing in a community pool. How do you envision Tox replacing Skype if the project leadership can't handle a simple dispute over a logo in a civilized manner? Look at latitude's creds, they should be wanting him on their side, but, no, let's mix him with a barrel of shit, because he dared to suggest that /gd/ might've ripped his work. Right on.

Dared to suggest? The words 'oh, I see you helped yourselves to my logo' are the unhelpful ones in my opinion. Also, the fact that this post was here, in a public forum, rather than directly attempting to contact the TOX authors on their IRC channel.

Even so, demanding that a FOSS project (with extremely limited resources) scraps a perfectly fine logo and starts from scratch just because a similar logo exists is simply not a reasonable demand.

Suggest you can, but I disagree on both points. The more I look at both logos the clearer it becomes that it's a blatant rip.

Given the 4chan "culture" both you and I know what the answer would've been if he'd go via the private channels.

All I see here is "Hey, guys, I'm kind of a big deal and I made a logo like this that I don't use, so you should change yours. I'm kind of a big deal, guys...".

Why not donate this logo design to the project and close the matter in an amicable manner?

Very nice logo by the way. Took a second glance to see the speech bubble at the top but once you do it's beautiful.

Did you trademark your logo in any way? If not, your claim has no legal ground.

I actually wouldn't be surprised if it was independently conceived - When http://identity.com designed their first logo they found out both Stide's iD gum and one other company (That I can't recall off hand) both had the exact same logo - Not just insanely similar as in this case - but the exact same.

Either way - hope you and Tox come to an agreeable solution. For what it's worth I like your spin on it better :-)

hamachi kicked ass :D

I still use it to play Terraria because its creator never fixed the multiplayer (which by the way if you play will be updated very soon with lots of new content).

This is certainly a crucial point to make here, a fact which immediately won empathy from me

Both your logos might look nicer if the avatar moved up and to the left to make the chat bubble look more like a chat bubble.

Then it would not look like a keyhole. :(

Maybe it was just a coincidence..?

Nice logo by the way.

It's a great logo and it's a shame it was stolen.

Stop being a baby. Someone even commented on your post that they had the same idea months ago. But instead of whining about it, he shrugged it off and said "Great minds must think alike."

The current Tox logo wasn't even the first proposed logo with the chat bubble/padlock idea. There were a lot of other ones. People were taking the idea from other logos and improving it. That's innovation.

You weren't the first one to come up with the idea; and even if you were, that doesn't give you exclusive rights to it.

Grow a pair and show some "professional courtesy" yourself by not giving a fuck.

It came from the 4chan side.

It being what?

The first hit off google seems to come from this site... http://whysocreative.com/2013/04/07/10-most-creative-black-w...

Are you associated with them?

How could these guys have known it was "yours" ?

Tox aims to be a secure replacement for Skype.

There's several other similar projects, but they are usually hard to set up and use for an average user.

Tox is FLOS software developed by community, and currently licensed under GPLv3. We are considering changing the license to something more permissive, so it would be possible to put it on the App & Win8 Stores.

Currently, it is in really early stages of development. But we already have basic IM, and nCurses interface. We use NaCl library for encryption and will probably add FFmpeg for video.

We are working on a cross-platform GUI using Qt5. Please note that the screen-shots on the main website are only mockups, and (in my opinion) should have been labeled as such.

Since the website is down, here's some links:

Subreddit: http://www.reddit.com/r/projecttox/

Core code: https://github.com/irungentoo/ProjectTox-Core

Qt GUI code: https://github.com/nurupo/ProjectTox-Qt-GUI

Website code: https://github.com/stal888/ProjectTox-Website

IRC Freenode chanel: #InsertProjectNameHere

I'm surprised you guys don't use OTR for secure text chat that will interop with other OTR text chat clients.

You guys should really look into the WebRTC project ( http://code.google.com/p/webrtc/ ) so you don't re-invent the wheel with video conferencing with just raw ffmpeg. You could also make web browser clients in the future possibly. It takes quite a bit of QoS and other work to make video conferencing work right! Take advantage of the PhDs that google & co hire and re-use their full time jobs!

