prof7bit / torchat Goto Github PK

Can you open a project for translations here?
https://www.transifex.com/

I have created a new branch torchat_py and it is currently identical to master.

If you have any ongoing work or any forks of TorChat based on master please rebase it to torchat_py as soon as possible. The master branch will soon be moved (or removed). The default branch for this repository is now the torchat2 branch, this is also where 99% of development currently happens. Its a complete rewrite from scratch.

The torchat_py branch will continue to exist and also the existing download packages will stay but it will not be the 'master' branch any longer.

1. Just hidden site? Not secure.
   Please consider adding "HiddenServiceAuthorizeClient" setting to torrc.
2. Let user to make/apply self-sign 8192bit SSL certificate.
   I know that Tor-to-Tor packet is already encrypted, but it'll be great
   if I can set something like "[X] Use paranoid SSL"

A<--->TorRelay1<--..-->TorR3<--->B: Tor-to-tor is weaker than below, right?
A<====+========+===========>B: with self-sign long-bit SSL

1. Does the sending/received message/file was encrypted?
2. buddylist file is not encrypted.

i did everything your supposed to but its not starting the application... why?

It's known that, in internet, a proxy server should have a public ip and port, then, clients in internet could access the web with this proxy.
But TOR changed our perception, PC behind firewall should also become a proxy server for internet clients.

It's a pity that TOR is blocked or censored in many coutries, and it's slow.I don't need the security of TOR, What i need is to make my PCs behind firewall to be socks proxy servers for internet clients (without router port mapping...).

Does there exists some open source solutions for my need? Thanks a lot!

Hi.

On some days, a lot of my friends report their TC won't connect. So i figured out it is because the circuit build timeout set in the torrc. After comment it out, TC connects way faster.

Since v0.2.2.32 tor have a Circuit build time learning mechanism that measures and set the timeout automatically. So there's no longer need to set it in the config.

Hey,

I noticed there's a lot of issues and pull requests and the project hast been updated for over a year is this still actively maintained?

Okay, this is going to be a long post.

I wrote a version of TorChat a while ago in Mono and Java, but `things' happened and I stopped both of them. While writing it, I noticed a slight design flaw, in that the user data is left unencrypted. If you're not using a ramdisk or an encrypted volume, the data is easily readable and the hostname/private key is exposed, even if it is deleted.

I am suggesting that:

1. The user data, e.g. settings, profile data, avatar, buddylist, etc gets encrypted into a file using salted aes256+sha256 (or whatever works)
2. The private key and the hostname are also encrypted in the same file

When TorChat is opened by the user, it will ask for the password, and if the decryption is successful, it will load the settings from the unencrypted volume. If it fails, it exits or something.
I have recently submitted a patch to Tor that will allow you to send the hostname/privatekey to Tor over the control socket, located here.

The encryption could also be optional (and stored in plaintext), if someone prefers to use an encrypted volume, etc.

libpurpletorchat doesn't seem to honor the env var "PURPLEHOME" which allows you to have your purple profile somewhere other than %APPDATA%
The user it creates is put in the %APPDATA% directory, not %PURPLEHOME%

Hello Bernd, Hello world (and anybody who would be able to help),

first of all, thank you very much for your brilliant work on TorChat - I really like the idea behind this messenger!

Since a couple of months i'm using TorChat for private and sensitive communication. I am just an ordinary internet-user and not very firm with cryptographic issues. Nevertheless i've read a lot in the last days, trying to go through the documentation and the published issues here on this and on other pages. I'm stuck with a bunch of important questions and i hope you can spare the time to help me out (also in german, if you like).

1. Is it fine to use TorChat at the same time as Tor Browser Bundle? AFAIK, there should then be two instances of tor running and they should'nt have any influence on each other, so traffic would be completely seperated. Is this correct?
2. Why have you stopped to publish checksums/hash values for the uploaded zip-files? I found this very useful to verify the download.
3. If i download and start a fresh copy of Torchat, it always takes a really long time (> 15 min) for my own icon to become green (to get connected). Sometimes it doesn't work at all. But if i shut down Torchat and start it again, it always works and is connected in only a couple of minutes. I assume that this is due to the first initialisation of the hidden service and not a security issue. Correct?
4. In my first days with Torchat, i sometimes had the situation that my own buddy icon remained grey while i got the handshake and after that the green icon for some of my buddies. Is this a bug or malfunction? Do i have to be concerned that my conversation or identity could be revealed or can i be sure that everything is routed through tor/encryption in every possible situation (i have neither changed any settings nor modified files in the tor directory).

