Tor Messenger Beta: Chat over Tor, Easily
Today we are releasing a new, beta version of Tor Messenger, based on Instantbird, an instant messaging client developed in the Mozilla community.
What is it?
Tor Messenger is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor. It supports a wide variety of transport networks, including Jabber (XMPP), IRC, Google Talk, Facebook Chat, Twitter, Yahoo, and others; enables Off-the-Record (OTR) Messaging automatically; and has an easy-to-use graphical user interface localized into multiple languages.
What it isn't...
Tor Messenger builds on the networks you are familiar with, so that you can continue communicating in a way your contacts are willing and able to do. This has traditionally been in a client-server model, meaning that your metadata (specifically the relationships between contacts) can be logged by the server. However, your route to the server will be hidden because you are communicating over Tor.
We are also excited about systems like Pond and Ricochet, which try to solve this problem, and would encourage you to look at their designs and use them too.
Why Instantbird?
We considered a number of messaging clients: Pidgin, Adam Langley's xmpp-client, and Instantbird. Instantbird was the pragmatic choice -- its transport protocols are written in a memory-safe language (JavaScript); it has a graphical user interface and already supports many natural languages; and it's a XUL application, which means we can leverage both the code (Tor Launcher) and in-house expertise that the Tor Project has developed working on Tor Browser with Firefox. It also has an active and vibrant software developer community that has been very responsive and understanding of our needs. The main feature it lacked was OTR support, which we have implemented and hope to upstream to the main Instantbird repository for the benefit of all Instantbird (and Thunderbird) users.
Current Status
Today we are releasing a beta version with which we hope to gain both usability and security related feedback. There have been three previous alpha releases to the mailing lists that have already helped smooth out some of the rougher edges.
Downloads (Updated)
Windows (UPDATED)
sha256sums.txt
sha256sums.txt.asc
The sha256sums.txt file containing hashes of the bundles is signed with the key 0x6887935AB297B391 (fingerprint: 3A0B 3D84 3708 9613 6B84 5E82 6887 935A B297 B391).
Instructions
- On Linux, extract the bundle(s) and then run:
./start-tor-messenger.desktop - On OS X, copy the Tor Messenger application from the disk image to your local disk before running it.
- Note that as a policy, unencrypted one-to-one conversations are not allowed and your messages will not be transmitted if the person you are talking with does not have an OTR-enabled client. You can disable this option in the preferences to allow unencrypted communication but doing so is not recommended.
On all platforms, Tor Messenger sets the profile folder for Firefox/Instantbird to the installation directory.
Source Code
We are doing automated builds of Tor Messenger for all platforms.
The Linux builds are reproducible: anyone who builds Tor Messenger for Linux should have byte-for-byte identical binaries compared with other builds from a given source. You can build it yourself and let us know if you encounter any problems or cannot match our build. The Windows and OS X builds are not completely reproducible yet but we are working on it.
What's to Come
Our current focus is security, robustness and user experience. We will be fixing bugs and releasing updates as appropriate, and in the future, we plan on pairing releases with Mozilla's Extended Support Release (ESR) cycle. We have some ideas on where to take Tor Messenger but we would like to hear what you have to say. Some possibilities include:
- Reproducible builds for Windows and OS X
- Sandboxing
- Automatic updates
- Improved Tor support
- OTR over Twitter DMs
- Produce (and distribute) internationalized builds
- Secure multi-party communication (np1sec)
- Encrypted file-transfers
- Usability study
How To Help
Give it a try and provide feedback, requests, and file bugs (choose the "Tor Messenger" component). If you are a developer, help us close all our tickets or help us review our design doc. As always, we are idling on IRC in #tor-dev (OFTC) (nicks: arlolra; boklm; sukhe) and subscribed to the tor-talk/dev mailing lists.
Please note that this release is for users who would like to help us with testing the product but at the same time who also understand the risks involved in using beta software.
Thanks and we hope you enjoy Tor Messenger!
Update: For Windows 10 (and some Windows 7, 8) users who were experiencing an issue in Tor Messenger where it wouldn't start, we have updated the download links above with a newer version that fixes the problem described in bug 17453.
Any way for links pasted in chat to be formatted as clickable hyperlinks?
Yes, this is on purpose because we don't want users clicking their links and opening a browser that is not Tor Browser. We will fix this in future releases by being smart about it -- by detecting Tor Browser and opening the link there, or by giving you an option of choosing what to do with the link. For now, we decided that we don't want users clicking on links by mistake so that is why they are disabled. (#13618 on Trac.)
That makes sense and what I assumed. Sounds like you've identified the plan forward with this as well. Thanks and great job!
I am unable to run it on my Windows Machine (Win 8.1 Pro 64 bit). I have tried using the compatibility mode for win7 and 8 but nothing worked. Tried running as administrator but it does not change anything. There's no error, when I click on the exe it waits for sometime and then nothing happens.
Other users are reporting this issue. It may be related to https://trac.torproject.org/projects/tor/ticket/17453. We are checking and will post an update.
There is now a workaround for this issue:
https://trac.torproject.org/projects/tor/ticket/17453#comment:7
See the update above, there's a new release. This issue should now be fixed.
