I'm a bit confused because the whole concept of Tox is p2p which connects directly to the other person. How is it possible to run Tox over Tor then? Does it help in order to "hide" your IP?
Mattel88
All 20 comments
My understanding is that Tox doesn't register onion addresses. Instead, it keeps the TCP connection to some of the seed hosts, and gets notifications and calls this way. 2 Tox instances in the tor VMs can connect to each other using the seed host as a proxy. Without the onion addresses there is no way to connect directly.
Practically speaking though, I am not convinced Tox doesn't leak your IP address when the proxy is used. I saw somebody claiming it leaks IP.
yurivict
on 9 Feb 2017
If it leaks the IP address even using Tor it is not a solution for me.
Mattel88
on 9 Feb 2017
I saw somebody claiming it leaks IP.
Yes, internet is full of people who don't know what they're talking about.
zetok
on 9 Feb 2017
Yes, internet is full of people who don't know what they're talking about.
So I do not have to worry? Well I'm still a noob and wanted to ask. :)
Mattel88
on 9 Feb 2017
@Mattel88 If you want to be 100% sure, like with all other networking software, you should run Tox from the virtual machine connected to Tor. This minimizes the exposure to any potential bugs of this nature. Install Whonix on top of VirtualBox - this will do the trick. Tox works fine this way, even though without using onion addresses it often has to use the third host, which is inefficient.
yurivict
on 9 Feb 2017
I just did a simple experiment. With 'Enable UDP'=off, 'Proxy type'=SOCKS5, 'Proxy address'=localhost I looked at system calls it makes, and found this:
73692: socket(PF_INET,SOCK_DGRAM|SOCK_CLOEXEC,17) = 38 (0x26)
73692: connect(38,{ AF_INET 104.156.104.15:1 },16) = 0 (0x0)
This is the UDP socket for the clearnet IP 104.156.104.15. So Tox does leak IP despite the proxy setting.
With the above network settings all connections should go through the proxy, no UDP should be attempted. No IPs besides 127.0.0.1 should appear in the log.
So you should use Whonix to filter these things.
yurivict
on 9 Feb 2017
ISP knows your IP and usually most of websites you visit normally every day, if you really fear IP leak then do not add friends in Tox who you do not know. yurivict: file bug raport about that UDP off
fcore117
on 9 Feb 2017
No, you are wrong. ISP doesn't know what user does over Tor.
yurivict
on 9 Feb 2017
yurivict
on 9 Feb 2017
The leaks I have seen are caused by bad user configuration.
1) Disable IPv6
2) Disable UDP
3) Set proxy.
4) Still leaks DNS queries, per bug yurvict mentioned, but not other traffic.
Failing to do this, you will definitely leak over IPv6 and UDP.
g4jc
on 11 Feb 2017
What @g4jc wrote should be added to the user manual / FAQ.
zetok
on 11 Feb 2017
@yurivict can you pls test with https://github.com/rofl0r/proxychains-ng?
soredake
on 12 Feb 2017
@soredake qTox seems to work fine with proxychains-ng on FreeBSD.
yurivict
on 12 Feb 2017
@yurivict no dns leaks?
soredake
on 12 Feb 2017
I don't see DNS leaks with proxychains-ng.
yurivict
on 12 Feb 2017
So it's worth mention in user manual or FAQ.
soredake
on 13 Feb 2017
Yes, as a workaround.
yurivict
on 13 Feb 2017
g4jc commented 5 days ago
The leaks I have seen are caused by bad user configuration.
Disable IPv6 Disable UDP Set proxy. Still leaks DNS queries, per bug yurvict mentioned, but not other traffic.Failing to do this, you will definitely leak over IPv6 and UDP.
Sorry for that but, I didn't understand, disable the UDP result in IP leak or keeping the UDP result in the leak?
Qwash
on 16 Feb 2017
This is still a Tox problem, it shouldn't allow UDP when not available.
yurivict
on 16 Feb 2017
Seems question is answered. Thus closing
Diadlo
on 25 Feb 2017
Related issues
tox-user
路
4Comments
akhilman
路
7Comments
Tcll
路
3Comments
ovalseven8
路
6Comments
ghost
路
4Comments