Congrats on the progress made so far. I'm eager to see how things shape up.

Would love to see a community project analogous to this one develop in the e-mail space since too many users find PGP to be cumbersome, despite some very nice implementations. Bitmessage and I2P's bote are both very interesting, but the prior project needs more experienced security people working on it (and some serious refactoring), and the latter suffers from the perceived issues of the "darknet" (not an issue for me, but...).

Would love to see a community project analogous to this one develop in the e-mail space since too many users find PGP to be cumbersome, despite some very nice implementations.

We're on it! https://parley.co will be entering pre-beta later this week. Maybe not technically a "community project" because it's being built by a company that is at least partly motivated by profit, but the whole thing is BSD-licensed so people can do whatever they want with it.

Great! Yeah, community would be ideal but a small company like yours is definitely wonderful, as well. As long as it's open source, it's fine by me.

I see you're building on PGP, which has been historically confusing for non-tech folks, but I look forward to see what you've come up with to counter that confusion.

A couple of issues:

1. Not sure if you'll be using the same server/TLS cert for your actual web-based e-mail sender, but I got a giant warning on Android (Kindle Fire running Chrome for Android) about the certificate being invalid. It's probably the fact that you need to host the intermediate certificates on your site (i.e., the chain of trust is "broken"). If you are hosting them, then it might be this issue: http://www.unrelatedshit.com/2011/10/21/positivessl-not-work...

2. Again on the https, have you considered upgrading to TLS 1.1, or 1.2? You'd be able to offer ECDHE for forward secrecy, among other advantages. But you may have reasons for sticking with 1.0.

3. Are you vulnerable to SSL stripping attacks, like Moxie Marlinspike proposed? You are redirecting http requests to https.

Again, you may not be using this server for your actual registration, but just fyi.

One more suggestion: you may want to simplify the pricing. Do you really need 6 different categories? I'd try to eliminate at least 1, and ideally 2 or 3. Three categories may be the sweet spot (I think there's actual empirical research underlying this, but don't have time to search for citations). For a (non-scientific) summary of this, see: http://thinktraffic.net/most-common-pricing-mistake

Good luck, and feel free to e-mail me at my username @ gmail if you need a beta tester.

Thank you very much for the feedback! We won't be using the same server/cert for the API (though it does make calls to the API for registration), but have had to move the website server around a couple of times already since setting up the cert and it's likely that I cocked something up. I'll look into it ASAP.

We are going to simplify the pricing, at least for the time being. Our beta is going to be more of a pre-beta, and completely free. Supporters will be able to pre-purchase a professional plan at less than half price, but otherwise we still have a lot of kinks to iron out before we feel comfortable charging for Parley (details will all be announced Thursday).

If you want in on the pre-beta, you can either sign up for the mailing list or check back at https://parley.co on Thursday :)

I don't see the point of changing to a more permissive license just to get on the iOS and WP8 app stores. Those devices are all compromised to begin with.

When trying to create a secure network, you're constantly going to be dealing with tradeoffs between enabling communication, and ensuring you can actually talk with people.

You're right that iOS isn't a completely secure OS.. But using a secure app on iOS is better than using regular SMS going through AT&T.

Perfect is very difficult to achieve here- Most PCs have nonfree a BIOS, and even then, many CPUs can be updated by encrypted updates from the manufacturer.

It very well might be possible to ensure that your machine isn't vulnerable... But you're not going to have many people to talk to.

I think the tradeoff for having an iOS app is worth it. It puts the users of the iOS app (and those talking to them) a bit more at risk, but doesn't compromise the whole network.

Let them make that tradeoff. It's better than talking to an empty room.

False sense of security can be even more dangerous.

Network effects. Even if my friends' iPhones are "compromised", if I can get them using the same messaging protocol, then that messaging protocol is more useful on my "non-compromised" device.