Same here on windows 10, nothing happens after install and run.
Can you try the workaround in the above ticket and let us know if it works for you?
See the update above, there's a new release. This issue should now be fixed.
Can this be safely used on Tails or will this negatively affect security?
We can't say yet. We will work with the Tails team; they are tracking the progress at: https://labs.riseup.net/code/issues/8577. Until we have an update, don't use it on Tails, or use it at your own discretion. If it works, tell us!
I had posted earlier about tor messenger not working on Win 8.1. Although it works on my Win server 2012 R2 VM.
Most likely related to https://trac.torproject.org/projects/tor/ticket/17453
See the update above, there's a new release. This issue should now be fixed.
love this!
Does this run on Tails? If not, is there a way to set it up?
We don't know yet but you can follow the progress here: https://labs.riseup.net/code/issues/8577. We will work with the Tails team.
How To Help:
a) i would like an audit for RICOCHET.
b) POND is not yet ready and no one can try it !
c) i would like false address -robot are ok- for testing Tor Messenger Beta.
d) i love ricochet ; will tor messenger be better or different ?
pls, add a comparison !
thx.
c). You can register accounts from within Tor Messenger for XMPP. If the server supports in-band registration, Tor Messenger will create an account for you. No email address or information required.
d). We love Ricochet! We use both products interchangeably. What Tor Messenger aims to provide is a secure way to connect with your friends over existing social networks like XMPP, IRC, Google Talk, while Ricochet is excellent if you don't want to have any metadata about whom you talk with. It depends on your use but we recommend both products.
Windows build not working for me on Windoze 10
Please see https://trac.torproject.org/projects/tor/ticket/17453. Short story: it seems to be an issue that is affecting some users on Windows. We are checking.
See the update above, there's a new release. This issue should now be fixed.
What about implementing OMEMO encryption?
http://conversations.im/omemo/
Definitely worth considering.
I've opened https://trac.torproject.org/projects/tor/ticket/17457
Is this something one can use without have previously registered a chat account somewhere?
Yes, you can register XMPP accounts from Tor Messenger (in-band) if the server supports it. You don't need an existing account. (This is not true for Facebook, Google Talk or Twitter, where you do need existing accounts for Tor Messenger to work.)
It doesn't open on my machine. It gives an error: 0x0000000070C19BD5 made reference to the memory on 0x0000000000000000. The memory can't be written.
If i launch it as admin it just loads but nothing happens, won't open and won't display any error.
Does this require something else in order to work?
Same here.
Windows 10? If yes, please see https://trac.torproject.org/projects/tor/ticket/17453.
Thanks for letting me know and yes, happening in Windows 10. Will wait for some update then.
Update: we have a workaround on https://trac.torproject.org/projects/tor/ticket/17453#comment:7
See the update above, there's a new release. This issue should now be fixed.
Crash
Сигнатура проблемы:
Имя события проблемы: APPCRASH
Имя приложения: instantbird.exe
Версия приложения: 41.0.0.5729
Отметка времени приложения: 000232e8
Имя модуля с ошибкой: d2d1.dll
Версия модуля с ошибкой: 6.1.7601.17514
Отметка времени модуля с ошибкой: 4ce7b7aa
Код исключения: c0000005
Смещение исключения: 0001f3ba
Версия ОС: 6.1.7601.2.1.0.256.1
Код языка: 1049
Дополнительные сведения 1: 0a9e
Дополнительные сведения 2: 0a9e372d3b4ad19135b953a78882e789
Дополнительные сведения 3: 0a9e
Дополнительные сведения 4: 0a9e372d3b4ad19135b953a78882e789
Is this Windows 10? If yes, please report this to https://trac.torproject.org/projects/tor/ticket/17453.
See the update above, there's a new release. This issue should now be fixed.
I'm excited about Tor Messenger and really want to try it but downloaded .dmg twice and got the wrong sha256sum. Same number both of time different than original one.
5c0396f876101bd624d500322d7c588d85c844d1
That looks like sha1. Run sha256sum on the DMG. It should match.
installed on windows 8.1 x64 without errors, running doesn't show anything, process explorer shows tor.exe for a few secs. Tor browser runs fine on the same machine.
We are checking. If you have any more information you can provide, please file a ticket with the "Tor Messenger" component.
See the update above, there's a new release. This issue should now be fixed.
Any idea how to get this to jive with Google Talk? Obviously Google raises alerts when trying to connect to their services via Tor. Makes it tough to use my existing account
Thanks!
This will likely be a common problem. We have plans to allow controlling the Tor process from Tor Messenger so you can refresh your circuit and get a new exit node, but that may also not solve the problem. We had (rather, have) a similar issue with TorBirdy and Mike Hearn from Google replied on how to solve this: https://lists.torproject.org/pipermail/tor-talk/2012-October/025923.html. You can try this and it may involve giving your phone number, so be careful with that.
Not working on windows 7 - 64 bit.
It starts and shutdowns in half a second.
Is there a fix ?
Does it start at all or it doesn't even start? We have tested it in Windows 7 and 8 so will need a bit more information here to proceed.
