prof7bit / torchat Goto Github PK
View Code? Open in Web Editor NEWDecentralized anonymous instant messenger on top of Tor Hidden Services
Decentralized anonymous instant messenger on top of Tor Hidden Services
Can you open a project for translations here?
https://www.transifex.com/
I have created a new branch torchat_py and it is currently identical to master.
If you have any ongoing work or any forks of TorChat based on master please rebase it to torchat_py as soon as possible. The master branch will soon be moved (or removed). The default branch for this repository is now the torchat2 branch, this is also where 99% of development currently happens. Its a complete rewrite from scratch.
The torchat_py branch will continue to exist and also the existing download packages will stay but it will not be the 'master' branch any longer.
A<--->TorRelay1<--..-->TorR3<--->B: Tor-to-tor is weaker than below, right?
A<====+========+===========>B: with self-sign long-bit SSL
i did everything your supposed to but its not starting the application... why?
It's known that, in internet, a proxy server should have a public ip and port, then, clients in internet could access the web with this proxy.
But TOR changed our perception, PC behind firewall should also become a proxy server for internet clients.
It's a pity that TOR is blocked or censored in many coutries, and it's slow.I don't need the security of TOR, What i need is to make my PCs behind firewall to be socks proxy servers for internet clients (without router port mapping...).
Does there exists some open source solutions for my need? Thanks a lot!
Hi.
On some days, a lot of my friends report their TC won't connect. So i figured out it is because the circuit build timeout set in the torrc. After comment it out, TC connects way faster.
Since v0.2.2.32 tor have a Circuit build time learning mechanism that measures and set the timeout automatically. So there's no longer need to set it in the config.
Hey,
I noticed there's a lot of issues and pull requests and the project hast been updated for over a year is this still actively maintained?
Okay, this is going to be a long post.
I wrote a version of TorChat a while ago in Mono and Java, but `things' happened and I stopped both of them. While writing it, I noticed a slight design flaw, in that the user data is left unencrypted. If you're not using a ramdisk or an encrypted volume, the data is easily readable and the hostname/private key is exposed, even if it is deleted.
I am suggesting that:
When TorChat is opened by the user, it will ask for the password, and if the decryption is successful, it will load the settings from the unencrypted volume. If it fails, it exits or something.
I have recently submitted a patch to Tor that will allow you to send the hostname/privatekey to Tor over the control socket, located here.
The encryption could also be optional (and stored in plaintext), if someone prefers to use an encrypted volume, etc.
libpurpletorchat doesn't seem to honor the env var "PURPLEHOME" which allows you to have your purple profile somewhere other than %APPDATA%
The user it creates is put in the %APPDATA% directory, not %PURPLEHOME%
Hello Bernd, Hello world (and anybody who would be able to help),
first of all, thank you very much for your brilliant work on TorChat - I really like the idea behind this messenger!
Since a couple of months i'm using TorChat for private and sensitive communication. I am just an ordinary internet-user and not very firm with cryptographic issues. Nevertheless i've read a lot in the last days, trying to go through the documentation and the published issues here on this and on other pages. I'm stuck with a bunch of important questions and i hope you can spare the time to help me out (also in german, if you like).
And now for some possible attack scenarios:
In other words: How easy would it be for an potential advesary at state level to decrypt the content of my TorChat messages with reasonable time/financal effort? Lets assume i want to be safe until at least 2020.
Thank you very much in advance,
Anon
Hi,
I noticed on your old issue tracker https://code.google.com/p/torchat/issues/detail?id=110 there was a request to pgp sign downloads.
Given the nature of this software and the incentive an adversary might have in distributing tampered copies.
If you do decide to sign these downloads using the below key is not recommended:
pub 1024D/3945A21D 2007-10-04 [expires: 2012-12-21]
uid Bernd Kreuss [email protected]
uid Bernd Kreuss [email protected]
uid Bernd Kreuss [email protected]
uid [jpeg image of size 8534]
sub 4096g/68BE2E6D 2007-10-04 [expires: 2012-12-21]
As I believe there's a weakness with 1024 bit DSA keys. http://keyring.debian.org/creating-key.html and http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/
At the time of opening this bug 1024bit DSA keys are no longer the default in GPG (despite what the above link says). Perhaps you'd like to update to a shiny 4096bit RSA/RSA key.
So many major issues with this version. NOT worth it for the retina resolution, because now the text is too small.