If we went with your way of thinking, most of my friends would never use Tox, thus making it useless to me, thus meaning I'd have to use a non-end-to-end-encrypted messaging protocol such as SMS or Facebook Chat.


I use a mac, and if it's compromised, I'd like to stop using it.

>We are considering changing the license to something more permissive, so it would be possible to put it on the App & Win8 Stores.

I'd consider changing the license for other reasons. What is the GPL getting you? If your desire is to have the most people using this software to increase security, you should follow openssh's lead and use an actually free license, or even public domain.

So this appears to naively use DJB's NACL/crypto_box construction, which is a curious choice given the existence of OTR for messaging protocols which would handle things like session key negotiation and provide deniability.

First, If I'm reading the source correctly, they are doing public key encryption for every message. Which, ok, DJB was a fan of at least for DNSCurve, but is generally regarded somewhat dimly for efficiency reasons. So I guess this puts them on one extreme of the Bell Curve or the other. I wonder which?

[EDIT, removed point about nonce's in handshake]

Funnily enough, at first glance it looks like they covered at least some of the obvious issues: they do at least attempt to authenticate the session key and the crypto_box's use of a Nonce prevents replay and re-ordering attacks.

How do they handle video chat? Crypto_box won't work there naively sense packets will get lost and the nonce's won't be in sync.

> Nonce's are "Numbers used ONCE", they 1) don't need to be secret and 2) ARE NOT encryption keys.

We know.

Putting the nonces in the handshake along with the session public key was simple.

In the NaCl docs it is advised that if you can keep the nonces secret that you do so.

Out of curiosity, why not use OTR for messaging?

Probably because OTR only works when both parties are online at the same time.

Edit: that said I haven't looked at their solution. Maybe it has the same issues. Or worse.

Looking at their crypto code, it appears they assume both parties are online. There is a two way hand shake for key negotiation.

My guess was they wanted to handle things like video chat and file transfer that OTR doesn't handle. But at least for video chat, I don't think it NACL will work out of the box either


* Lossless UDP? Is there a reason not to do TCP?

* There is no way to know if the public key is genuine, so the system is very sensitive to MITM.

* The key exchange is inadequate. Why not do DH if it's just to have session keys?

* The system is very easy to brute force as the acknowledgement is based on a known plain text. This is very bad.

A quick glance at https://github.com/irungentoo/ProjectTox-Core/blob/master/co...

I found a potential buffer overflow at line 143. If an attacker sends a large file, what happens?

Making crypto software is not just a question of wrapping a crypo lib (in that case NaCl) with a GUI. There are some tricky security issues as how you use the crypto.

>Lossless UDP? Is there a reason not to do TCP?

Hole punching.

>There is no way to know if the public key is genuine, so the system is very sensitive to MITM.

If you want to add someone you need their public key (their id) which is 32bytes (It's small because we use ECC instead of RSA). Unless someone somehow replaces the key (your id) when you give it to your friend the system should be secure.

>The key exchange is inadequate. Why not do DH if it's just to have session keys?

The key exchange is designed that way because we want forward secrecy.

>The system is very easy to brute force as the acknowledgement is based on a known plain text. This is very bad.

Can you please elaborate on this. If you are speaking about the the second part of the crypto handshake I can assure you that the fact that the plaintext is known is not a problem.

>I found a potential buffer overflow at line 143. If an attacker sends a large file, what happens?

The function read_packet is hard coded to never return something bigger than MAX_DATA_SIZE.

Your answer raises my eyebrows even more.

I ask why you don't use DH and you answer "because we want forward secrecy". DH has been designed for perfect forward secrecy. Therefore I fear we might have some sort of misunderstanding here.

You don't want to permit known plain text attack as "in depth defense" approach. If there is ever any weakness in your software, you want to make it very hard to exploit it. Known plaintext will make exploiting weaknesses in your PRNG very easy for example.

As for your last comment... If someone ever changes the behavior of read_packet, you're dead. So I'm sorry, but you have potential buffer overflow. Think in 4 dimensions Marty! :)

DH wasn't designed for forward secrecy.

