64 comments

[ 2.7 ms ] story [ 48.7 ms ] thread
Would be cool ta have FOSS iOS apps made with this.
We basically have this stuff with Signal: https://whispersystems.org/
Signal I trust over anything else, but the iOS application is pretty awful to use to be honest.
I've heard these open source projects have ways you can help fix that...
Part of the issue is that both uTox and toxcore are GPLv3'd, which forbids "TiVoization" (and therefore makes it legally difficult to release on, say, the App Store). A more permissive license would make that more plausible.
While TiVoization would be a problem in the App Store, but its actually all the other details regarding the App Store which really prohibits using them for distribution.

First off, the App Store agreement explicitly prohibit users to further distribute any software which is distributed through the store. This makes any "copyleft" licenses a no-deal in there since distribution is a defining attribute of those licenses.

Second, as a matter of policy, Apple forbids developers to put any GPL software in the store.

If you would dare to break the App Store agreement and the apple policy for developer, then at that point GPLv3 TiVoization clause would indeed make it further legally difficult. I would however be more concerned about being chased by apple's lawyers, so as a general advice I would be careful and make sure that any licensed software you upload is compatible with both the agreement and policy. It doesn't matter if it is permissive, copyleft, or closed source.

Seems really cool, anyone audited this project yet?
you know its good cause it offers "ROCKSOLID encryption"
I've been using this for the last 6 months or so. Seems pretty good as a client. Stable on the comms side, although short of an audit, I'm just having faith in the security side of things.

What it really needs is some way of having a roaming profile though. Currently you have to have multiple accounts, one for each device. So my friends list has a lot of duplicates depending on whether they're on their work computer, at home, on their phone, etc...

I'm not actually that fussed about the encryption side of things. I'm far more happy with the lack of reliance on centralised servers. You don't need an account somewhere to get it up and running, you just send a message to a friend and compare secrets to authenticate.

Why don't you copy the profile between computers?
It's not my computer that's the problem. He has three and has separate profiles for each. Also, asking people to export profiles and import multiple times is a bit too technical and far too much effort to ask all my friends to do.

It needs to have some easy way of merging profiles cross-device. Maybe if a friend authenticates two profiles as the same person it will merge them if you agree to it. Or something along those lines anyway.

I'm a big fan of accountless systems, but utox does need to solve the roaming profile issue. It simply cannot be used in the real world until they nut that one.
Definitely a crucial feature, but a difficult one for any truly distributed application.

I'm actually prototyping a similar distributed messaging app using remotestorage.io to try to tackle this issue of profile roaming and persistence. In theory it should allow profiles to live in the cloud (in any backend supported by remotestorage, such as Dropbox, Google Drive, and ofc remotestorage servers) and be sync'd automatically across devices to enable features like roaming profiles and simultaneous logins in a distributed manner.

In practice, however, there is still a number of complications such as the need to secure the data being stored from storage providers (remotestorage itself doesn't offer encryption natively), and coordinating communications between accounts with multiple devices (network endpoints) to minimize network inefficiencies. I'm mostly done with the former and steadily making progress toward the latter, so I feel this could be something to consider for the Tox team as well.

https://remotestorage.io/

>Definitely a crucial feature, but a difficult one for any truly distributed application.

I actually don't see why it need be for a messaging app. I guess it depends on the features you are trying to move with the profile, but I just want a single address people can send messages to.

I'm happy to reconstruct the profile (name, timezone etc.) on the other device, but I'll never persuade my friends and family to use it if they have to guess which one of 5 devices I am using each time they want to send me a message, and a messaging service that my friends and family won't use is useless to me.

Yeah, way to many messengers seem to assume "Well, everyone has just 1 phone anyways, and where else would you want to use a messenger". I get that desktop clients etc are not the first thing on the priority list, but still it is very annoying (and the first one which gets that right I'm pushing everybody to.)