And now for some possible attack scenarios:

1. As far as i understand, TorChat uses entry nodes/guards like any other tor service. Assuming that i am connected to a bad entry node under the control of a potential adversary, the attacker would still not be able to see the content of what i am sending/retrieving because everything is end-to-end encrypted. Correct?
2. Concerning the encryption itself: AFAIK Tor hidden services and therefore TorChat uses AES-128 bit to encrypt the message content and RSA-1024 bit for the exchange of the symmetric keys. Is this correct? Lets assume a potential adversary that is sniffing and recording my traffic at ISP level and interested in cracking/decrypting the content. What would be the most plausible attack scenario? Cracking RSA-1024 to obtain the symmetric keys? I read a lot about RSA-1024 and it seems to be not very future-proof (RSA-2048 is recommended at least for sensitive data).

In other words: How easy would it be for an potential advesary at state level to decrypt the content of my TorChat messages with reasonable time/financal effort? Lets assume i want to be safe until at least 2020.

Thank you very much in advance,
Anon

Hi,

I noticed on your old issue tracker https://code.google.com/p/torchat/issues/detail?id=110 there was a request to pgp sign downloads.

Given the nature of this software and the incentive an adversary might have in distributing tampered copies.

If you do decide to sign these downloads using the below key is not recommended:

pub 1024D/3945A21D 2007-10-04 [expires: 2012-12-21]
uid Bernd Kreuss [email protected]
uid Bernd Kreuss [email protected]
uid Bernd Kreuss [email protected]
uid [jpeg image of size 8534]
sub 4096g/68BE2E6D 2007-10-04 [expires: 2012-12-21]

As I believe there's a weakness with 1024 bit DSA keys. http://keyring.debian.org/creating-key.html and http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/

At the time of opening this bug 1024bit DSA keys are no longer the default in GPG (despite what the above link says). Perhaps you'd like to update to a shiny 4096bit RSA/RSA key.

So many major issues with this version. NOT worth it for the retina resolution, because now the text is too small.

It uses way more CPU than it should need, my fan runs like it does when I'm playing high resolution games and my computer starts to overheat, and I've got 16gb of ram on this macbook.

When some people message me, I go offline, why?

Block list DOES NOT WORK. I cannot block people, or remove them from my buddy list, why?

PLEASE FIX

Using libpurpletorchat-2.0-alpha-14 plugin with pidgin on windows 7 x64. Tor debug window opens in command prompt (foreground) when plugin starts.
Pidgin also crashes on exit, but that may be an unrelated issue, I will investigate.

I tried the Pidgin plugin (libpurpletorchat.so in ~/.purple/plugins/ folder) under TAILS (last version 0.12) but Pidgin crashes on launch.

Is there something special to do in order to make it working under TAILS ?

Using TorChat 0.9.9.552 for Windows. Trying to right click someone's name and choose chat or send file doesn't do anything for me. Doubleclicking someone's name or dragging and dropping a file on his name works fine tho. Using right click to chat or send file in version 0.9.9.551 works for me.

I'm not good at bug reporting but I hope this helps. :)

Hi!

When i am trying to add a contact to TorChat in my Pidgin 2.10.7 (libpurple 2.10.7) on Windows 7 ultimate x64 with libpurpletorchat-2.0-alpha-14-Windows-i368 or even libpurpletorchat-2.0-alpha-13-Windows-i368 i get this error:

A buddy with this ID cannot be added

Either this ID contains invalid characters or it is incomplete 
or the ID is already on the list.

and the console debug window says:

