Your code is NOT fully open source ! Your application is undermine by CENTRALIZED services ! Why ?!!

[Nokia808]

Hi. I asked Tox-core developers publicly about safety & trust of your application & their replaies were negative ! See the following link: https://github.com/TokTok/c-toxcore/issues/1319

As you see,

1) your code is NOT fully open source because you push a more recent versions to Appstore & Google play without updating your GitHub repository so that GitHub repository has OLDER version of Tok-android while what available in AppMarkets are more recent !

2) you undermine your application by CENTRALIZED features that not compatible with tox-core criteria !

I remove your application from my mobile because Tox core developers NEVER recommend your application ......

Now, I would like you to explain why you do these things ?

It is our rights to ask if your application spyware or not ?

To restore confedence you have to:

1) remove & correct all these holes in your work & 2) you have to give explanation for what you did, 3) your software must be mentioned on this page: https://tox.chat/clients.html

[ghost]

As a earliest user of Tok, I do not agree with your comments. Tok is much more powerful than you think. Please see below for clarification.

1. Tok was developed by a team with aspirations to implement a platform to provide true decentralization for freedom of speech in cyber communication. Tox clients have greatly improved after several iterations because of developers’ hard work.
2. Tox is inferior because it is developed at an unacceptably slow speed. Tox clients on mobile are extremely buggy and unstable, which are completely unacceptable. Tox devs still use IRC for working discussions while they recommend others to use their app. Think about it, what would it mean if Telegram devs are chatting on IRC. What a joke!
3. Your comment that Tok is a spy software because new codes are pushed to the Tok repository several days after the new codes are released to the Google Play store is baseless and most importantly incorrect.
4. Tok is developed by its community members who contribute their free time, they seek to respect and showcase their contribution. As matter of fact, true liberals will not install any back doors in Tok. Tok is developed by true liberals and for true liberals.There is speculation that Tok has recently obtained a large sum of money and feature upgrades might be expected, such as adding 100% decentralized we-media platform and cryptocurrency. Their ultimate goal is to connect the world freely.
5. A true liberal would join the team to change the world together instead of questioning Tok without reading the actual code. Tok devs will not waste time for unjustified criticism

Please send good suggestions and I can forward to Tok devs. Tok devs are always online in Tok. Tok is developed by true liberals and for true liberals. I trust Tok devs to connect the world freely.

[Nokia808]

@Joinbabby You misunderstood me ! I'm not developer & can not read source code. All what I said is "I'm asked Tox developers & they replied me by ........." You said "your comment ......" They are not my comments, but the comments of official Tox developers .......

I did not & does not like to make bad comments on your Tok for merely a wish to make bad comments, but I just brought your attention for what official Tox developers said after they read your code .......

[soyflourbread]

@Joinbabby Disclaimer: I am NOT a core Tox developer, though I've read most of its codes and have a somewhat decent understanding about C, C++, Java, etc.

1. Are you only a user of Tok-Android and Tok-iOS? I'll just leave it here.
2. I wouldn't say "Tox is inferior". Tok-Android and Tok-iOS are both based on TokTok/c-toxcore, either directly or forked. If you mean that the core of the Tox protocol is inferior, then why are Tok-Android and Tok-iOS using it? You are trying to say that the core components for an application are inferior than the application. Or are you trying to separate the Tox community?
3. TokTok/c-toxcore is in active development, with last comment from two weeks ago, not even close to "developed at an unacceptably slow speed". There is also a better reimplementation in Rust going on. Meanwhile, InsightIM/x-toxcore, the fork of c-toxcore they are supposed to use, is even further behind upstream.
4. What's the problem of using IRC while developing a new communication protocol? They need to have a backup plan for communication, and IRC is suitable.
5. Not "Tok is a spy software". The possibility that it might be a spyware itself makes it a threat.
6. Talk is cheap. Show me the code. What about this ~10MB blob in Tok-Android? And this blob? Where are the c-toxcore codes they use in Tok-Android and Tok-iOS?
7. Again, show me the code. Stop arguing about liberals and what they will do. We can check if there are backdoors with our own eyes if all of the source codes are released.
8. You know what? I read the whole code, including c-toxcore used in Tok-iOS. That's why I know what I'm saying.

As a user who cares about its privacy, I hope that InsightIM can actually help the Tox community instead of trying to separate the community and make the software close-source. It is bad for the community, and illegal. c-toxcore is licensed under GPL v3, which is conditioned on making available complete source code of licensed works and modifications, which include larger works using a licensed work, under the same license.

P.S. TokTok is different from InsightIM, the ?organization? that develops Tok-Android and Tok-iOS. TokTok maintains c-toxcore, the reference implementation for Tox protocol.

[soyflourbread]

@Nokia808 The list on https://tox.chat/clients.html shouldn't influence your decision for Tox client too much. It doesn't mean the client is necessarily bad if it is not listed there. ¯_(ツ)_/¯

[comradekingu]

I think this discussion amounts to getting some build instructions in place which produces a reproducible build every time, with all the code available, under the same GPLv3+ as the rest.

[zoff99]

guys please lock this issue.

[soyflourbread]

And now the developers keep releasing new versions on app store without uploading the source code.

[danrobi11]

Well, im just a regular user with no coding ability. What i do not like as a user is this: No mention of Tox protocol anywhere! Nothing about Tox on their site nor on google play How's the regular users suppose to know that Tok is using Tox protocol? And now, after reading this, i think i know why!

[arksong]

Why Tok code is NOT fully open source ? Can tok developer give us a good answer?

[garywu520]

Not open source, no security. This is it! Not convinced, open source to break my concerns

[zerofancy]

I also have such concerns. But at present, only this tox client on the mobile phone is relatively stable, and I still use this for the time being.

[zoff99]

@zerofancy use this app https://f-droid.org/packages/com.zoffcc.applications.trifa/

[Monsterovich]

I maintain a new Tox client which uses stock toxcore (toktok) https://gitlab.com/Monsterovich/protox