(Threema actually recommends a workaround: "Just create a groupchat for each of your contacts with all your devices in it and always use that")

Thanks, that's a good workaround, I'll try it tomorrow. It should still be a default thing if they want mainstream adoption though.
I wonder if we'll ever get to the point where projects start advertising what methods they use to weed out memory management bugs (i.e. static analysis, fuzzing, etc) because an adversary that can execute arbitrary code on my machine is far more intimidating than one that can eavesdrop (imo).
Speaking of that, I wonder why uTox & Tox weren't made in memory safe languages in the first place. There could be many possible reasons, so I won't bother speculating.
Just build it with asan and you will get all the safety, memory usage and slowness of a memory safe language.
You'd need UBsan as well, and even that doesn't catch everything. Regarding memory usage/slowness: why not OCaml, D, or Rust?
Rust only recently hit 1.0, so it's pretty obvious why somebody would not have built their software using that.
Also, current benchmarks show Rust to be about ~3x slower than C, making it more comparable to Go or Java.
Interesting. Do you know of any good, recent benchmarks of Rust? I haven't seen a whole lot. The Benchmarks Game mostly appears to show Rust being closer than that in general, though the Rust benchmarks seem to be kind of crap.
A few months back, we were beating C on some benchmarks, though with the focus on semantics for 1.0, I'm sure there were some regressions.
Developer malpractice. Nothing security critical should be written in non-memory safe languages, unless you have no other option (like some embedded systems code).

I'm not saying this to be mean. I've written lots of bad bugs myself. Humans are fallible-- that's why we have guards on saws, count pills twice in the pharmacy, and use modern languages when we're not in a sandbox.

I made sure to make the packets in Tox as easy to parse as possible which greatly lowers the chances of fatal packet parsing bugs being present.

As for the main tool I use to find bugs, it's asan (the clang address sanitizer) which is much more useful than static analysis for finding actual bugs.

Of course the main thing I do to try to prevent bugs is reread the code again and again which is what catches pretty much everything.

It's open source so anyone can run their favourite tool on it,

I think that this is a very important point, and I'd like to quote Bruce Schneier in agreeing that "practical cryptography is rarely broken through the mathematics; other parts of systems are much easier to break" [0].

As a developer of a Tox client (qTox), I personally use a combination of static analysis (Coverity, CppCheck, Clang's scan-build) as well as dynamic analysis (notably the various *Sanitizers) to complement use of modern automatic memory management. But clearly as the many browser vulnerabilities found ever year show, bugs in large projects are a reality and there is no silver bullet, regardless of how sophisticated the current methods might be.

I think that we should absolutely strive for fuzzing, analysis, testing and general security, not in the illusion that software will be perfect, but with the goal of preventing, catching, and fixing bugs before they become an actual in-the-wild threat.

[0] https://www.schneier.com/essays/archives/1997/01/why_cryptog...

Consider using something such as SoftBound that transforms your code into one that defends itself against most memory attacks. There's a significant performance hit but immunity by design is better than hunting for every bug. Still try to code well, anyway, as the tools are usually limited to select platforms and you might want more portability.

http://www.cis.upenn.edu/acg/softbound/

(comment deleted)
Isn't this a project that was developed by users of the /g/ board on 4chan? I've only ever seen it berated on that board (everything is berated on that board) and don't really know how solid the actual software is.
As far as I know, the project really only gained any traction once it distanced itself from /g/'s bikeshedding. I think in light of this the uTox team has made an effort to distance themselves from 4chan entirely.

It's been a while since I read anything about them but last I heard, the crypto was fairly solid and the only problems were one of reliability and user experience; that being said, I'm no expert and we won't know until it gets popular enough to deserve an audit from someone important.

Why would I use this instead of XMPP and OTR?
The main thing for me is the lack of a central account server. Even with XMPP, you still need to have an account and login somewhere to authenticate. With this, you have to authenticate each friend manually, but only the once. After that, there is no account but the profile stored on your hard drive.
That's certainly a selling point. The problem: newer and hand-rolled stuff always has serious problems. Many continue to have serious problems over time. I'd be interested in seeing software that solved those problems while leveraging proven protocols, clients, etc. Might just be a plugin to several popular IM clients.
If you're worried about how good the encryption is, you can actually use Tox with Pidgin and then layer OTR on top of it.

