*Tox What is it?
An open source project for anti spying ; Based on the DHT(BitTorrent) Instant messaging protocol for Technology ; An encrypted communication system for security .
After the American prism project came to light , A group called irungentoo It's a great success 17 The day after 2013 year 6 month 23 in Github The project was launched on the Internet , The goal is to provide safe and convenient communication for the public .
* Tox what are you having?
- 【 Encrypted communication 】—— Each session is encrypted with a different password , It's safe , Smart anti cracking
- 【 De centralization 】—— There is no server to store your account information and session content , No way to spy , Privacy guaranteed
- 【 Free open source 】—— The source code is freely available 、 Revise and review , Don't worry about software backdoors , Let alone hate advertising
◇ Encrypted communication
Unencrypted communication is like a voice over the air , Everyone who floats by knows what's on the phone , Below we call the unencrypted communication content 【 Plaintext 】. Many applications in China are due to their own reasons , It's very irresponsible to send plaintext data directly , It's very easy to cause the message to be intercepted and tampered by the intentional person , In all kinds of fraud cases, the so-called technical means are common , The emergence of encrypted communication is to protect users , Improve safety .
However , In recent years, encrypted chat software can be described as endless , In the face of today's increasing crack efficiency ,Tox How is the anti cracking performance ？
Tox Use forward secrecy （ english ：Forward Secrecy, It belongs to symmetric encryption , See below for details ）, Its key “ In exchange for ” The mechanism is very clever , It can effectively resist all kinds of cracking methods .
Technology brothers, don't use it when you see it Symmetric encryption Just look at it Tox yo , Introducing Tox Before encryption , First, use the application scenario to answer two questions ：
What is symmetric encryption ？
Scene one ：
When the file is compressed, the content can be encrypted —— Set compression password , You also need to provide the password to unzip , This kind of encryption and decryption with the same password is called Symmetric encryption .
that , Asymmetric encryption ？
Scene two ：
Before sending business secret e-mail, encryption is usually done , The difference is that the password used to encrypt the content of the e-mail has been published by the other party , We call it 【 Public key 】（ Public key ）, The other party received it and kept it in private 【 Private key 】 Decrypt the message to get plaintext , Encryption and decryption with a completely different password , This is called Asymmetric encryption . It should be noted that the public key and private key are generated by the algorithm in pairs , That is to say, a private key only needs a unique matching public key . Asymmetric encryption can also effectively prevent repudiation , I will not expand here .
If the files in scenario 1 are only stored locally, it's OK , If you want to send it to someone else , You need to tell the other party what your password is , The confidentiality of this communication process is an additional issue , More times are more likely to reveal your ciphertext generation habits .
The second scenario solves the problem of the password , But there are new problems , The key of both sides has not been changed for a long time , Encrypted data may be recorded and stored by a third party for a long time in the flow process , Wait for the private key to leak in the future 、 Decrypt the data at one time after the protocol vulnerability or cracking efficiency is improved .
Tox How to solve the above historical problems ？
Clarify before you answer Tox Several concepts of key ：
Public key ： Tox What the software interface sees Tox Id, For public release
Private key ： It is built into a file in a specific directory of this computer , We become the key file , Don't let out
Encryption key ： be used for 【 This time 】 The password for the encrypted session
Tox Adopted Forward secrecy It's for safety , The two sides of communication exchange public key in advance （ Exchange by adding friends ）, Keep the private key by yourself , Exchange some necessary parameters including randomness before each communication , Then each side takes The public key of the other party + Own private key + Necessary parameters , On your own 【 One sided 】 The operation generates the key of this encryption , The magic thing is that the key composition algorithm can ensure that both sides independently generate encryption keys with the same content （ The essence ）, Finally, the key is used to encrypt the content and send it out , The other party decrypts the data with the same key of this machine , To avoid scenario 1, you need to tell the other party the plaintext password , And the next session is another equally complex encryption key . In case the private key leaks （ Protect yourself ）, As long as the local records are cleared , Protection with random parameters , It's also hard to trace historical encryption keys , This can effectively combat traffic recording , Even in the future, the cracking efficiency will be improved by leaps and bounds , And because the encryption key is changing all the time , There's no way to crack content all at once , Only when the cost of cracking greatly exceeds the data itself can data security be effectively guaranteed .
Add ： Forward secrecy has the super ability to realize secure communication in an insecure network environment , But if your local computer environment is already occupied , Everything is a floating cloud , Please make sure the environment is clean （ Digging a hole ……）—— Fire prevention, burglary prevention, insider protection .
◇ De centralization
Centralized application scenarios ：
Cloud synchronization , Content can be synchronized to “ On the tall ” The cloud —— No matter where you are, I am by your side , As soon as the account logs in , All the love came immediately ;
offline message , The message is first stored in the official server of the software , When the other party goes online, they can receive it immediately —— Care is everywhere .