фхъ 01 19:56:24.590 [I] profile "torchat": HiddenService name is k6gq******t5x62
фхъ 01 19:56:24.590 [M] Switching accout to "connected", synchronizing buddy lists
фхъ 01 19:56:24.593 [I] adding new buddy dd4kl****p3u54 to purple list
фхъ 01 19:56:24.593 [M] TBuddy.InitiateConnect() (k6gq6*****t5x62) connecting to Tor: 127.0.0.1:11109
фхъ 01 19:56:24.594 [M] TBuddy.InitiateConnect() (dd4kl****lp3u54) connecting to Tor: 127.0.0.1:11109
Dec 01 19:56:25.000 [notice] Heartbeat: Tor's uptime is 0:00 hours, with 6 circuits open. I've sent 0 kB and received 0 kB.
Dec 01 19:56:25.000 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Dec 01 19:56:25.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
фхъ 01 19:56:25.592 [M] <~~~~ dd4kl****p3u54 connected to Tor, sending Socks4a request (msg from thread 2600)
фхъ 01 19:56:25.592 [M] <~~~~ k6gq6****t5x62 connected to Tor, sending Socks4a request (msg from thread 2600)
Dec 01 19:56:26.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Dec 01 19:56:26.000 [notice] Bootstrapped 100%: Done.
фхъ 01 19:56:36.620 [M] <==== connected to (dd4kl*****3u54 outgoing) 1108 (msg from thread 2600)
фхъ 01 19:56:36.621 [M] <---- "ping" to dd4k*****p3u54 data: "k6gq6****zt5x62 {0D0B12A8-03AE-..." (55 bytes)
фхъ 01 19:56:41.054 [M] next connect attempt in 0 seconds
фхъ 01 19:56:41.054 [M] TBuddy.Create() created random cookie: {FC0A7317-6B31-4C7B-91FE-042A5D5248CF}
фхъ 01 19:56:41.054 [M] TBuddy.Destroy()
фхъ 01 19:56:41.055 [M] TBuddy.Destroy()  finished

but i can chat with this account succesfully if he first starts a conversation:

фхъ 01 20:22:25.938 [M] ----> "message" from dd4k*****p3u54 data: "test" (msg from thread 2600)
фхъ 01 20:22:31.966 [M] ----> "status" from dd4klk*****3u54 data: "available" (msg from thread 2600)
фхъ 01 20:22:33.124 [M] <---- "message" to dd4k*****p3u54 data: "see you"

I am behind a proxy and need to inform torchat to use the proxy to get onto the Internet.

I have tried adding this line to \bin\Tor\torrc.txt:

Socks5Proxy myproxy.example.com:8080

This works with "normal" Tor, but so far I haven't managed to connect with torchat
(At least 15 minutes has elapsed, with no apparent connection)

Any suggestions?

I see under TorChat settings the sock port is 9050 but Tor has Change the sock port since months to 9150. Is that a problem for my Anonymity?

This site has not been maintained for a long time now. Consequently, as of this date there are now very many thousands of dead Torchat for Windows installs. Here is why and how to fix that problem.

1. Torchat runs over the Tor network, without a working Tor network connection, Torchat is dead
2. The Tor binary in the Windows version of Torchat now dowloaded from this site is fatally outdated, so Torchat cannot connect to the Tor network.
3. The solution is to go to https://www.torproject.org/download/download.html.en and download the latest Torbrowser for your version of Windows and then:-

(a) Install it where convenient

(b) Find the file tor.exe in the Torbrowser installation, eg, C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe --your location may vary depending on where you installed it and which install folder name you used.

(c) Copy that tor.exe file to the correct location of your torchat's existing tor.exe file, eg: ** C:\torchat\bin\Tor\ Windows should then ask you if you want to overwrite your old tor.exe; say YES. **If your torchat install folder is located somewhere other than C:\torchat, say on a USB stick, adjust the drive letter and folder location accordingly to wherever your torchat is installed, eg, F:\Doris\torchat\tor\

Users of the Mac fork of Torchat have a similar problem as that install also contains a tor executable in its installation. It is remedied using the same general principles described above.

Linux installs of torchat should not have this problem as they use their Linux system's Tor which users should cause to be upgraded automatically using the Torproject's own repositories. See the Torproject's site for detail: Tor repositories. https://www.torproject.org/download/download-unix.html.en

It tries to copy tor.sh unconditionally to the user's .torchat/Tor directory, so dies if you delete tor.sh in the source/distribution directrory or copies it over again if you delete it i nthe user's directrory.

So the instructions on how to make it use your already running tor, and the [tor] section of config, seem to be out of date or the mode is no longer implemented or something?

This affects Windoze users only!

The current tor binary refuses to connect to outdated tor binaries. This leads to Windoze users see their Linux buddies as blue marbles only, never coming on. And Linux users don't see their Windoze buddies anymore.