That way you get decentralized messaging and don't need to trust their crypto.

https://wiki.tox.im/Tox_Pidgin_Protocol_Plugin

I would use Tox and any of its clients with caution. At one point in time, your friends would be able to execute arbitrary shell commands on your PC if you were running utox and accepted a file download. Even with large security concerns like this, the lead developer believes Tox and uTox is secure because he reads the code he wrote himself (none the less git history is filled with bug fixes he clearly missed in his reading). This isn't exactly reassuring, especially coming from someone who doesn't have provable past experience in security software.

Edit: I just got banned from their IRC for stating this opinion here.

Still sour you got rejected for Summer of Code?
And your opinion is based on what? What you just said is true for any software. Any reason why you pick out tox in particular?
The comment you replied to seems to be a fairly specific and verifiable criticism of uTox, which, like all security software, deserves to have its claims approached with skepticism.
>I would use Tox and any of its clients with caution.

It's hard to argue with that given that Tox is still in alpha, and this is generally a good idea for any software you use if you have reasons to believe that an adversary is trying to exploit your computer.

uTox was not originally written by the main toxcore dev. However he and a few other brave volunteers have made a big effort to clean up uTox's code over the past few months. That's why this thread was created now and not 6 months ago.
That last part is enough to ditch them unless you were fighting with them in IRC. Were you?

Your claims ring true for vast majority of new, COMSEC schemes. Far as Tox, this is what I found on their GitHub page: "Current build status: build failing." I'll add that NSA and malware authors have 0-days on the platforms the tool will likely run on. It will be bypassed like all others on such platforms.

I was just idling on their channel when irungentoo got me banned for my post here.
Yeah, that's quite questionable. They need to be able to handle and defend criticism better if they want to make it in INFOSEC. Especially if they ever get press like Cryptocat or Diaspora did.
(comment deleted)
Astonex was never banned from any of the public tox IRC channels. He was banned from an invite-only channel for off-topic discussion because he was trolling. The ban did not last very long either, because most of us still like him despite his attempts to create drama. Everyone has their off days.
Always good to hear both sides. I reserve judgment until I do. In this case, I'm just going to say "Ok" and be neutral. I like the line you added at the end: quite fair.
Not saying your lying or anything. But if you make accusations like that you should probably back them up with a chat log.
Chat logs of which bit are you after?
Preferably a few hours from the last time you said something or 24 hours back.
Back in 2001, the ayttm project supported free, secure instant messaging by using gpg to encrypt all messages and by allowing you to split a conversation across multiple networks (Yahoo, MSN, AOL, XMPP).
Appreciate the tip. The Snowden leaks appear to support that GPG is so robust that even NSA analysts use it. So, a project using IM over it is playing it extra smart (albeit clunky). Turns out it's still active:

http://ayttm.sourceforge.net/features.php

Gee, yet another identity nomenclature - <username>@utox.org! When will this trend end?! Aren't you tired of the ever-growing lists of identities you need to share with people?

  "Future of Instant Messaging"
Not with that UI.
Why aren't the name/Tox ID requirements listed on the site? I tried registering a few times and got an "invalid" error each time.
Wow, Skype must have really cemented its place in public conscience as an instant messaging service.

I would think a new service should support video chat before comparing itself to Skype, but no. (I am actually seeking an open-source alternative to Skype that supports video conferencing: I know of audio clients/services, but not about video)

Something to keep in mind:

Of all Tox clients, uTox is written in C, using its own UI framework that directly interfaces with X11 and WinAPI. This makes the code itself a mess. The reasoning behind this is that it's somewhat of a meme on /g/ that anything but pure C code is "bloat". I tried contributing a bit last year, did some work on copy/pasting inline images, and found a remote code execution vuln. Then I got fed up with how terribly confusing the codebase was for something so simple. I'm not a professional programmer or anything, just a student, but it seems like it's the same for everyone else in the project.

I like the idea of Tox but there are a couple issues that make it unusable for most users (at least me and a few I've talked to about it):

- No push notifications of any kind, meaning mobile devices have to keep a connection open (kill their batteries) or poll for updates (and get the message later).

- No multiple device support, so I can't use my phone _and_ my desktop. I have to pick.

It'll be great when it's been polished up and completed a bit more but it's not there yet.

i prefer software that do not need runtimes and can run without dependencies on major distros.
qTox please consider making static builds
So how does this improve on existing IM, say: XMPP?