I know an activist group who would like to do a secure and private video conference with around 10 people. Audio calls are not a good alternative, since seeing other people creates additional trust.

Jitsi meet doesn’t work well for this group, so we search for alternatives. i’m wondering if i could just promote tox.chat, which they’d use over tor.

Not sure if you can reduce the quality of the video of tox, if that’s the case then they would surely do it.

If it is unethical, could we mitigate it by donating to the torproject or something like a group of people running tor nodes?

i think the tails community said that using peer-to-peer services over tor is bad. But is it unethical? is it unethical if you desire the privacy because you’re an activist?

@nutomic
admin
61Y

You are probably thinking of people saying that torrent over tor is a bad idea. The reason people say that is not mainly because of the resource usage, but because torrent clients leak the ip anyway, so there is no privacy gained. If you have a legit need for tor, and you set it up so that no ip addresses are leaked, i dont see anything wrong with it. You could also run a tor relay to help the network you want.

@fruechtchen
creator
41Y

so an additional question:

the reason why this activist group needs to use some additional privacy thing is because tox, being peer to peer, reveals the IP.

So this is specifically what this activist group would like to avoid. Would using tor do that? i’m not sure because of your answer.

@nutomic
admin
11Y

No idea, I have never used tox. Is that use case officially supported by the devs? In that case it should be fine.

@cipherpunk
4
edit-2
1Y

Is Tor necessary?

If these people already trust each other, then Tor is simply not the best tool for the job. If they need to see each other, then they don’t need anonymity. The 10 people can connect directly to each other via self-hosted VPN.

Or is there concern that it would be visible to ISPs/outsiders that these people are connecting to each other, or that the attendees would know each others whereabouts? If that’s the case, then you need Tor or I2P.

Avoiding exit nodes

The biggest strain on Tor is use of exit nodes. So if you could use onion servers to avoid the need for exit nodes, it would be better for the Tor network and better quality A/V for you. If you have to use exit nodes, so be it… I don’t see an ethical issue there. Tor’s main purpose has become to serve activists.

@fruechtchen
creator
21Y

as far as i understand peer-to-peer networking, the IP address is in the TCP destination address.

therefore, i assume, when those people connect with their mobile internet to tox, the destination IP address (and the origin IP address) are leaked. If people monitor the internet traffic.

So, the IP address is not only leaked to the person they are talking to, but also to the people running the network.

@cipherpunk
2
edit-2
1Y

So, the IP address is not only leaked to the person they are talking to, but also to the people running the network.

That’s right. So the ISPs will know who is talking to who, and the participants will know details about each other’s IP address and thus approximate location. Avoiding that implies either having a trusted hub that everyone connects to, or using Tor or I2P.

A spoke-and-hub rig is probably good enough to avoid mass surveillance, but insufficient to avoid targeted surveillance (as someone could observe the hub traffic from the outside and track the payload movement). So whether you can avoid Tor/I2P depends on your threat model. The easy answer is to use Tor or I2P.

Dessalines
admin
31Y

I’d say your best bet isn’t tor, but:

  1. Make sure everyone has privacy VPNs. If you are activists, you should have one anyway.
  2. Self host Jitsi on a server somewhere (or through matrix).
@developred
2
edit-2
5M

deleted by creator

Dessalines
admin
21Y

It works, but browsers by default leak your IP to webRTC (although I’m not sure if its your real IP, or the VPN one). I have a plugin for Firefox that can disable webRTC, which I have to turn off whenever I do calls.

@developred
2
edit-2
5M

deleted by creator

@k_o_t
admin
3
edit-2
1Y

I’ve never heard anyone say that using Tor for any such purpose is unethical. People are just referring to primarily torrenting because it’s typically associated with huge amounts of traffic, which strains the Tor network and hinders more important traffic from people who actually need it, whose work and/or freedom depends on it. The usecase you’re describing is precisely what Tor is intended for (kind of).

By the way, trying video calls over Tor would probably be really painful, because of low bandwidth, have you looked into something like Matrix with hosting it on your own server?

@fruechtchen
creator
21Y

and also /u/ajz:

i found this FAQ from tox:

Does Tox leak my IP address?

Tox makes no attempt to cloak your IP address when communicating with friends, as the whole point of a peer-to-peer network is to connect you directly to your friends. A workaround does exist in the form of tunneling your Tox connections through Tor. However, a non-friend user cannot easily discover your IP address using only a Tox ID; you reveal your IP address to someone only when you add them to your contacts list.

https://tox.chat/faq.html#tox-leak-ip

so i assume, the IP adress is also leaked, if people use a non-secured connection, like using tox on a mobile phone without wlan. -> So i guess the IP adress can be easily be obtained.

But using matrix would probably also be a good idea, i’ll investigate.

@fruechtchen
creator
21Y

/u/k_o_t and /u/ajz however, i just found that matrix is using also webrtc, which should mean this also leaks the IP address, as far as i understand:

https://matrix.org/faq/#how-do-you-do-voip-calls-on-matrix%3F

@k_o_t
admin
11Y

I think there’s been an exploit that is still unpatched since 2015, that leaks your IP. It only affect certain web browsers and certain versions.

Here’s an UBO doc extract with a guide to preventing it.

@fruechtchen
creator
21Y

ah, thank you. This link is helpful.

@developred
1
edit-2
5M

deleted by creator

@cipherpunk
1
edit-2
1Y

By the way, trying video calls over Tor would probably be really painful,

Wire and Jami do video chat over Tor without significant issues. It’s functional enough.

Jami had a chronic freezing issue ~1 year ago when I tried it, but that’s not inherently due to Tor.

@ajz
21Y

Tor could decrease video/audio quality by its delay ? Also, I’ve tested audio calls with Tox (and Jami) in the past and it was not good. Hope it is better now. Running your own Matrix/Riot or BigBlueButton server is an idea ?

@useful_lemming
3
edit-2
1Y

deleted by creator

Tor - The Onion Router
!tor

    Tips, tricks and information about the Tor network!

    Tor Project

    • 0 users online
    • 1 user / day
    • 1 user / week
    • 5 users / month
    • 26 users / 6 months
    • 639 subscribers
    • 46 Posts
    • 71 Comments
    • Modlog