It uses way more CPU than it should need, my fan runs like it does when I'm playing high resolution games and my computer starts to overheat, and I've got 16gb of ram on this macbook.
When some people message me, I go offline, why?
Block list DOES NOT WORK. I cannot block people, or remove them from my buddy list, why?
PLEASE FIX
Using libpurpletorchat-2.0-alpha-14 plugin with pidgin on windows 7 x64. Tor debug window opens in command prompt (foreground) when plugin starts.
Pidgin also crashes on exit, but that may be an unrelated issue, I will investigate.
I tried the Pidgin plugin (libpurpletorchat.so in ~/.purple/plugins/ folder) under TAILS (last version 0.12) but Pidgin crashes on launch.
Is there something special to do in order to make it working under TAILS ?
Using TorChat 0.9.9.552 for Windows. Trying to right click someone's name and choose chat or send file doesn't do anything for me. Doubleclicking someone's name or dragging and dropping a file on his name works fine tho. Using right click to chat or send file in version 0.9.9.551 works for me.
I'm not good at bug reporting but I hope this helps. :)
Hi!
When i am trying to add a contact to TorChat in my Pidgin 2.10.7 (libpurple 2.10.7) on Windows 7 ultimate x64 with libpurpletorchat-2.0-alpha-14-Windows-i368 or even libpurpletorchat-2.0-alpha-13-Windows-i368 i get this error:
A buddy with this ID cannot be added
Either this ID contains invalid characters or it is incomplete
or the ID is already on the list.
and the console debug window says:
фхъ 01 19:56:24.590 [I] profile "torchat": HiddenService name is k6gq******t5x62
фхъ 01 19:56:24.590 [M] Switching accout to "connected", synchronizing buddy lists
фхъ 01 19:56:24.593 [I] adding new buddy dd4kl****p3u54 to purple list
фхъ 01 19:56:24.593 [M] TBuddy.InitiateConnect() (k6gq6*****t5x62) connecting to Tor: 127.0.0.1:11109
фхъ 01 19:56:24.594 [M] TBuddy.InitiateConnect() (dd4kl****lp3u54) connecting to Tor: 127.0.0.1:11109
Dec 01 19:56:25.000 [notice] Heartbeat: Tor's uptime is 0:00 hours, with 6 circuits open. I've sent 0 kB and received 0 kB.
Dec 01 19:56:25.000 [notice] Bootstrapped 85%: Finishing handshake with first hop.
Dec 01 19:56:25.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
фхъ 01 19:56:25.592 [M] <~~~~ dd4kl****p3u54 connected to Tor, sending Socks4a request (msg from thread 2600)
фхъ 01 19:56:25.592 [M] <~~~~ k6gq6****t5x62 connected to Tor, sending Socks4a request (msg from thread 2600)
Dec 01 19:56:26.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Dec 01 19:56:26.000 [notice] Bootstrapped 100%: Done.
фхъ 01 19:56:36.620 [M] <==== connected to (dd4kl*****3u54 outgoing) 1108 (msg from thread 2600)
фхъ 01 19:56:36.621 [M] <---- "ping" to dd4k*****p3u54 data: "k6gq6****zt5x62 {0D0B12A8-03AE-..." (55 bytes)
фхъ 01 19:56:41.054 [M] next connect attempt in 0 seconds
фхъ 01 19:56:41.054 [M] TBuddy.Create() created random cookie: {FC0A7317-6B31-4C7B-91FE-042A5D5248CF}
фхъ 01 19:56:41.054 [M] TBuddy.Destroy()
фхъ 01 19:56:41.055 [M] TBuddy.Destroy() finished
but i can chat with this account succesfully if he first starts a conversation:
фхъ 01 20:22:25.938 [M] ----> "message" from dd4k*****p3u54 data: "test" (msg from thread 2600)
фхъ 01 20:22:31.966 [M] ----> "status" from dd4klk*****3u54 data: "available" (msg from thread 2600)
фхъ 01 20:22:33.124 [M] <---- "message" to dd4k*****p3u54 data: "see you"
I am behind a proxy and need to inform torchat to use the proxy to get onto the Internet.
I have tried adding this line to \bin\Tor\torrc.txt:
Socks5Proxy myproxy.example.com:8080
This works with "normal" Tor, but so far I haven't managed to connect with torchat
(At least 15 minutes has elapsed, with no apparent connection)
Any suggestions?
I see under TorChat settings the sock port is 9050 but Tor has Change the sock port since months to 9150. Is that a problem for my Anonymity?