True, my usage of designed was a little bit liberal here. Mr. Diffie is one of the authors of the first paper to introduce the concept of PFS, but the DH key exchange algorithm hasn't been designed for PFS but rather for 0-knowledge key exchange.

Nevertheless, I stand by my remark regarding the pertinence of DH in that case.

DH is also not a zero-knowledge key exchange algorithm. I think what's confusing you is that DH (a) is a useful building block for forward-secret protocols and (b) generates secrets that often require zero-knowledge proofs.

I'm not sure what paper you're referring to but wouldn't be surprised if Diffie's name was on one of the first "forward secrecy" papers; that stuff is/was kind of Whit Diffie's beat (not "privacy" per se, but the higher-layer implications of public key cryptosystems). But Diffie-Hellman predates any formalized notion of forward secrecy by something like 20 years.

DH is zero-knowledge in the sense that the two peers have no knowledge of each other, and yet share a knowledge at the end.

Again, I admit my word usage is a little bit liberal, but although I haven't done serious crypto for a couple of years now, I have the strange feeling you are nitpicking. Is it just a feeling? :)

I'm referring to this paper: http://link.springer.com/article/10.1007%2FBF00124891

Curiously, although I've always preferred DLP-based crypto, I actually never implemented any. So I gladly admit my knowledge of DH key exchange might not be as profound as I would like it to be.

That's not what "zero knowledge" means. In the context of STS or, more generally, DH, a ZKP is something you'd add after DH, to verify that one party or the other had arrived at the expected DH result.

I don't think I'm nitpicking: I see where you're coming from but I think you might be entirely wrong.

I don't know what it means to "prefer" DLP crypto. Over what? I just don't understand what you're trying to say with that last graf.

Well, if you exchange your keys via DH and start using that key to cipher the communication, you're going to find out very soon if you exchanged the key properly, won't you?

In essence, once you've agreed on a key you won't keep it to yourself (although you could, in theory). But am I missing the point? Are we talking about two different things? I'm talking about ZK from a mathematical point of view, you know, the cavern, the treasure, the two paths... (if you know this layman example about ZK)

Unfortunately I cannot go into details, but what I meant about my preference for DLP is that although I was mathematically more attracted to DLP based algorithms (when it came to asymmetric cryptography) I didn't really have the chance to "play" with them and spent more time with RSA.

So it's probable my knowledge of the DH key exchange algorithm is imperfect and last time I wrote crypto it was very mundane (it was using RC4, that's saying a lot!), so maybe I should just refrain from commenting about crypto.

SRP is a good example of DH with a bolted-on ZK system; the client and the server arrive at a key using a hash of a password as, effectively, the basis of a DH parameter, then use a hash-based zero-knowledge proof to "authenticate" each other.

Please explain how DH was designed for perfect forward secrecy...

Please explain why shown plain text in this context would make exploiting weaknesses in their PRNG any easier...

tl;dr There is a buffer overflow in read_packet(). See below.

edit Shit, i'm wrong. I missed this line 599 of Lossless_UDP.c:

    if (size > MAX_DATA_SIZE)
        return 1;
That is the only section that verifies the size of the memory being copied, which is still dangerous. Every memcpy should enforce the size being no greater than the size of Data.data, and not rely on .size having been previously set properly.

I'm not sure if you understood what MITM(man in the middle attacks) actually means.

I will give you a high level example of what he is talking about. your software displays a public key to perform encryption. what 'the NSA' can do is put a proxy (or use your isp) in between you and the person you are sending data to. Then they can pose as the person you are sending data to by hosting their own public key to both you and the person you want to send data to. now they can decrypt information that you send, and then encrypt it with their private key and send it to the other person. NOW THE NSA CAN SPY ON YOU USING YOUR APP.

man in the middle attacks can get much more complex than that, but this should help you understand what is going on.

If you are attempting to write security software you should really at least learn crypto AND networking. it seems like you have not accomplished either of these.

If I understood their code/doc, the public keys must be exchanged out of band.

