C-toxcore Alternatives

Reviews and mentions

• E2E encrypted voice and chat service similar to Discord/Slack?
  2 projects | reddit.com/r/PrivacyGuides | 25 Oct 2021

  You could use a Tox front end like qTox or Toxic. It is a fully encrypted end-to-end communication protocol that allows text, voice, and video chat. The github page for the Tox protocol has some useful caveats about the its security.

• Tox: Decentralized and Encrypted Instant Messaging
  6 projects | news.ycombinator.com | 5 Oct 2021

  It links to a bug report discussion where one of the developers states that they don't understand the security properties of tox very well[1].

  I find that worrying.

  [1] https://github.com/TokTok/c-toxcore/issues/426

• Why developers use IRC instead of XMPP?
  1 project | reddit.com/r/i2p | 28 Jun 2021

  They're vulnerable to Key-Change-Interception attacks in a case where a key is stolen from somebody who you're already contacted with. That's a pretty big "if" for people who's concern is dragnet surveillance and not targeted surveillance. https://github.com/TokTok/c-toxcore/issues/426 Also up-to-date Tox clients have a fix for it, apparently, looks like they're holding off on closing the issue until every official client has the fix.

• Is using Signal through Tor bad opsec?
  1 project | reddit.com/r/privacytoolsIO | 13 Jun 2021

  Tox is experimental and has very concerning issues.

• Signal alternatives?
  7 projects | reddit.com/r/privacytoolsIO | 12 Apr 2021

  Ouch! Yeah, that was around the time I tried out Tox – did not know about this, though. It's been four years since they were made aware of that crypto hazard, and it seems they have eliminated it.

  7 projects | reddit.com/r/privacytoolsIO | 12 Apr 2021
• discord....
  3 projects | reddit.com/r/privacy | 28 Feb 2021

  Tox has experimental crypto and major vulnerabilities. I wouldn't recommend using it and expecting reasonable security.

• aTox 0.6.0 released (and aTox is now also available on F-Droid!)
  3 projects | reddit.com/r/projecttox | 28 Feb 2021

  aTox also uses an unmodified version of the version of Toxcore that Toxic, uTox, qTox, etc all use: https://github.com/TokTok/c-toxcore/ TRIfA uses its own fork of Toxcore: https://github.com/zoff99/c-toxcore

• Signal is Great!
  3 projects | reddit.com/r/privacy | 22 Feb 2021

  Tox has experimental crypto and major vulnerabilities, Session has not yet completed it's security audit and is switching protocols soon, which would invalidate any audit anyways, Element (which I think you mean the matrix protocol) and Conversations (which is XMPP) are both lacking in metadata protection (by a lot!). Jami is the only realistic alternative but p2p messengers are just not usable at the moment. Let's not begin as to why telegram is bad because I think wikipedia) roasts them well enough and you can read up on that. I hope I explained everything very well.

• Is there a p2p self-hosted way to relay messages to other clients?
  1 project | reddit.com/r/projecttox | 18 Feb 2021

  What you're describing would fall under "multi-device support" in general, which has been talked about for years: https://github.com/TokTok/c-toxcore/issues/466. I think there's been work on it, but it's not yet finished nor reviewed. It looks like the current issue tracking work being done related to it is here https://github.com/TokTok/c-toxcore/issues/1259, but if you want to chat about it with the devs, you can ask in #toktok on freenode on IRC.

• How can I add bootstrap nodes alongside with the default ones?
  2 projects | reddit.com/r/projecttox | 10 Feb 2021

  To run a bootstrap node, see the instructions for the bootstrap daemon.

• I Had A Friend Called Sahr Online A Long While Ago
  1 project | reddit.com/r/projecttox | 3 Jan 2021

  If you're referencing https://github.com/TokTok/c-toxcore/issues/426, the complaint is that if someone gets access to your profile, not only can they impersonate you, which is fairly expected, but they can also impersonate all of your friends to you.