This site has not been maintained for a long time now. Consequently, as of this date there are now very many thousands of dead Torchat for Windows installs. Here is why and how to fix that problem.
(a) Install it where convenient
(b) Find the file tor.exe in the Torbrowser installation, eg, C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe --your location may vary depending on where you installed it and which install folder name you used.
(c) Copy that tor.exe file to the correct location of your torchat's existing tor.exe file, eg: ** C:\torchat\bin\Tor\ Windows should then ask you if you want to overwrite your old tor.exe; say YES. **If your torchat install folder is located somewhere other than C:\torchat, say on a USB stick, adjust the drive letter and folder location accordingly to wherever your torchat is installed, eg, F:\Doris\torchat\tor\
Users of the Mac fork of Torchat have a similar problem as that install also contains a tor executable in its installation. It is remedied using the same general principles described above.
Linux installs of torchat should not have this problem as they use their Linux system's Tor which users should cause to be upgraded automatically using the Torproject's own repositories. See the Torproject's site for detail: Tor repositories. https://www.torproject.org/download/download-unix.html.en
It tries to copy tor.sh unconditionally to the user's .torchat/Tor directory, so dies if you delete tor.sh in the source/distribution directrory or copies it over again if you delete it i nthe user's directrory.
So the instructions on how to make it use your already running tor, and the [tor] section of config, seem to be out of date or the mode is no longer implemented or something?
This affects Windoze users only!
The current tor binary refuses to connect to outdated tor binaries. This leads to Windoze users see their Linux buddies as blue marbles only, never coming on. And Linux users don't see their Windoze buddies anymore.
Here is an easy to follow step by step upgrade guide.
Bernd, can you please review and confirm that it's ok like that? Maybe, it's a good idea to put it on GitHub/TorChat landing page if you're not able to keep the windoze zip current. (No offence)
Best practice for Windoze users should be to follow this guide every time, a new TorBrowserBundle comes out!
Regards
I know the purple plugin is alpha at the moment, but it would be really useful if it was possible to specify the path to the tor executable in the settings for the plugin.
The "Vidalia bundle" (which I think is a fairly common way to obtain Tor) does not put Tor.exe in \Program Files\Tor\ , but in \Program Files\Vidalia Bundle\Tor\
Every time I open torchat it opens up with only the top bar showing and i have to drag the bottom of the title bar to show my contacts. Is there a way to fix this? It seems to do this most of the time though there are some times it opens with buddy list showing. How do i insure it always opens with at least some of the buddy list showing?
The Tor Project is pursuing a GSoc Project to create APAF, Anonymous Python Application Project.
The Goal of Apaf is to allow Python developers to easily build-up applications including Tor, using TorHS, on Windows, Mac OS X, Linux and possible in future also Android and iOS .
The project is currently developed at http://github.com/mmaker/APAF with cooperation by GlobaLeaks Project, that is one of the application that will use APAF to build it's cross-platform client.
This ticket is to provide/propose the integration of TorChat with the upcoming (to be released) APAF rather than with it's own custom build-system.
That way the effort to create a secure and scalable cross-platform build environment for Desktop applications using and including Tor can be focused in one single place.
As you can see https://github.com/mmaker/APAF/issues?state=open the goal of APAF is also to provide all the native platform UI elements that can facilitate the development of secure, anonymous desktop application from a python developer perspective.
Currently APAF is in "alpha" stage, but it maybe valuable the effort from TorChat project to join APAF and attempt to work with APAF to move TorChat on it's basis.
That way it's possible to clearly separate the effort/code that need to be "generalized" and made available to all APAF developers from the TorChat one, improving the ability to create an ecosystem of anonymous Desktop Application.
I cloned the project and ran "make all", and got this error message:
purpletorchat.lpr(23,4) Fatal: User defined: *** You need Free Pascal Compiler version 2.6.0 or higher ***
I'm not sure how to get version 2.6. I got fpc in the first place by running:
sudo apt-get install fp-compiler-2.4.4
I tried the obvious, changing 2.4.4 to 2.6.0, but that didn't work.
Any suggestions?
Thanks,
Patrick
It would be cool if support for telepathy/empathy could be added. I don't think it is too difficult, however documentation appears to be sparse. Reading through this bug report it looks like a profile and manager file need to be created;
~/.local/share/telepathy/managers/haze.manager
~/.local/share/mission-control/profiles/torchat.profile
Hello, I sent you an email but I guess I'm gonna open an issue because I'm not sure you're gonna read it, at least here the discussion will be public and other parties will be able to join into it.