So how could the proxy pass for another person?

I'm not sure what you mean by out of band

If you mean that it is communicated over TCP/IP(what i gathered from reading the doc), what is stopping someone who has access to whatever is connected to your IP from redirecting traffic to that port in order to do what was already discussed.

if you mean that it is shared in person off the internet, then what is the point of this program. Diffe Hellman, ECC, zero Knowledge proofs are all dependent on the discrete log problem being hard, so you might as well just start broadcasting to their ip with the key that they gave you in person instead of going through the trouble(and increase in vulnerability) of trying to establish that the person is who they say they are. maybe I'm wrong but I don't think that math is wrong.

in any case, I feel like the problem for this program stems from the fact that validating the IP address of the person is much more complicated than it seems. Its pretty much the reason centralized databases are needed for connections between people(those are bad things in our world now).

this is pretty much what is needed for this http://en.wikipedia.org/wiki/Web_of_trust

I wonder if the pubkeys could be maintained in a system such as namecoin? [never used namecoin, but it sounds right]

Thanks for that. I saw a post on some chan, quickly browsed the source and thought you'd just exchange public keys via unauthed connection. The reply does make sense, so I'll take a look at the source again and check your answers.

You should have posted this at the chans, where I voiced some similar objections.

I can't think of a real-time streaming multimedia application that uses TCP. It probably exists, but nobody uses it; it's simply easier and more efficient to deal with lossy formats over a medium that doesn't care about data loss.

(Note that I said real-time. Buffering is fine for one-way communication, lousy for conversations)

For text chat TCP works perfectly fine. IRC and XMPP are the prime examples.

Actually TCP is a problem for IRC because there's no (standard) way to query how much data has been received (well, acknowledged) by the other end. This is why if you're unexpectedly disconnected from an IRC bouncer while in a busy channel, the replay can still be incomplete.

Lag is also a pig sometimes.

Datagram protocols are just more natural for message-oriented communication.

I wasn't talking about text chat.

Github maintained by someone with a troll username?

Comments like this:

> IMPORTANT: release two major sanctioned UIs, one for autists, one with inbuilt support for the previous list so that plebs can't get confused with setting it up and autists don't complain about it getting in their way. de geso > I would suggest a "Advanced options" where the autists can rejoice with all kinds of options (and it doesn't frighten the normalfags, since it's not shown by default). Also, 2 UIs would be chaos to maintain.

Talk about not needing to be an expert to use it, but then a "learn more" button sending people to github?

Not inspiring confidence so far.

It's nice to see they're using an existing crypto library. I'd be surprised if they haven't made errors implementing it.

>Github maintained by someone with a troll username?

>Comments like this

>> IMPORTANT: release two major sanctioned UIs, one for autists, one with inbuilt support for the previous list so that plebs can't get confused with setting it up and autists don't complain about it getting in their way. de geso > I would suggest a "Advanced options" where the autists can rejoice with all kinds of options (and it doesn't frighten the normalfags, since it's not shown by default). Also, 2 UIs would be chaos to maintain.

The project originated from 4chan's /g/ (technology) board. It works differently from Reddit and HN, since there's no karma, and the comments are anonymous.

This caused it to develop a unique culture. On one hand, it enables people to express their real opinions without being afraid of getting downvoted by hivemind. On the other hand, it attracts trolls and causes a lot of rudeness and offensive behaviour.

I like the website, because you can see the true nature of people, and you don't feel the pressure to say what everyone else wants you to say.

>Talk about not needing to be an expert to use it, but then a "learn more" button sending people to github?

We were working on this for only about a month, and Tox is not even in the alpha stage yet. Once we get the GUI working properly, we will surely upload binaries to the website.

> The project originated from 4chan's /g/ (technology) board. It works differently from Reddit and HN, since there's no karma, and the comments are anonymous.

Thanks for this.

I was there in rec.arts.anime.misc with m00t in 2002 when he decided to set up 4chan.