Check the application software list of the system , It's not hard to find a lot of “ Devotion ”（ No roll call ） You need to register your account or log in with your mobile number first , In order to leave the unique identity of this tour on the official server （ Like email ）, In order to achieve user behavior analysis and advertising push —— Users are wealth .
Centralization provides us with a convenient experience , It provides a guarantee for the centralized management of software , But it also provides a good hotbed for rampant monitoring and information theft . Account information leakage, which is often seen in the headlines, is not uncommon , There is an irreconcilable contradiction between safety and convenience .
The prism project also makes use of the centralized “ defects ”, Take monitoring into every aspect of your life .
Born for safety Tox Nature wants to break the shackles , It doesn't have to register , No central server , There will never be an ad push ！ Except for the volunteers “ Relay server ”（ Provide early guidance and late transit services , See below for details ） Outside , Each client connected to the network will also become a part of the relay network . In the past, the price of centralization was to limit some functions , First of all, there is no cloud synchronization , Message records are only stored locally ; Second, offline messages are not supported , Only pseudo offline messages , In fact, it's your “ offline message ” There is a native , The next time both parties go online at the same time, it will be sent automatically .
◇ Free open source
The project in GitHub On , Belong to GPL V2 License agreement （ The content of the agreement is self reinforcing ）, Effectively avoid being commercialized in the future . But because irungentoo It mainly provides kernel development , Other software enthusiasts mainly develop their own clients based on the kernel , therefore Tox There are several different versions , similar Linux The pattern of kernel and distribution .
Clients are mainly distinguished by language , The interface styles and functions are different , You can choose . Overall, cross platform support is good , Now it's covered Windows（vista,7,8,10 Full coverage ;xp sp3 Download a specific version ）、OS X（10.7+）、Linux、Android（ Android ）、IOS（IOS 8+） and FreeBSD;Windows Phone No action at the moment , Specific support can be found in Official website understand .
The perfect thing about desktop computers is qTox, The second is uTox. In addition to the point-to-point text used in daily life 、 voice 、 In addition to video chat and file transfer, there are unlimited group chats （ Support voice group chat ）, More support for multi language 、 Topic switching 、 Proxy settings and forgery of offline messages, etc .
advertisement ^_#： Personal preference uTox, Simple interface design 、 There are dark themes , Support message embedded screenshots , however , Poor stability , There are also interface vulnerabilities , Be careful when you are a novice .
Tox The project is being perfected , It's not perfect yet , I look forward to your participation . If you're just a regular user , You can go to the discussion group of each release to feed back the function loopholes and new function requirements, etc （ In English ）; If you are familiar with programming languages （C、C++、Python、Java and C# Any one of them has a corresponding client ）, Hope to help repair the branch client based on this language ; If you are good at English , Hope to help translate Tox In English （ Part of it will be about network communication ）.
◇ Group chat instructions
Tox At present （ There will be new designs in the future ） It is divided into 【 Self built group 】 and 【 The chat room 】, Both are still under improvement , There are some differences with the group chat we have daily contact with , Here is a brief analysis .
【 Self built group 】—— Support text 【 and 】 voice ; It's like a closed door meeting , Anyone can create , Members of the group can pull friends into the group by themselves , Users outside the group can't apply to join by themselves .
【 The chat room 】—— Support text 【 or 】 voice ; Creation time 【 must 】 Specify whether it's text chat or voice chat ; It's like open door meetings , You need to join the robot node （ You can build it yourself ）, Users in the same robot node can enter a chat room under the node by themselves .
Tips ： For chat rooms with a password set at the time of creation , It's like a locked door , You need to provide the corresponding password when entering .
Self built group and The chat room Because there is no central server , There are some restrictions on use for the time being , for example ： The existing state of self built group can't be saved at present , After you shut down the software , You quit the group , The chat room is where all members leave “ room ” after , It will be recycled by the robot itself .
* Operation principle
Someone has failed in English for many years , Indigestion of the official natural text , If there is any discrepancy with reality, please correct it . Ordinary users can skip this section .
◇ The key file
First run Tox The key file will be generated on your computer —— It's a tour here , The file contains your private key information , Be sure to keep it safe , At the same time, you can see a Tox ID, That's a public key , Others through this ID Add you as a friend , After confirming your friend's request, you can chat happily .