I'm the author of ruby-torchat and I'm trying to get other implementors to work together nicely by moving to an extension driven protocol and documenting/designing extensions together.
Right now I'm only in contact with the jTorchat folks and without getting in touch with you too everything would be useless because you could end up adding parts to the protocol that we already implemented as extensions and with our design and we'd end up having to do ugly stuff to stay compatible.
I documented the standard protocol and two extensions and you can find the docs here.
You don't really have to change anything right now in your protocol implementation to fit with that stuff, all I'm asking is to not start adding new packets to the protocol natively but doing it as extensions and maybe getting in touch with the other implementors to see if we already have designed something or are already working on it.
from a root terminal
yum install -y tor glibc-devel fpc tor pidgin gitt
Then use git to download the repository, inside the src package run make. The compiled .so will be in the bin library. Copy it to the directory
/home/yourusername/.purple/plugins
creatign that directory if it does not exist
Currently, when you're chatting with five or six people and doing a few other things, switching between windows can be frustrating due to the fact that the TorChat address of your chat partner is listed BEFORE the nickname you give them. It would be much more useful to list the nickname first because then you'd be able to see the nicknames on taskbar instead of having to guess who is who.
I'll give a quick overview on Tails. Tails is a special OS, made for live usage (booting from a CD or USB). All internet connections make use of Tor. Its a completely torified OS, a modified version of Debian.
More info: https://tails.boum.org/index.en.html
Anyways, I've been trying to get torchat working with Tails, but it doesn't co-operate with me. Have any tips on getting it to work?
I think it would be good to add in libpurple-torchat possibility to force connect to selected user without waiting, because sometime this time is very long.
==> torchatlogs/plugin.log <==
Dec 18 23:25:02.121 [M] <~/~~ (?P<username>.+) Socks4a connection failed: 91 (msg from thread xxx)
Dec 18 23:25:02.123 [M] (?P=username) next connect attempt in 582.[0-9]+ seconds (msg from thread xxx)
If is it hard add new options in GUI you can add it silently in "Get info" menu. I think it is good to add also in this window silently automatic ping (#11).
For example about "Get info" menu:
Not sure if it's torchat2 related or pidgin plugin related.
If I set filetransfer for the tc-account to auto accept (as legacy torchat ever did), next occuring transfer crashes whole pidgin.
last tested on wheezy 64bit
Torchat runs it's own tor instance.
How can i configure Torchat to work with already installed Tor Browser Bundle?
Hi,
the site tells TorChat2 is the new product, looking at code changes I think TorChat is the one who is developed more activly.
What are the plans?
I'm about to implement TorChat notifications for one of my applications, is it still a good idea to use tc_client.py for that? This would fit perfectly as my app is Python too :)
Thanks in advance!
king regards,
KgBC
It's not possible to close 'Edit contact' windows using the mouse, Alt+F4, Esc or close button.
And when this happens TorChat can't be closed using Quit button in tray icon.
torchat 0.9.9.553
python 2.7.6
wxpython 3.0
(sorry for my english)
I have many problems with torchat normal. My internet connection crashes when running the torchat. So, I install the pidgin and torchat pidgin plugin and its works. And now, I wanna make a tor+pidgin+torchatplugin bundle without installer. How can i do that ? pidgin torchat plugin connects to tor with C:\Program Files (x86)\Vidalia Bundle\Tor path. But it should connect to tor with CURRENTPATH\Tor path.
Thanks for answers.
Generate encryption keys
Send public key to buddyes
(bad eng D:)
Hi,
I've an issue with TorChat (torchat-0.9.9.553) on Ubuntu 14.04.
I try to lauch, but I've this error :
Something, probably another TorChat instance, is already listening at 127.0.0.1:11009. You must create another profile using different ports to be able to start TorChat a second time.
It seems there's the port in already in use (with sh), indeed, see below :
tcp 0 0 127.0.0.1:11009 0.0.0.0:* LISTEN 1000 4674630 31143/sh
tcp 0 0 127.0.0.1:11109 0.0.0.0:* LISTEN 1000 4674635 31145/tor
How can I fix this please ?
Thanks
Regards.
Ive been trying for days to get torchat to work. it just refuses to work
May 18 12:36:36.000 [warn] We don't have a consensus, so we can't perform v2 rendezvous operations.
