Added ToxNetworkResilience.md

emdee 2022-10-11 10:10:20 +00:00
parent 52d1f5ff91
commit 550cfdb172
7 changed files with 84 additions and 35 deletions

34
Home.md

@ -1,24 +1,32 @@
# Welcome to the Wiki.
What I am noticing is that there is no notion of a Tox Improvement Proposal(TIP),
so ideas and vulnerabilities get forgotten in abandonned PRs in abandoned repos.
What I am noticing is that there is no notion of a Tox Improvement
Proposal(TIP), so ideas and vulnerabilities get forgotten in
abandonned PRs in abandoned repos, or ignored issues.
I suggested wiki.tox.chat as a place to identify and prioritize TIPs but maybe we can elaborate POCs here. I want to "argue" it out to get to the "best" proposal so work so work can get going on a trial version. developers who know the key exchange mechanisms can bring a lot of the existing codebase to bear on this problem, and resolve wrinkles in the concepts.
I suggested wiki.tox.chat as a place to identify and prioritize TIPs
but maybe we can elaborate POCs here. I want to "argue" it out to get
to the "best" proposal so work so work can get going on a trial
version. developers who know the key exchange mechanisms can bring a
lot of the existing codebase to bear on this problem, and resolve
wrinkles in the concepts.
### Multi-Device DHT announcements:
* [[MultiDevice Announcements POC]]
### Group-of-devices:
* [[GroupOfDevicesPOC]]
* Original TokTok ToxMultiDevice: [[ToxMultiDevice]]
### Original TokTok ToxMultiDevice:
* [[ToxMultiDevice]]
### [[SecurityVulnerabilities]]:
* [[UseGroupPasswordThroughAKDF]]
* [[VulnerabilitiesInTheToxOnion]]
* [[DDosSmallNumberOfBSNodes]]
### Network Resilience
* [[ToxNetworkResilience]]
### Security
* [[SecurityVulnerabilities]]:
** [[UseGroupPasswordThroughAKDF]]
** [[VulnerabilitiesInTheToxOnion]]
** [[DDosSmallNumberOfBSNodes]]

41
ToxNetworkResilience.md Normal file

@ -0,0 +1,41 @@
Up: [[Home]]
Tox relies on "bootstrap" nodes to be able to find your Friends. That
list of nodes is quite small, < 100, and you can find it in the file
often called DHTnodes.json. If a country like Iran can block those
nodes, they can block Tox. Whether Tox is encrypted makes no difference
in their ability to block.
Tox works well over [Tor](https://torproject.org/), which should help.
If they can't block Tor, then they can't block Tox over Tor. And Tor
is evolving stratagies to help defeat blocking, like
[snowflake](https://torproject.org/). As Tor evolves its resillience
strategies, Tox over Tor evolves with it. It is *much* harder to block
Tox over Tor than to block services like WhatsApp which relay on
centralized servers, unless the service runs a OnionV3 Tor service
that makes if accesible directly over Tor.
Everyone who wants to help the network be resilient to blocking should
run their clients like [toxic](https://github.com/JFreegman/toxic/)
with the ```-T, --tcp-relay``` if they are not using Tor. Choose a
random port number ```> 10000 < 65000``` for the port.
If you are not running over Tor and are on a stable connection, try it.
Every BSnode operator who wants to help the network be resilient in
places like Iran should run a Tor server that provides the node as an
onionV3 service; see [[ToxAndTorInChina]].
If you run a bootstrap node, you can run a Tor Ononv3 gateway to the
node by simply adding the following lines to your ```torrc```
configuration:
```
# Tox hidden service configuration.
HiddenServiceDir /var/lib/tor/tox-hsv3/
HiddenServicePort 3389 127.0.0.1:3389
HiddenServicePort 3389 127.0.0.1:33446
```
assuming your Tor lib directory os ```/var/lib/tor```. In that subdirectory
you will find a file named ```hostname``` which is the ```.onion``` name
of your node, the Tor equivalent of your ToxId.