Here is an easy to follow step by step upgrade guide.

Bernd, can you please review and confirm that it's ok like that? Maybe, it's a good idea to put it on GitHub/TorChat landing page if you're not able to keep the windoze zip current. (No offence)

1. Close TorChat
2. Download the offical Tor Browser Bundle from Tor Project
3. Extract Tor Browser Bundle to: c:\
4. Copy: C:\Tor Browser\Tor\tor.exe to c:\TorChat\bin\Tor\
5. Copy: C:\Tor Browser\Tor\libeay32.dll to c:\TorChat\bin\Tor\
6. Copy: C:\Tor Browser\Tor\libevent-2-0-5.dll to c:\TorChat\bin\Tor\
7. Copy: C:\Tor Browser\Tor\libssp-0.dll to c:\TorChat\bin\Tor\
8. Copy: C:\Tor Browser\Tor\ssleay32.dll to c:\TorChat\bin\Tor\
9. Copy: C:\Tor Browser\Tor\zlib1.dll to c:\TorChat\bin\Tor\
10. Start TorChat: c:\TorChat\bin\torchat.exe

Best practice for Windoze users should be to follow this guide every time, a new TorBrowserBundle comes out!

Regards

I know the purple plugin is alpha at the moment, but it would be really useful if it was possible to specify the path to the tor executable in the settings for the plugin.

The "Vidalia bundle" (which I think is a fairly common way to obtain Tor) does not put Tor.exe in \Program Files\Tor\ , but in \Program Files\Vidalia Bundle\Tor\

Every time I open torchat it opens up with only the top bar showing and i have to drag the bottom of the title bar to show my contacts. Is there a way to fix this? It seems to do this most of the time though there are some times it opens with buddy list showing. How do i insure it always opens with at least some of the buddy list showing?

The Tor Project is pursuing a GSoc Project to create APAF, Anonymous Python Application Project.

The Goal of Apaf is to allow Python developers to easily build-up applications including Tor, using TorHS, on Windows, Mac OS X, Linux and possible in future also Android and iOS .

The project is currently developed at http://github.com/mmaker/APAF with cooperation by GlobaLeaks Project, that is one of the application that will use APAF to build it's cross-platform client.

This ticket is to provide/propose the integration of TorChat with the upcoming (to be released) APAF rather than with it's own custom build-system.

That way the effort to create a secure and scalable cross-platform build environment for Desktop applications using and including Tor can be focused in one single place.

As you can see https://github.com/mmaker/APAF/issues?state=open the goal of APAF is also to provide all the native platform UI elements that can facilitate the development of secure, anonymous desktop application from a python developer perspective.

Currently APAF is in "alpha" stage, but it maybe valuable the effort from TorChat project to join APAF and attempt to work with APAF to move TorChat on it's basis.

That way it's possible to clearly separate the effort/code that need to be "generalized" and made available to all APAF developers from the TorChat one, improving the ability to create an ecosystem of anonymous Desktop Application.

I cloned the project and ran "make all", and got this error message:

purpletorchat.lpr(23,4) Fatal: User defined: *** You need Free Pascal Compiler version 2.6.0 or higher ***

I'm not sure how to get version 2.6. I got fpc in the first place by running:

sudo apt-get install fp-compiler-2.4.4

I tried the obvious, changing 2.4.4 to 2.6.0, but that didn't work.

Any suggestions?

Thanks,
Patrick

It would be cool if support for telepathy/empathy could be added. I don't think it is too difficult, however documentation appears to be sparse. Reading through this bug report it looks like a profile and manager file need to be created;

~/.local/share/telepathy/managers/haze.manager
~/.local/share/mission-control/profiles/torchat.profile

Hello, I sent you an email but I guess I'm gonna open an issue because I'm not sure you're gonna read it, at least here the discussion will be public and other parties will be able to join into it.

I'm the author of ruby-torchat and I'm trying to get other implementors to work together nicely by moving to an extension driven protocol and documenting/designing extensions together.

Right now I'm only in contact with the jTorchat folks and without getting in touch with you too everything would be useless because you could end up adding parts to the protocol that we already implemented as extensions and with our design and we'd end up having to do ugly stuff to stay compatible.