For safety reasons , It is recommended that you enable the encryption option in your settings , So in theory, key files and chats （uTox There is no chat record of , Theory is a good thing ） Will be encrypted , After that, you need to enter the password every time you start the software —— Forget and die , therefore …… Do you still want to enable encryption ？
complete Tox ID The content is shown in the figure below ：
Each time you add a friend, you need to input a complete Tox ID, among Publick Key Belongs to the public key , Unless you clean up the private key file , Otherwise, it will not change after generation ;NoSpam For anti disturbance design , You can change the value content to generate a “ new ” Of Tox ID, In this way, not only the existing friends do not need to add you again , And in the future, everyone can only use the new Tox ID To add you ; final Checksum Is a hash value , Provide right Public Key and NoSpam Valid verification of .
It should be noted that The public key contains your local public network exit IP, The design is to facilitate friends to find you directly , If you mind the public network IP Let the cat out of the , It is suggested that we start with VPN Or agent software , Then open it again Tox, And it's already generated Tox ID If you want to regenerate the key file , Just delete the system Tox The key file in the directory （tox_save.tox ） that will do , The directory of the file in each system is as follows ：
OS X： ~/Library/'Application Support'/Tox/
because tox_save.tox I recorded my friend's ID Data such as , It's a very important document , So suggest 【 Every time 】 Make a backup after changing friends , The author just because Tox Software crash automatically empties the file . Besides Tox Configuration files on the client side 、 Friends' Avatar directory and even chat records （ The file name is friend ID） And so on are in this directory by default , Optional backup if necessary .
◇ Relay service
Tox Software has a number of built-in relay servers IP, After the software starts , Connect to the relay server first , After success Tox Will cache IP Data such as , The relay server also gets your location , And provide your online friends with IP Information , After that, I began to establish a conversation with my online friends , After successful connection , This machine also caches friends' IP data , That is to say, when chatting with friends , Each other's Internet IP Is visible .
Tox The buffered relay after the connection is complete IP With friends IP The data will be updated regularly , The list of relay servers will only use the best quality at runtime 8 individual IP, If friends IP The list has better quality than the relay server IP resources , Then IP Will be promoted to the local relay server 8 individual IP One of .
So far, there is a doubt , If you can't connect to the built-in relay server IP Well ？
Tox For relay servers that have been connected , Will cache IP Data to local file , You can try these cache nodes , In addition, it will scan the local IP, And try to connect with friends directly IP node , Friend's IP The data comes from friends Tox ID, Generate Tox The public key of , Software will then export the public network IP Encryption is written into the characters , It can be used in this special environment .
It can be inferred that the same Tox ID A number of devices have been launched one after another , There will be only the first “ go online ” Your device can find friends , After the device goes offline , It's the device behind that can be real “ go online ”, In addition, due to the forward secrecy used in the communication process, only one device can establish a connection with friends at a time .
* User distribution
The number of users is estimated by several main relay nodes provided by developers according to the number of relay nodes IP The number is counted
* The darker the color, the more online users
The figure above shows that the United States and Russia have the largest number of online users , China with lighter color 、 Australia is basically flat , Canada has the largest number of people online in light areas , Nearly twice as much as China ; The European users are Germany 、 The French 、 Ukraine 、 Sweden and Finland .
The figure below shows the proportion of the average number of relay nodes that a domestic user can get ：
See you again “ Chinese grey ”, This time it's completely grey , The share is only 0.03%, Australia with the same number of users （1.9%） contrast , The proportion of relay nodes is not an order of magnitude , Heartbreak , It is speculated that this situation is similar to that of China itself IP It's about a few , Most online users are basically not fixed IP, In the future, if the number of users increases, we can reduce the dependence on foreign relay nodes , Think 7 100 million potential users , Light up the universe with Chinese red .
* At the end of the article, clear the scene
Now use Tox It's like walking alone in the desert , Boundless desolation , Can't find a friend , It may even become the only node within a hundred miles , But it's the best communication choice after the bustle , Return to quiet and safe communication ; The choice of the minority can also continue to grow , I invite you to be one of the 3000 relays in the world .
Offer Tox ID One ：
Add me 、 Add me 、 Add me , Lazy input uses Tox Scan the QR code
My other blog ：http://www.lemols.com/
- Baccarat How to use the decentralized governance model ？
The emergence of blockchain , Let's see the possibility of decentralization . Decentralized digital assets from the beginning of the unknown , It's been up and down for ten years , It has gradually become a popular way of value storage . Decentralized Finance , Make the ecological builders of digital assets realize that , Even without centralized gold ...
- Why do you say NGK The decentralized Oracle is becoming more and more popular ？
2020 The blockchain market was very hot in 2000 , From the exchange leverage at the beginning of the year , To Defi boom , Wave after wave , The wind is shifting , Many people have no choice but to sigh that they can't keep up with the times , A lot of people jumped on the early bus . With Defi It's hot all the time , The Oracle has also entered the public eye .NG ...