"User was banned for this post", in red, is my idea. "Bring back snacks" is my meme. I had the 10,000 GET. I created the first C-C-C-Combo! post, but not the first C-C-C-Combo Breaker! post. I'm still in contact with Cracky-Chan. I am a BBCode master, and I have read my SICP today. I helped keep the pool closed; I hate GaiaFusers nearly as much as I hate furries. I don't visit 4chan much anymore because, you know, newfguys, but I hope you kids are enjoying the place and not stinking it up too much. :-p

> We were working on this for only about a month,

I tend to be really harsh on crypto projects. Please, ignore anything I say. There are, however, some experts posting in this thread and I hope their advice is useful.

And another thing: /g/ in particular is known for much pointless banter arguing over the best GNU+Linux distro or giving minor tech support to non-natives of /g/. Attempts have been made before to make something substantial on the board and this time it seems we can do it.

The list of (supposedly substantial) things /g/ has made as compiled by /g/, today [1], is as follows:

1. http://aloonix.neocities.org/

2. https://github.com/notuncivil/host-as-image [2]

3. https://github.com/KittyKatt/screenFetch

4. https://4chan-x.just-believe.in/

5. http://tox.im/

6. http://biebian.sourceforge.net/

The above list is in no particular order.

[1] https://rbt.asia/g/thread/S35615929#p35616305

[2] Full disclosure: this code is mine and I am the one who proposed it for that list. I also submitted a Show HN for it.

I had forgotten about some of those. The various sites /g/ has put up are pretty good too.

That list doesn't have http://logicalincrements.com/, which may be the best thing to come out of /g/. It's great for picking PC configurations.

screenFetch was not a product of /g/. It was around before the Author even browsed /g/.

Creator of screenFetch here. sF is not associated with /g/ in any way. I created the script before I even started browsing /g/ regularly.

>/g/ in particular is known for much pointless banter arguing over the best GNU+Linux distro

You mean arguing about the second best GNU/Linus distro. Everyone knows the best distro is Gentoo.

People have evolved to communicate with identities. Never in history have people communicated on such a large scale anonymously. To say it is "true nature of people" is interesting because anon communication isn't natural at all.

The Japanese founder of 2ch said that anonymity was to allow people the freedom to say what they really meant. (Wikipedia.)

> A: Because delivering news without taking any risk is very important to us. There is a lot of information disclosure or secret news gathered on Channel 2. Few people would post that kind of information by taking a risk. Moreover, people can only truly discuss something when they don't know each other. If there is a user ID attached to a user, a discussion tends to become a criticizing game. On the other hand, under the anonymous system, even though your opinion/information is criticized, you don't know with whom to be upset. Also with a user ID, those who participate in the site for a long time tend to have authority, and it becomes difficult for a user to disagree with them. Under a perfectly anonymous system, you can say, "it's boring," if it is actually boring. All information is treated equally; only an accurate argument will work.

I think you misinterpreted what he meant by "true nature" - it is not "true nature" of people to communicate anonymously; however, doing so exposes the "true nature" of people.

Like Oscar Wilde has said: "Man is least himself when he talks in his own person. Give him a mask, and he will tell you the truth."

According to another comment, it's a product of 4chan, so the offensive verbiage is unsurprising.

Yes, it was made on 4chan's /g/ imageboard.

Good to know different kinds of fags are still an important demographic there. (Normal, new, moral, etc)

>Github maintained by someone with a troll username? Not to mention half of the commits were be nemdiggers (demNiggers) who seemed to have changed his name to Proplex (probably due to the reddit outcry)

Since you managed to kill the website:


Tox is a completely decentralized secure messaging service which aims to replace skype.

It it still in heavy development.

So far we have IM working almost perfectly but no completed GUI yet except for a basic ncurses interface used to test the core.

For the detailed info on how everything works see: https://github.com/irungentoo/ProjectTox-Core/wiki

Hey, congrats on the hard work. I'm going to try it out. Is there a bird's-eye-view on how you have made it secure?

Why didn't you make use of existing projects like SecurePhone and OTR?

