Cleanup
parent
ffda8a56af
commit
2068699ff7
@ -4,6 +4,7 @@ By design, Tox relies on a small number of BS nodes.
|
||||
|
||||
As the network is now, the number of nodes is very small, and all well known.
|
||||
|
||||
So Tox is vulnerable to being completely taken down by blocking a small number of nodes.
|
||||
So Tox is vulnerable to being completely taken down by blocking a
|
||||
small number of nodes.
|
||||
|
||||
See: [[ToxAndTorInChina]]
|
||||
|
@ -1,3 +1,7 @@
|
||||
Previous: [[Home]]
|
||||
|
||||
## Group Of Devices POC
|
||||
|
||||
One way to address the multi-device problem is to add the multiple devices of a person into a NGC group.
|
||||
|
||||
It may not scale well because messaging is sent to all devices of all users;
|
||||
@ -5,7 +9,3 @@ a single active user approach would be more efficient.
|
||||
|
||||
And it wouldn't work for groups very well as a group-of-devices can not be a member of an NGC group.
|
||||
|
||||
Up: [[Home]]
|
||||
|
||||
|
||||
green's test edit :)
|
2
Home.md
2
Home.md
@ -1,4 +1,4 @@
|
||||
Welcome to the Wiki.
|
||||
# Welcome to the Wiki.
|
||||
|
||||
What I am noticing is that there is no notion of a Tox Improvement Proposal(TIP),
|
||||
so ideas and vulnerabilities get forgotten in abandonned PRs in abandoned repos.
|
||||
|
@ -1,3 +1,5 @@
|
||||
Up: [[Home]]
|
||||
|
||||
See [[MultiDeviceAnnouncementsPOC]]
|
||||
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
Anthony? is this you?
|
||||
|
||||
linkedin https://ca.linkedin.com/in/anthony-bilinski-b4178611a (archive: https://archive.ph/X6Tsy )
|
||||
Up: [[Home]]
|
||||
|
||||
|
||||
# Anthony Bilinski
|
||||
@ -12,7 +10,7 @@ Works full time as:
|
||||
> Developer & Firmware Maintainer & Developer at Avigilon
|
||||
|
||||
* https://www.zoominfo.com/p/Anthony-Bilinski/628037601
|
||||
* https://ca.linkedin.com/in/anthony-bilinski-b4178611a
|
||||
* https://ca.linkedin.com/in/anthony-bilinski-b4178611a (archive: https://archive.ph/X6Tsy )
|
||||
* https://www.zoominfo.com/p/Anthony-Bilinski/3246706849
|
||||
|
||||
So he's working on Open Source projects as his day job at Avigilon May 2016 - Sep 2021 - 5 years 5 months. Maybe qTox was his day job until Sept 2021?
|
||||
|
@ -6,7 +6,7 @@ Previous: [[Home]]
|
||||
* Currently, toxcore uses onion routing in the process of establishing connections between friends, with the aim of obscuring their identities from third parties. However, this method does not achieve this goal. [This document describes a proposed replacement for onion routing.](https://github.com/zugz/tox-DHTAnnouncements/blob/master/DHTAnnouncements.md)This proposal is adapted from an original proposal by [grayhatter](https://wiki.cmdline.org/doku.php?id=dht:new_friend_finding).
|
||||
|
||||
|
||||
CVEs:
|
||||
##mCVEs:
|
||||
|
||||
* [CVE-2018-25022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25022) The Onion module in toxcore before 0.2.2
|
||||
|
||||
|
@ -1,7 +1,11 @@
|
||||
FromL https://github.com/TokTok/c-toxcore/issues/419
|
||||
Up: [[Home]]
|
||||
|
||||
I don't think indistinguishable message bytes and sizes are going to make any difference when they are sent over a network of so few bootstrap nodes.
|
||||
And anyone operating in a hostile environment is probably already running Tox over Tor, which works well.
|
||||
From: https://github.com/TokTok/c-toxcore/issues/419
|
||||
|
||||
I don't think indistinguishable message bytes and sizes are going to
|
||||
make any difference when they are sent over a network of so few
|
||||
bootstrap nodes. And anyone operating in a hostile environment is
|
||||
probably already running Tox over Tor, which works well.
|
||||
|
||||
Did the reports of blocking in China include blocking over Tor? Tor itself has implemented pluggable transport mechanisms that are continuously being improved, and these include ways to make the traffic look like another protocol like HTTP or whatever: <https://snowflake.torproject.org/>
|
||||
|
||||
|
@ -2,7 +2,10 @@ Up: [[SecurityVulnerabilities]]
|
||||
|
||||
# Tox Compared With Other IM software
|
||||
|
||||
## richochet
|
||||
## DeCentralized
|
||||
|
||||
|
||||
### richochet
|
||||
|
||||
Always uses Tor, rather than Tox, where Tor can be used at will.
|
||||
|
||||
@ -15,7 +18,7 @@ Relaunched as <https://github.com/blueprint-freespeech/ricochet-refresh>
|
||||
* didn't see any mobile apps
|
||||
* Had a [vulnerability](https://thehackernews.com/2016/02/ricochet-secure-messenger.html) with [HTML in invites](https://ricochet.im/files/ricochet-ncc-audit-2016-01.pdf)
|
||||
|
||||
## briar
|
||||
### briar
|
||||
|
||||
* https://briarproject.org/
|
||||
* https://code.briarproject.org/briar/briar-desktop/
|
||||
@ -35,9 +38,14 @@ Features:
|
||||
* USGov funded: Open Technology Fund/U.S. Agency for Global Media/Radio Free Asia
|
||||
* The apps are betas that expire in 90 days: "For security reasons, their accounts and data will expire with the beta."
|
||||
|
||||
# ZeroNet
|
||||
### ZeroNet
|
||||
|
||||
* Abandonned by its creator, it is being carried on by a number of non-cooperating forks.
|
||||
* A known RCE vulnerability is in some of the forks, but the developers of the patched forks have not filed a CVE.
|
||||
* None of the current developers have write access to the main web site.
|
||||
|
||||
|
||||
## Centralized
|
||||
|
||||
Who cares.
|
||||
|
||||
|
@ -2,7 +2,8 @@
|
||||
|
||||
<https://docs.google.com/document/d/1op6zGR0KYdF7tTWSSX79KQieJu30vLZ6XG327kIBhxQ/>
|
||||
|
||||
To be a useable communication system, Tox needs to support multiple devices per user.
|
||||
To be a useable communication system, Tox needs to support multiple
|
||||
devices per user. This is the [TokTok](https://toktok.ltd) proposal.
|
||||
|
||||
## Objective
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
Previous: [[SecurityVulnerabilities]]
|
||||
Up: [[SecurityVulnerabilities]]
|
||||
|
||||
Chatting with sudden6 (Sep 2022) says this still an open vulnerability.
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
Previous: [[SecurityVulnerabilities]]
|
||||
Up: [[SecurityVulnerabilities]]
|
||||
|
||||
Chatting with JF (Aug 2022) makes me think that these are still open:
|
||||
Known vulnerabilities in the tox onion:
|
||||
|
Loading…
Reference in New Issue
Block a user