I tried qtox for the first time today and it was pinging out like similar chat programs would except tox is p2p. Why was this being shilled so hard again? My fucking hosts file attached that I had to create just to stop the fucking botnet is retarded. (((Firefox))) pings out less then qtox on startup ffs. Is this by design and I am being retarded, or is qtox a botnet like all other chat programs?
If I am being retarded this is the new tox ID thread.
Other urls found in this thread:
github.com
twitter.com
wrong thread, doofus
datamine yourself
what distro are you running? is it a systemd one? if it's systemd-based networking, sorry chuck, check a search engine that leads to stackoverflow.
Tox is compromised, it leaks your IP and potentially other sensitive data
You are stupid. P2P by definition leaks your IP. What I am concerned about is the pinging of servers on startup that aren't your peers.
I couldn't find the thread via ctrl+f
The go fuck yourself distro. I by default have nothing pinging out of my distro on startup. But by running tox it fucking pings out to all of those addresses. Don't datamine yourself. Just fucking tell me if this is intented behaivor or if its a fucking botnet.
The webpage clearly says what those people run on their servers
Wow, it's litrully (((i'm shaking already))) muh (((botnet))) do I fit in guys xDD
Do not use software if you are too stupid to understand how it works.
Tox is a corporationless alternative to Skype, it won't save you from all threats at once, learn2opsek n00b.
Anyone else wanna bet Ubuntu? Pretty obvious at this point.
Tox-over-Tor is godmode. Get on our level fagit.
Ok user, why shouldn't I use Tox? What are the downsides?
That's interesting
What servers is it pinging?
Read the thread. Hint:
JUST USE IRC
...
>(((bootstrap)))
Is this P2P or a client/server program? If you can use tox without these servers then p2p. But if you can't use tox without these servers or even changing these servers, then it's not p2p but is client/server. They really should add a option to change the bootstrap server(s). Or just call it client/server instead.
You've discovered hot water.
I don't get it. You call these machines servers because they have a domain name and if it is only an IP then it's not a server? Anyways if you don't like the bootstrap nodes I'm sure you can change them to some that you trust.
They do, it's fucking GPL3. Open your registered copy of Sublime Text.exe and change it to bootstrap off your cuck fuckbuddies' IPs instead.
Tox is dead, it's run by a retard who is too scared to use his real name so there is no accountability whatsoever. just use signal
T.not secret agent
Thanks for the info.
If those IP's/computers that act as redirectiona fucking server you newfag are predictable/always the same then you can MITM the IP and redirect traffic much more easily. Say to fake a call with someone or just block access to the server for finding people/toxing them in the future. Not being in control of what servers are pinged out at first is a privacy issue if you don't want your Tox traffic to be tracked by (((them))) with (((their))) eye in the sky view. Even if they can't listen to your conversation without great amounts of effort.
Holla Forums urgently needs an IQ check before posting.
I really fucking hope you're the newfag here, if you don't understand that a node in a P2P network is both a server and a client. These bootstrap nodes are there to let you bootstrap a bunch of IPs for participating in the DHT, not do advanced communication.
>what is (((domains by proxy))) and (((perfect privacy LLC/hilliarly clinton shell companies)))
I would agree normally, but the IP's in OP's pic are all alphabet ip's that got pinged out. Are those the defaults? Because those are undoubtebly proxies logging requests by tox clients.
wew
Tox protocol has a single dedicated tor node hence all traffic can be monitored and timed.
You can use any TCP bridge over tor. All traffic over tor does not in fact use one node. Literally anything can be timed that goes through tor by recording at the exit nodes lol. It still provides anonymity. This level of retardation my god. Its not like they can demask your location or decode your messages.
tell that to Sabu
Not related
Every arrest has been because of an OPSEC failure.
The entire LulzSec crew made *countless* mistakes like disclosing their eating habits and connecting from their residential IPs while using the aliases they were supposed to be "anonymous" under.
Non of them were really "leet" hence why all their exploits were simple. All they were good at was PR whoring.
...
Did someone really get caught because of this? How would that even happen?
are you retarded or just usual Holla Forums user?
simply get their daily routine, their favourite food, their local pizza deliveries and you're golden!
also: get their work ip's, get into their modern hardware pc's, plant some child porn, frame them for some silly non-existent shit, you're double golden and also promoted as a result.
a-also: manage to explain that meltdown meme to your director, while he points out all hardware was created with backdoors in mind, """you see, kid, """.
a-a-also: you're on the list just for trying to connect to the tor network; get your pink mark on a mailbox.
Reminder that we are under attack
geez, lay off the amphetamines, fellow shitposter. your boss is at least right about everything having backdoors, leagues ahead of your average normie.
signal seems a lot more secure and practical, is there a good reason not to trust it?
kek
it's about secure and private messaging, not anonimity. unlike tox it's actually usable and supports offline messages, while not storing metadata or contact lists and having gpl clients and servers.
they have a desktop client and it works without google play services too now.
A bundled copy of chrome is not a desktop client.
it's standalone now
What did you mean by this?
How the fuck is private messaging with a phone number anonymous?
Being centralized isn't the most ideal thing.
Also it requires some google shit by default and you need a workaround to get around that.
E2E encryption is private but not necessarily anonymous. People can see who you're talking to but not what you're talking about.
Also, from what they say, I think who you are talking to is only visible from signal's servers.
github.com
the point is, it's not, but both the message contents and metadata are safe from third parties.
don't get me wrong, there are better solutions, but i'm not going to convince regular people to sign up on my xmpp server or use pgp with self-hosted e-mail, so signal is by far the best real life solution.
but i get it, for online stuff, go ahead and use tox or something else.
What third parties? Like Google and Microsoft? Nobody is talking about them. You've changed "bad corporations" for some ephemeric "good corporation" that somehow maintains it's servers without charging you any fees or displaying ads, what their funding comes from, eh?
What about wiretaps? What about compromised servers you won't be able to change in case of major fuc-kup? What about brute-forcing users by adding all possible phone numbers? What about gsm carriers that see you receiving confirmation SMS from Signal servers?
Remember, for state actors and organized crime metadata is more than enough. They don't need to know what you are talking about with your wife when you do it from car while driving to mall and then bringing home some food.
They are my biggest concern, by far.
I really wish you didn't have point there, they received funding through donations and grants, but the ties to Twitter and the abuse potential are worrying. Still, the AGPL is pretty lenient, and I'd rather trust them than just give up.
What about brute-forcing users by adding all possible phone numbers?
Signal warns you about changed keys unlike WhatsApp that might keep MitM attacks hidden from you by default, if that's what you mean.
What about them? They receive exactly that information, nothing more, unlike with regular calls and sms.
True, that's why Signal is the best choice in my opinion, simply because they don't keep that meta-data by design and can't give it to law enforcement on court orders, and neither can cellular providers or Google and Facebook.
Three-letters are a different beasts, they don't know laws and you never know what exploits they might find, but that's not a reasonable concern. Iirc the Snowden leaks showed them having huge trouble with TextSecure, but we can't assess that now.