Minor contributor here: we've been trying to recruit help from HN multiple times with no luck. /g/ recognizes that the dev talent on the web resides here, so if you have a mastery of any of the needed skills (C, GUI design) we'd love your help.

It might be useful to mention more about how encryption is done on the website itself since that is the main selling point. As it stands I have to go through the source code.

Even if you do go through the code and don't find any bugs/backdoors, doesn't mean there are none. Both encryption and secure communications are pretty hard to implement right.

Right. That is always the case. I was only referring to a high-level description about the kind of encryption being used and what made it secure.

OK, /g/entoomen, I will keep saying what I said in one of your threads.

I feel it's strange that your IP is shared to the world together with your public key, so it is, in this sense, anti-anonymous.

You cannot even use it with Tor, because it uses UDP.

This is why I believe in the federated client-server model. It is much easier to build a system with a few trusted parties that a system with zero trusted parties.

Eg in XMPP, only your server sees your IP address until you initiate some out-of-band p2p thing such as file transfer. Federated client-server architectures such as email and XMPP are also pretty well understood by now, especially email has been around a long time.

Trade-offs, trade-offs everywhere!

As a naive potential user I am willing to take the assurance of proper crypto and forward secrecy. What needs to be addressed also is the issue of metadata. It is the broad collection and easy analysis of metadata -- NOT content -- that makes NSA monitoring so sinister. By knowing all about who you connect with, when, for how long, and with what regularity, they can know a vast amount about you.

What of the who/when/how-long/how-often metadata is evident when using Tox? As compared to normal skype or IM, that is?

This has been a project on 4chan's /g/ board that began after Snowden's initial leak. Its good to see that this project has developed into something substantial.

I'm glad that people familiar with security and cryptography in this thread are trying to poke holes in the product. As long as the development team uses these comments as productive criticism and fixes potential issues, everybody benefits in the end.


0. How important is simplicity (modularity) to the project?

1. Will Tox work for user "idontrungentoo"? Will it compile on Solaris, BSD, etc.

2. Will the GUI be optional? If not, why is it mandatory?

3. Can Tox work without DHT? What if two users just want to call each other without connecting to tens, hundreds or thousands of strangers? If there are problems with the DHT, are they SOL?

It would be good to have competing teams all working on some similar system (a Skype alternative) and then have an open bake off, instead of just idle criticism in forums like this one. This way we could see which system actually works the best instead of just theorizing about design choices and taking random anecdotes from alleged users in forums on faith.

from the github repo:

0: it's a lib, and there are at least 2 client being developed (ncurse and qt)

1: it currently compile on linux/os x/window

2: see 0.

3: no, but you could potentially host a "private" boostrap node and have a separate network.

/g/ has finally managed to make this somehow usable?

Well, congratulations.

It is unfortunate that this thing's name collides with tox, the testing tool.

Why not rename one of the two to: detox (it'd even make sense)

How about renaming this Tox to something else, since Python's testing tool has existed for quite a while.

There is already a https://pypi.python.org/pypi/detox Python project that provides parallelized tox testing. It is nowhere near as popular as tox (python project) though.

There are already one detox http://detox.sourceforge.net/ . It's a file name sanitizer.

This is a good idea!

I hate to be the bearer of bad news, but if your intent is to get around NSA snooping this doesn't do that. All you have really done is made sure that your communications are target for closer scrutiny. Remember I don't care _what_ you say I care _who_ your saying it to. Once I know who is talking to who and which person might be a good source of information there are much easier ways to get that information then trying to break encryption[1]

1. http://xkcd.com/538/

You lack imagination. :P

If the NSA is collecting everything, then it's possible to go back in time once you become a person of interest. This doesn't necessarily help you if you are actively planning something that the government is interested in, but if you become a political opponent to the NSA, they could look into your past for skeletons to blackmail you with. Who you are talking to may not give them enough information to do anything without the content of the conversations.

I don't think they need the content if They can identify the participants it works even better.