- IM Decentralized conceptual model and architecture design
I'm going to write about today IM The architecture model changes and design ideas involved in decentralization , The concept of decentralization means that users' access is not centralized in a data center , The decentralization here is for the data center . From this perspective , In fact, not all businesses can do it ...
- One light client, Multilingual support , De centralization , Self active load , Discussion on the implementation of scalable real-time data writing service
background The background is to design a real-time data access module , Responsible for receiving client Real time data writing based on ( Such as log stream , Click stream ), Data support goes straight down to HBase On ( May provide HBase Query on ), Or persist to Kafka in . It may be convenient to do some research ...
- Step by step to teach you to develop 、 Deploy the first decentralized application (Dapp) - Pet Shop
Today we're going to write a complete decentralization ( Blockchain ) application (Dapps), This article can be combined with writing smart contracts . Write it at the front Before reading this article , You should be right about Ethereum . I know something about smart contracts , If you don't already know , I suggest you first look at what Ethereum is, in addition ...
- ImCash: Take the coin off the shelf BSV The debate on the right ： The rules 、 Neutrality and decentralization
One view is : A cryptocurrency exchange that quotes price data and performs transactions , Its business decisions often occur outside the chain , Not subject to strict . It is similar to the restriction of the chain rules of the quasi constitution , Cryptocurrency exchanges can reject prices and transactions that anyone likes , And it doesn't hurt the bottom ...
- Understand decentralization Stable currency DAI
This article is reprinted from the blockchain in simple terms , Link to the original text With JPMorgan's launch JPM Coin Stable currency , It can be predicted that stable currency will become a big booster for the implementation of blockchain . frankly , For me as a programmer ( I don't know a little about economics and finance ), understand DAI My machine ...
- The ultimate guide to decentralized storage projects | Filecoin, Storj and PPIO Project technology comparison （ Next ）
In the last article , We mainly focus on value orientation . Technology hierarchy . Service quality . Degree of decentralization , This paper analyzes the differences of the three projects from five aspects of economic and incentive mechanism . In this article , We will focus on the architecture design of blockchain . Data transmission technology design and data storage technology design ...
- The ultimate guide to decentralized storage projects | Filecoin, Storj and PPIO Project similarities and differences
Filecoin,Storj as well as PPIO The design ideas of these three storage public chains are different , There is no such thing as good or bad , This article is not written to argue about the right and wrong of each project . Decentralized storage is a long-term commercial track , Different teams go to different places on the same track ...
- Android Studio ：enable vt-x in your bios security, Open or error report solution
quote: For Windows 10: First of all, install the intelhaxm-android.exe located in the folder SDK\ext ...
- [PHP] - Laravel 5 Of Hello Wold
I make complaints about it For a long time ,Laravel Download trouble can die . First you want to install composer, and composer It's been shared again , After that, we have to install git, installed git And sign up git, wait .... Finally give up the game , It's disgusting . ...
- How to let dedecms Generate html The page is faster
How to make dream come true html The page is faster ? 1. Put... In the article template “ Related articles ”.“ Hot articles ”.“ Recommended articles ” This kind of mark has been removed , In other ways , Such as :shtml.js introduce 2. Put the template path represented by mark in dream weaving template .php attach ...
- 【 First worship dampness 】poj-2386-Lake Counting-DFS The template questions
Lake Counting Time Limit: 1000MS Memory Limit: 65536K Total Submissions: 16802 Accepted: 8523 De ...
- iOS afnetworking The latest edition is wrong No, AFHTTPRequestOperationManager The class
I started a small project today It's using pod then Install well Afnetworking after Find out AFHTTPRequestOperationManager This class is gone , After Baidu Find out original ...
- Industrial control board EM9161 Yes ISO7816 Protocol support
In current finance POS Terminals and related fields ,ISO7816 Communication protocols are widely used . Yingchuang's industrial control motherboard EM9161, Based on its asynchronous serial port , With simple settings , Then the serial port can be converted to conform to ISO7816 Interface to protocol , Implementation with a variety of smart cards ...
- jquery single click li Implementation code to prevent repeated loading
- Gym - 101522H Hit!
H. Hit! time limit per test 1.0 s memory limit per test 256 MB input standard input output standard ...
- perl Introduction （3）
quote In many cases, we use reference to pass values , Can greatly improve the efficiency of the code . Define a reference and add... Before the variable name ”\” That's all right. , Such as : $ra=\$a; $rb=\@b; ...
- Experiment 1 ： Use ADO.NET How to read data
First step : establish Asp.net Applications stay VS in , Click on the file -> newly build -> project , Select and input as shown in the figure : The second step : New product browse page form Listing.aspx: In the project SportsStoreEx Upper point ...