I documented the standard protocol and two extensions and you can find the docs here.

You don't really have to change anything right now in your protocol implementation to fit with that stuff, all I'm asking is to not start adding new packets to the protocol natively but doing it as extensions and maybe getting in touch with the other implementors to see if we already have designed something or are already working on it.

from a root terminal

yum install -y tor glibc-devel fpc tor pidgin gitt

Then use git to download the repository, inside the src package run make. The compiled .so will be in the bin library. Copy it to the directory

/home/yourusername/.purple/plugins

creatign that directory if it does not exist

Currently, when you're chatting with five or six people and doing a few other things, switching between windows can be frustrating due to the fact that the TorChat address of your chat partner is listed BEFORE the nickname you give them. It would be much more useful to list the nickname first because then you'd be able to see the nicknames on taskbar instead of having to guess who is who.

I'll give a quick overview on Tails. Tails is a special OS, made for live usage (booting from a CD or USB). All internet connections make use of Tor. Its a completely torified OS, a modified version of Debian.
More info: https://tails.boum.org/index.en.html

Anyways, I've been trying to get torchat working with Tails, but it doesn't co-operate with me. Have any tips on getting it to work?

I think it would be good to add in libpurple-torchat possibility to force connect to selected user without waiting, because sometime this time is very long.

==> torchatlogs/plugin.log <==
Dec 18 23:25:02.121 [M] <~/~~ (?P<username>.+) Socks4a connection failed: 91 (msg from thread xxx)
Dec 18 23:25:02.123 [M] (?P=username) next connect attempt in 582.[0-9]+ seconds (msg from thread xxx)

If is it hard add new options in GUI you can add it silently in "Get info" menu. I think it is good to add also in this window silently automatic ping (#11).

For example about "Get info" menu:

• Gadu-Gadu (build-in Pidgin protocol) when I select ”Get info" Pidgin retrieving data from user directory Gad-Gadu network.
• IRC network (build-in Pidgin protocol) show parsed data from IRC received by command /whois

Not sure if it's torchat2 related or pidgin plugin related.

If I set filetransfer for the tc-account to auto accept (as legacy torchat ever did), next occuring transfer crashes whole pidgin.

last tested on wheezy 64bit

Torchat runs it's own tor instance.
How can i configure Torchat to work with already installed Tor Browser Bundle?

Hi,

the site tells TorChat2 is the new product, looking at code changes I think TorChat is the one who is developed more activly.

What are the plans?

I'm about to implement TorChat notifications for one of my applications, is it still a good idea to use tc_client.py for that? This would fit perfectly as my app is Python too :)

Thanks in advance!
king regards,
KgBC

It's not possible to close 'Edit contact' windows using the mouse, Alt+F4, Esc or close button.
And when this happens TorChat can't be closed using Quit button in tray icon.

torchat 0.9.9.553
python 2.7.6
wxpython 3.0

(sorry for my english)

I have many problems with torchat normal. My internet connection crashes when running the torchat. So, I install the pidgin and torchat pidgin plugin and its works. And now, I wanna make a tor+pidgin+torchatplugin bundle without installer. How can i do that ? pidgin torchat plugin connects to tor with C:\Program Files (x86)\Vidalia Bundle\Tor path. But it should connect to tor with CURRENTPATH\Tor path.

Thanks for answers.

Generate encryption keys
Send public key to buddyes
(bad eng D:)

Hi,
I've an issue with TorChat (torchat-0.9.9.553) on Ubuntu 14.04.
I try to lauch, but I've this error :

Something, probably another TorChat instance, is already listening at 127.0.0.1:11009. You must create another profile using different ports to be able to start TorChat a second time.

It seems there's the port in already in use (with sh), indeed, see below :

tcp 0 0 127.0.0.1:11009 0.0.0.0:* LISTEN 1000 4674630 31143/sh
tcp 0 0 127.0.0.1:11109 0.0.0.0:* LISTEN 1000 4674635 31145/tor

How can I fix this please ?

Thanks
Regards.

Ive been trying for days to get torchat to work. it just refuses to work

May 18 12:36:36.000 [warn] We don't have a consensus, so we can't perform v2 rendezvous operations.
May 18 12:36:36.000 [warn] We don't have a consensus, so we can't perform v2 rendezvous operations.
May 18 12:36:36.000 [notice] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later).