""" I see in 2013 you had many long encrypted conversations with someone we now know to be a pedophile, what were you talking about exactly """

On the other hand, if you're having an affair with someone that you have a good excuse to talk to all of the time (family friend, co-worker, etc), the content matters.

Also, that "OMG you were talking to a pedo!" threat doesn't mean much of the conversations were innocuous. To make that threat, they would need a good confidence that you couldn't (for whatever reason[1]) just turn over chat logs proving that nothing was amiss.

[1] E.g. The chat reveals something you want to keep hidden, even if it doesn't relate to the fact that the person is a paedophile, or maybe the logs just don't exist, etc.

Can anyone convince me why I should contribute to this project when I can already use the following?: [[bitmessage.org][Bitmessage]] [[freenetproject.org][Freenet with a chat client]] [[gnunet.org][GNUnet with chat]] [[i2p2.de][I2P-Messenger]] [[retroshare.sf.net][RetroShare]]

PS You could also apply a simple Icecast and/or MPD video stream under those proctols, even [[stomp.github.io][STOMP]].

"...application that allows you to connect with friends and loved ones."

...who know what to do next after they click the 'download' button and are forwarded to a GitHub page. I'd like to give the app a try, but I look at that page and I don't know where to start.

The app isn't even in alpha stage yet, it was started a month ago.

Another app that is the same as good existing solutions and is an outgrowth of spying revelations. Easy secure messaging, calling, etc apps already exist and are freely available. Once Whisper Systems apps are out for iOS at the end of the summer the bases will be covered.

Apparently, we can't use the name "Tox": http://tox.readthedocs.org/

Here are the most liked alternatives proposed on anther thread:











I'm guessing you know it means 'lock' in Hindi? http://translate.google.com/#en/hi/lock

Also "[to] speak" in Swedish, and in certain Norwegian dialects, one of the official written forms of Norwegian[1], and in the old Norse language.

[1] it's complicated.

It's kinda impressive in how many languages the website got translated from the start.

If you're the author, you should add it to the list: https://en.wikipedia.org/wiki/Darknet_%28file_sharing%29

They're pushing the hell out of this on the /g/ technology board on 4chan. I wonder if large group chat rooms will be a new way of sharing files over secured/private connections.

why not exchange "proper" keys when both parties are first both online? messaging that does not let me send messages to offline peers is quite useless in many cases. I would much prefe

It's funny how many focus on what are rather trivial things, the logo and name, instead of looking at the actual things which matter: the code, the security, and the idea itself.

why not hop on the xmpp train? xmpp just lacks a great client incl. some cross device synch capabilities, but besides that is secure, decentralized, open and a standard...

All this crap about a fucking logo?

What about the technical merits of Tox?

How's their service going to stop a Man-in-the-middle attack, client endpoint exploits? Or the HN effect crippling their marketing servers.

I do like your project, why not putting it on indiegogo or pledgie to help the development and large the audience?

This is great. A cross platform web app would be icing on the cake. Built on something open source like Lungojs.

Website owner here: Currently getting a 50k pps DDoS. It'll be over shortly, I hope.

EDIT: It's done.


Wow how did you get it translated to so many different languages?

Whilst we're bashing them for IP theft, can anyone tell me why they're using the Github Octocat logo for their “Freedom” point? It doesn't appear to link to Github?

They host their code on github. If you scroll about 100 pixels down, they say that. I'm not sure whether that's still okay (the not linking part) but they're not just randomly using github images.

Also might want to get a better server. I'm not trusting a messaging service whose marketing site I can't even reach.....

>I'm not trusting a messaging service whose marketing site I can't even reach

You would rather trust a huge corporation instead of a community-developed project?

I suppose he meant that he can't trust a product of someone who can't event run his website, since the software may be unstable. Security is not involved. For a new product the website should give to the visitors the feel that you are a professional (I'm trying to give a constructive critic here)


Thankfully we have a graphic design board now to aid in this stuff, though it might have been a /g/sent who designed it. There are some undiscovered talents on 4chan.

Well done /g/!

Brought to you by the NSA.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact