C-toxcore Alternatives

c-toxcore reviews and mentions

• Direct sending and receiving data trought WiFi
  4 projects | news.ycombinator.com | 16 Jul 2024

  I would create a mesh wifi. (similar https://reticulum.network/, tox https://github.com/TokTok/c-toxcore etc)

• Bluesky Adds Direct Messages
  4 projects | news.ycombinator.com | 22 May 2024

  > but at the very least I think Bluesky could start with generating a private key on each client device, and then using a simple box algorithm to encrypt messages towards the user they want to talk to.

  Furry cryptography nerd here.

  No. This is inadequate.

  > I don't think https://tweetnacl.cr.yp.to/ is hard to mess up.

  Yes it is! If you're doing to encrypt some things in a constrained use-case, sure, NaCl is better than hand-rolling it yourself. But it's not sufficient for end-to-end encryption. Here's a few things that TweetNaCl (and other NaCl variants) is, without further protocol design, inadequate to protect against:

  1. Invisible Salamanders. NaCl uses xsalsa20poly1305, which is not key-committing.

  2. Key Compromise Impersonation. See also, Toxcore, which built atop NaCl: https://github.com/TokTok/c-toxcore/issues/426

  3. How do you do group messaging? If you do it as just pairwise, do you use the same public key as your p2p messaging? If so, how do you make sure you don't have a nonce reuse condition between both interactions. Oops.

  There is a damn reason end-to-end encryption involves authenticated key exchanges and forward-secure double ratchets.

• Tox Core is one of the nicest-to-read C codebases
  1 project | news.ycombinator.com | 22 Mar 2024
• uTox – The Lightweight Tox Client
  3 projects | news.ycombinator.com | 15 Jun 2023

  See also this somewhat infamous thread on Tox's cryptographic design[1].

  [1]: https://github.com/TokTok/c-toxcore/issues/426

• Tox seems slowly dying (change my mind), what alternatives have you researched?
  4 projects | /r/projecttox | 5 May 2023

  In case with Tox you have to trust in homebrew crypto that was never properly audited (how about that security issue reported by Donenfeld in 2017, which is being tackled only now, sort of?) -- and outdated and outright abandoned clients which were never above, let's say, "beta quality".

• qTox unmaintained. Is this the end of qTox?
  3 projects | /r/projecttox | 27 Feb 2023

  it has the new group chat feature (https://github.com/TokTok/c-toxcore/pull/2269)

• Российские спецслужбы научились следить за пользователями Telegram
  1 project | /r/liberta | 10 Feb 2023

  "If Tox already does onion routing, why use Tox over Tor?"

• My list of favorite secure messaging apps
  5 projects | news.ycombinator.com | 12 Jan 2023

  What an arbitrary criteria to judge a project by. There have been 5 releases in the past year, including a major feature release.

  https://github.com/TokTok/c-toxcore/releases

• I know Privacy Guides is the new version of Privacy Tools, but even if so, do the recommendations (or at least most of them) in the old site still apply today?
  1 project | /r/PrivacyGuides | 30 Jul 2022

  Signal isn't falling behind and Tox is an old service that has had issues with messages being spoofable since day 1

• Shadiness in the Privacy Space: Jonah Aragon's (PrivacyGuides) Failed Attempt to Takeover PrivacyTools.io
  5 projects | /r/privacy | 2 Apr 2022

  tox https://github.com/TokTok/c-toxcore/issues/426

• A note from our sponsor - InfluxDB
  influxdata.com | 23 Apr 2025

  Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems. Learn more →