This is the terminal output which i know is tor, tor is working as i use it for web browsing. Starting tor on its own successfull connects to the tor network, but torchat starting tor fails. Ive looked in the config and cant find any diifference appart from the hidden service, which seems to be configured correctly.

I tried to run torchat by unziping the tarball, and execute the torchat.py with the following output:
(0) [tc_client,2092,startPortableTor] very strange: portable tor started but hostname could not be read (0) [tc_client,2093,startPortableTor] will use section [tor] and not [tor_portable]
I get a dialog but nothing else, the buddies still offline and I dont get a torID (should be autogenerated but it doesnt). I also dont find a setup manual or README, where is the documentation on this project?

$ qutim
...
"/usr/lib64/qutim/plugins/libpurpletorchat.so" has no valid verification data

I use a TorChat through Pidgin plugin. I sometimes need to reinstall OS(Linux/Ubuntu). Can I backup my ID and other user data(contact list etc.) for further use?
Thx.

In Linux the terminal doesn't show, yet it does in the Windows TorChat version. I understand this, although I was researching on ways to hide a command prompt, and apparently it might be possible (though I haven't tested this out).

It looks like the use of a "START" command is supposed to run processes in the background, akin to Linux "command &". Might make things slightly nicer in Windows since there will be no command prompt visible. :)

From what I can see, something like START /B program

References:
http://superuser.com/questions/198525/how-can-i-execute-a-windows-command-line-in-background
http://www.tomshardware.com/forum/34598-45-windows-command-background-unix (checkout the /b toggle comment)
http://www.computerhope.com/starthlp.htm

Hi,

I am adrelanos, Whonix is my project, an anonymous general purpose operating system.
http://whonix.sourceforge.net/

It runs on two (virtual) machines. One acts as a gateway and one as a workstation. The gateway runs Tor and the firewall, has two network cards, one for communicating with the internet and one solely for communicating with the worksation on an isolated network. The workstation can only access external servers through Tor. The setup fails closed and non-Tor traffic leaks are impossible.

Because Tor is already installed but runs on another machine, TorChat would have to use a preconfigured hidden service.

Hidden services run fine in Whonix, which is a transparent / isolating proxy. Here is a configuration example:
https://sourceforge.net/p/whonix/wiki/OptionalConfigurations/#hosting-hidden-services
https://github.com/adrelanos/Whonix/blob/master/whonix_workstation/usr/local/bin/hiddenserver-install

Cheers,
adrelanos

All my messages say [delayed], including to myself. What does this mean exactly? I find many hits on google about this but cannot find a solution/explanation. Perhaps it would be helpful to add a more descriptive error message or explain this common issue in the readme?

https://gist.github.com/b4zz4/29758f06aecd0562ed0c

Please add a feature to hide windows with hot-key (preferably customizable)

Hello, I'm a Linux user who's trying to get Torchat to work. The Linux distro I use, Puppy Linux, doesn't have a very full package management system, and this makes installing Torchat more difficult.

I was wondering if it would be possible to release a standalone Linux package - one that includes everything but standard system libraries and Python itself. It would be much appreciated.

Thanks in advance,
~James

This would be nice.

I think it is also nice if email clients can display it aswel, by having a local POP/SMTP server. That way the user doesnt at all need to change his workflow to use it, just install, make it run, and point the email client at it.

It could be transferred the following ways:

1. If receiver(R) is online, just send the data.
2. In trusting E, give: {R adress, encrypt(S→R,data)}, and send to E, who then knows who you talk to, but not what you said.
3. In not trusting E,F, but willing to assume they are not co-operating, then give E: {F adress, encrypt(S→F,{R adress,encrypt(S→R,data)})}
   AFAICT it is 'tor on tor'. (wait, can F infer from encrypted data that it is S→R encrypted?)

Programs could have different policies. 1. always makes sense. If have a trusted guy run a server for you somewhere, or just trusted friends, you can use 2. (of course even trusted friends might not have secure setups! Otherwise use 3. You might start circuits as soon as the message is made or just before closing the program. E doesnt need to know if the case is 2 or 3, or in which step he is.

However, it isnt sigil proof? Many accounts → better shot at being both E and F. The adress list could help, for any somewhat vigilent user. (dont know enough about tor itself, they have to worry about the same problem)