Open Tox instant messenger

Published on September 22, 2013

Open Tox instant messenger

    Amid the general hysteria with the NSA, an increasing number of people feel the need for a secure connection. Tox developers promise everything right away and out of the box.
    I warn you right away: the project has just begun to develop and so far promises much more than it is ready to give.
    image

    In RuNet, information on Tox is extremely small (in fact, the only mention was on opennet.ru). Let's get to know the project closer.

    First impression


    Developers position Tox as an alternative to Skype.
    Here is a feature of the project from the official website :
    Tox is designed to allow you to stay in touch with loved ones without compromising privacy. Using services - market leaders requires a fee, while Tox is a freeware and free program. This means you can do with Tox is everything you want . "

    On the same page, an interested user in the section “What can a program do?” Can see information about audio and video calls and a screenshot of a whistle-less interface that does not exist yet (see image below). Against the background of the inoperative "Download" button and the real state of the project, such an advertisement looks unconvincing.
    image

    We will treat excessive ardor with understanding and find out what works at the moment.

    Tox at work


    Encryption

    For encryption, NaCl is used . For encryption, public and private keys are created with a length of 32 bytes each. The interlocutor is searched for using the public key provided by him. A description of the encryption process when adding an interlocutor and messaging is available here .

    User Addressing

    For the purpose of addressing, the DHT protocol is used : at the first start of the client , it is identified with the DHT server from the list specified in the client settings .

    Criticism of anonymity

    According to one of the users, at the moment the concept of the project implies vulnerability to flood and spam attacks:
    “Monitoring the network allows you to determine who you are, who you are talking to and who you are sending the authorization request to. Spammers or hackers can launch bots and send spam or authorization requests to random users. ”

    Messaging protocol

    The action of the protocol on top of encryption with NaCl should prevent third parties from recognizing the type of data being transmitted.
    An encrypted connection takes place over the Lossless UDP network protocol : no data loss is promised. Audio and video will be transmitted using a different protocol.

    Installation and use

    ProjectTox-Core and a separate GUI for it are being developed separately. Cross-platform project (GUI for the most part for one or two platforms).

    The project page on Github provides links to text and video installation manuals for various platforms (you still need to build libsodium separately ).

    A list of existing GUIs is given here (GUIs exist under Linux, Windows, MacOS X and iOS). NTox
    CLI is available with ProjectTox-Core (there is an alternative CLI: Toxik .

    Qt GUI

    The only GUI currently available under Linux is the Qt GUI . To build, Qt version 5.0 or higher is required.
    Download the compiled Qt GUI (x32) here .

    To work, he needs Qt libraries (add the path to the libraries to the variable LD_LIBRARY_PATHand execute export $LD_LIBRARY_PATH).
    Also links to various binaries (including for Windows) are available here .

    The client interface (see the image at the beginning of the article) is rather stingy: set the user name, press the button to generate a public key for him and copy it to the clipboard, after which the key can be transferred to a friend and chatted. In the settings, editing the list of DHT servers is available. The client supports a dozen built-in emoticons and four accessibility statuses.

    Tox Protocol Plugin For Pidgin

    A plugin is available for users of the Pidgin messenger ( official site , GitHub ).
    The plugin was assembled according to the crutch instructions , but I could not see Pidgin version 2.7.3.
    You can download this archive (x32), unzip it into your home directory and try with your Pidgin.
    You can see screenshots of the plugin interface here .

    Conclusion


    My main goal was to inform the Russian-speaking community about the Tox project. The project is currently extremely raw and inoperative (let's say frankly: you can’t use Tox in everyday communication at the moment), but the announced ideas seem interesting.
    They promised audio and video calls, text messages, file transfer - all with encryption, without the need for initial configuration, with a beautiful GUI, openly and freely.
    If you like the concept, then you can help developers, for example, by translating documentation or testing a product.
    The need for an open alternative to Skype is long overdue.

    References


    IRC TODO
    Developer's Blog
    for the near future
    Plans for the future
    Plans for audio and video
    Reddit

    PS


    Survey data by developers of potential users about Tox is available here .
    You can answer the same questions in the comments:

    1. What needs to be implemented for you to switch from Skype to Tox?
    2. What do you expect from the Tox project?
    3. Your account identifier will represent a random string of 32 characters. How do you feel about this?
    4. What do you think of the proposed GUI layout?
    5. What would you like to add or offer?

    Only registered users can participate in the survey. Please come in.

    Do you like the concept of the project?