⬆️ ⬇️

Open Tox online messenger

Against the background of universal hysteria with the NSA, an increasing number of people feel the need for a secure connection. Tox developers promise everything at once and out of the box.

I warn you at once: the project has just started to develop and so far it promises much more than it is ready to give.

image



In Runet, information on Tox is extremely small (in fact, the only mention was on opennet.ru). Let's take a closer look at the project.



First impression



The developers are positioning Tox as an alternative to Skype.

Here is a description of the project from the official site :

" Tox was created to allow you to stay in touch with your family without privacy violations. Using services that are market leaders requires a fee, while Tox is a free and free program. That means you can do whatever you want with Tox .



On the same page, an interested user in the section “What can a program do?” Can see information about audio and video calls and a screenshot of the whistle interface that does not exist yet (see the image below). Against the background of the non-working “Download” button and the real state of the project, such advertising is unconvincing.

image

')

Let us deal with excessive fervor with understanding and find out what is working at the moment.



Tox in work



Encryption


NaCl is used for encryption. For encryption, public and private keys are created with a length of 32 bytes each. The interlocutor is searched for by the public key provided to them. A description of the encryption process when adding a contact and messaging is available here .



Addressing users


The DHT protocol is used for addressing: the first time the client starts , it is identified with the DHT server from the list specified in the client settings.



Criticism of anonymity


According to one of the users, at the moment the concept of the project implies a vulnerability to flood and spam attacks:

“Network monitoring allows you to determine who you are, who you are talking to and who you are sending the authorization request to. Spammers or hackers can launch bots and send spam or authorization requests to random users. ”



Messaging protocol


The operation of the protocol over encryption using NaCl should prevent third-party recognition of the type of data being transferred.

An encrypted connection occurs on top of the network protocol Lossless UDP : no data loss is promised. Audio and video data will be transmitted using a different protocol.



Installation and use


ProjectTox-Core and a separate GUI for it are developed separately. Cross-platform project (GUI mostly for one or two platforms).



The project page on Github provides links to text and video installation manuals for various platforms (you must also separately compile libsodium ).



A list of existing GUIs is provided here (GUIs exist under Linux, Windows, MacOS X, and iOS).

Included with ProjectTox-Core is the CLI interface nTox (there is an alternative CLI: Toxik .



Qt GUI


The only Linux GUI currently available is Qt GUI . Qt version 5.0 or higher is required for assembly.

Download the compiled Qt GUI (x32) here .



It needs Qt libraries to work with (add the path to the libraries to the variable LD_LIBRARY_PATH and execute export $LD_LIBRARY_PATH ).

Also links to various binaries (including for Windows) are available here .



The client interface (see the image at the beginning of the article) is quite stingy: we set the username, press the button to generate the public key for it and copy it to the clipboard, after which the key can be sent to a friend and talk. In the settings you can edit the list of DHT-servers. The client supports a dozen built-in emoticons and four accessibility status.



Tox Protocol Plugin For Pidgin


A plugin is available for Pidgin messenger users (the official site , GitHub ).

The plug-in according to the crutch instruction was assembled, but I could not see Pidgin version 2.7.3 see it.

You can download this archive (x32), unpack it into your home directory and try it with your Pidgin.

Screenshots of the plugin interface can be viewed here .



Conclusion



My main goal was to inform the Russian-speaking community about the Tox project. The project at the moment is extremely raw and non-working (let's face it: at the moment you cannot use Tox in everyday communication), but the ideas that have been announced seem interesting.

They promise audio and video calls, text messages, file transfer - all this with encryption, without the need for initial configuration, with a beautiful GUI, open and free.

If you like the concept, then you can help developers, for example, by translating documentation or testing a product.

The need for an open Skype alternative has been long overdue.



Links



IRC

Developer Blog

TODO for the near future

Future plans

Plans for audio and video

Reddit



PS



Poll data by developers of potential users about Tox are available here .

You can answer the same questions in the comments:



1. What needs to be implemented in order for you to switch from Skype to Tox?

2. What do you expect from the Tox project?

3. Your account ID will represent a random string of 32 characters. How do you react to this?

4. What do you think about the proposed GUI layout?

5. What would you like to add or suggest?

Source: https://habr.com/ru/post/193688/



All Articles