Can it be anonymous?

[Mattel88]

I'm using qTox and I've read that we can use it over Tor and there is a Socks5 setting in there. I wonder how anonymous it is since the whole concept is relaying on p2p. I do not think p2p is anonymous because you exchange the IP when connecting.

[GrayHatter]

An IP address shouldn't be considered identifying information to anyone except your ISP, (and by proxy those with access to your ISP's information). Tox should be generally anonymous to all the other Tox peers you'll connect to. When using Tox, you do disclose your Identity + IP to your friends. But that's true of any server less system, and even some central server systems.

That said, if you need to hide your traffic from your ISP, disabling UDP, and using Tox over Tor is expected to give you that additional level of privacy from your ISP. But this shouldn't be needed in most cases.

[Mattel88]

Well I've read that you exchange your ID when adding someone on Tox. That is an issue, isn't it? I'm not sure if Tor helps then.

I do not think the same problem occurs when going with Pidgin and Tor, huh?

[GrayHatter]

You must share your ToxID with someone you wish to talk to, that's kind of the point of Tox. But if you're unable to trust the people you're talking to, you can use Tox over Tor, and the friend you're talking to will only be able to get the IP of the Tor exit node you're using.

But if you're unable to trust the people you're talking to, you really need to be able to personally evaluate ALL of the security implications of Tox, Tor, as well as the internet in general. Because if you're unable to trust the people you talk to on Tox, then there's PLENTY of ways that person could trick you into disclosing your IP address through a method OTHER than Tox

[Mattel88]

So could you give some examples how other people are able to disclose the IP address?

[GrayHatter]

Clicking on a link, a tox client's auto updater, using toxme.io or other toxme service, opening a PDF, sending an image. The list could go on and on.

On Feb 8, 2017 03:14, "Mattel88" notifications@github.com wrote:

So could you give some examples how other people are able to disclose the IP address?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/irungentoo/toxcore/issues/1631#issuecomment-278299983, or mute the thread https://github.com/notifications/unsubscribe-auth/AAO20BJHbPbbhtJCJdpi-vC07PsT0Cwbks5raaOfgaJpZM4L59XR .

[Mattel88]

Oh, okay. Wow, there is a way to get the Ip when sending an image? Never heard of it.

[SkyzohKey]

@Mattel88 a basic php script is able to do it. Just log the ip, then send an image with the correct Content-Type header and do a little url rewriting to make it looks legit. Your contact click the link, i.e.. https://domaine.tld/my-cool-cat.png and you get his IP address.

Tox is secure as long as user is smart enough to not be dumb. 🙃

[GrayHatter]

I was actually cheating with that last one. But if you take an image on antox, send that image via Tox, depending on your settings, you may have just sent your friend your current GPS location. Not you IP address sure, but could be much more damaging.

[SkyzohKey]

@grayhatter That's why I always wanted to add EXIF stripping in the TCS, but no one considered seriously the idea...

[GrayHatter]

@SkyzohKey Tox doesn't do any kind of data modification. This would be a good feature for a client that wants to cater to the paranoid. But also VERY easy to do wrong, or mistakenly fuck up data if not done correctly.

[SkyzohKey]

@GrayHatter Antox does that, Diaspora* does that, Facebook does that, is the latest a "paranoid" website ?

[Mattel88]

Do I have to worry if accepting images or files then? I thought it is secure as long as we send an image or receive it over Tox instead of an URL.

[SkyzohKey]

It's secure if you trust your contact to not bind the image file with a RAT/Spyware/Keylogger/Ransomware/etc. You cannot blame the car maker if you filled up your 4x4 with Diesel instead of Essence. The same applies on the Internet. You cannot blame the application if you got a virus by trusting any stranger there. 🙃

[GrayHatter]

@SkyzohKey is mostly right. If you stick to secure operating systems, a good client (both Tox, and image viewer camera), and remember that the person your talking to could be trying to trick you. You should be safe enough.

That said, if you take an image, and it has GPS info, if you send that over tox, it could be bad. Most camera apps that add GPS data allow you to turn that info off.

I'm going to close this issue as it's not really a toxcore issue, just a discussion. Please feel free to open another issue (if there's a different topic), or continue discussion here. I don't mean to discourage discussion, just trying to keep things clean as well.