May 18 12:36:36.000 [warn] We don't have a consensus, so we can't perform v2 rendezvous operations.
May 18 12:36:36.000 [notice] Closing stream for '[scrubbed].onion': hidden service is unavailable (try again later).
This is the terminal output which i know is tor, tor is working as i use it for web browsing. Starting tor on its own successfull connects to the tor network, but torchat starting tor fails. Ive looked in the config and cant find any diifference appart from the hidden service, which seems to be configured correctly.
I tried to run torchat by unziping the tarball, and execute the torchat.py with the following output:
(0) [tc_client,2092,startPortableTor] very strange: portable tor started but hostname could not be read (0) [tc_client,2093,startPortableTor] will use section [tor] and not [tor_portable]
I get a dialog but nothing else, the buddies still offline and I dont get a torID (should be autogenerated but it doesnt). I also dont find a setup manual or README, where is the documentation on this project?
$ qutim
...
"/usr/lib64/qutim/plugins/libpurpletorchat.so" has no valid verification data
I use a TorChat through Pidgin plugin. I sometimes need to reinstall OS(Linux/Ubuntu). Can I backup my ID and other user data(contact list etc.) for further use?
Thx.
In Linux the terminal doesn't show, yet it does in the Windows TorChat version. I understand this, although I was researching on ways to hide a command prompt, and apparently it might be possible (though I haven't tested this out).
It looks like the use of a "START" command is supposed to run processes in the background, akin to Linux "command &". Might make things slightly nicer in Windows since there will be no command prompt visible. :)
From what I can see, something like START /B program
References:
http://superuser.com/questions/198525/how-can-i-execute-a-windows-command-line-in-background
http://www.tomshardware.com/forum/34598-45-windows-command-background-unix (checkout the /b toggle comment)
http://www.computerhope.com/starthlp.htm
Hi,
I am adrelanos, Whonix is my project, an anonymous general purpose operating system.
http://whonix.sourceforge.net/
It runs on two (virtual) machines. One acts as a gateway and one as a workstation. The gateway runs Tor and the firewall, has two network cards, one for communicating with the internet and one solely for communicating with the worksation on an isolated network. The workstation can only access external servers through Tor. The setup fails closed and non-Tor traffic leaks are impossible.
Because Tor is already installed but runs on another machine, TorChat would have to use a preconfigured hidden service.
Hidden services run fine in Whonix, which is a transparent / isolating proxy. Here is a configuration example:
https://sourceforge.net/p/whonix/wiki/OptionalConfigurations/#hosting-hidden-services
https://github.com/adrelanos/Whonix/blob/master/whonix_workstation/usr/local/bin/hiddenserver-install
Cheers,
adrelanos
All my messages say [delayed], including to myself. What does this mean exactly? I find many hits on google about this but cannot find a solution/explanation. Perhaps it would be helpful to add a more descriptive error message or explain this common issue in the readme?
Please add a feature to hide windows with hot-key (preferably customizable)
Hello, I'm a Linux user who's trying to get Torchat to work. The Linux distro I use, Puppy Linux, doesn't have a very full package management system, and this makes installing Torchat more difficult.
I was wondering if it would be possible to release a standalone Linux package - one that includes everything but standard system libraries and Python itself. It would be much appreciated.
Thanks in advance,
~James
This would be nice.
I think it is also nice if email clients can display it aswel, by having a local POP/SMTP server. That way the user doesnt at all need to change his workflow to use it, just install, make it run, and point the email client at it.
It could be transferred the following ways:
R
) is online, just send the data.E
, give: {R adress, encrypt(S→R,data)}
, and send to E
, who then knows who you talk to, but not what you said.E
,F
, but willing to assume they are not co-operating, then give E
: {F adress, encrypt(S→F,{R adress,encrypt(S→R,data)})}
F
infer from encrypted data that it is S→R
encrypted?)Programs could have different policies. 1. always makes sense. If have a trusted guy run a server for you somewhere, or just trusted friends, you can use 2. (of course even trusted friends might not have secure setups! Otherwise use 3. You might start circuits as soon as the message is made or just before closing the program. E
doesnt need to know if the case is 2 or 3, or in which step he is.
However, it isnt sigil proof? Many accounts → better shot at being both E
and F
. The adress list could help, for any somewhat vigilent user. (dont know enough about tor itself, they have to worry about the same problem)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.