You can try this: https://trac.torproject.org/projects/tor/ticket/17453#comment:7
See the update above, there's a new release. This issue should now be fixed.
Cannot malicious exit nodes eavesdrop facebook or google credentials?
No, because TLS is enabled for all protocols by default.
No, because TLS is enabled for all protocols by default.
The NSA has found some weak links in the algorithms used to encrypt internet traffic. It means that whatever products or enhancements Tor developers are doing are vulnerable to US government snoops.
Matthew Green, one of the people who audited Truecrypt, postulated the NSA has solved some of the issues surrounding ECDLP (Elliptic Curve Discreete Logarithm Problem). "A riddle wrapped in a curve" (http://blog.cryptographyengineering.com/)
If you're still interested read the following post by Bruce Schneier as well: "Why Is the NSA Moving Away from Elliptic Curve Cryptography?" (https://www.schneier.com/blog/archives/2015/10/why_is_the_nsa_.html)
Cannot they do a man-in-the-middle attack?
If I want to uninstall Tor Messenger, is it enough to delete the program's folder? I can't find the program on Control Panel (Windows). Thanks
Deleting the folder should be enough since we do not write outside the folder. (Even the profile is in the folder.) If you find Tor Messenger is creating files outside its installation directory that are leaking information, please file a bug.
hello, when i run malwbites shows me riskwaretor mallware. is this ok? thanks
That's odd. Can you file a bug with more information on https://trac.torproject.org/projects/tor/newticket. Choose "Tor Messenger" as the component.
Tor Messenger is safe. Check the code :)
Using Telegram for now, but hopefully it his will scale up in utility in a couple of years.
Telegram is not secure, you can bet NSA/GCHQ are watching everything on there. Details here: https://web.archive.org/web/20150927213317/http://www.alexrad.me/discourse/a-264-attack-on-telegram-and-why-a-super-villain-doesnt-need-it-to-read-your-telegram-chats.html
Use an OTR client like Pidgin/Jitsi/Adium/etc. for secure chatting until Tor Messenger development advances further.
Throws the error "Your Instantbird profile cannot be loaded. It may be missing or inaccessible." after runninf .dmg on Mac !!
"On OS X, copy the Tor Messenger application from the disk image to your local disk before running it."
Problem signature:
Problem Event Name: APPCRASH
Application Name: instantbird.exe
Application Version: 41.0.0.5729
Application Timestamp: 000232e8
Fault Module Name: d2d1.dll
Fault Module Version: 6.1.7601.17514
Fault Module Timestamp: 4ce7b7aa
Exception Code: c0000005
Exception Offset: 0001f3ba
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 2057
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
Windows 10? Please see https://trac.torproject.org/projects/tor/ticket/17453. Sorry, this seems to be known bug that we will fix in the next release.
See the update above, there's a new release. This issue should now be fixed.
I download Tor Messenger and install it but its not opening. I am using window 7 on my PC
Most likely related to https://trac.torproject.org/projects/tor/ticket/17453
See the update above, there's a new release. This issue should now be fixed.
Hi sukhbir:
its transport protocols are written in a memory-safe language (JavaScript)
I'm shocked and puzzled as to why Tor developers would consider JavaScript to be safe.
Since its conception and rollout by Netscape till today, hundreds of security holes have been discovered in JavaScript.
Tor developers are a diverse group and I'm sure among them are many who hold the same beliefs as you.
The point was that JavaScript is a memory managed language, which theoretically eliminates a certain class of exploits. Further, as you said, Mozilla's JS VM has been in production for quite some time and seen some battle hardening.
I'm curious why you're not interested in integrating Ricochet's concept of secure, anonymous, server-less communications entirely inside the Tor network into Tor Messenger. It seems to align perfectly with the Tor Project's aims, especially as Tor Browser's functioning (accessing both the outside web and hidden services) is so analogous to Tor Messenger (accessing both outside third party IM servers and a Ricochet-style system of hidden service IM nodes).
Is it just a lack of resources (since you're so busy getting the baseline messaging client up and running)? Do you not like the Ricochet concept enough to integrate it? Do you think there aren't enough people who'd use it to be worth the development effort? Are there other important reasons?
I'm sure the Ricochet developers do good work, but the Tor Project would provide a better implementation, better support, and better auditing simply due to having more funding, better familiarity with Tor, and the sheer number of people focused on your products both inside and outside of the organization.
Are you planning on integrating the Ricochet concept into Tor Messenger in the future (near, medium, or distant/wishlist), or will that never occur?
Thanks for all your hard work.
We love Ricochet. That's why we made sure to point to it in the blog post. Many of us use both Ricochet and Tor Messenger.
The goal for Tor Messenger is to meet people where they are -- so you can have more safety on your side, while still interacting with your friends who e.g. use XMPP and OTR but haven't seen the light yet. While the goal of Ricochet (ok, one of the goals) is to give people a chat approach where there's no "middle", and thus no central point for the adversary to break in and snoop on things.
(In fact, we spent a while after the past few weeks trying to sort out whether the name 'Tor Messenger' would confuse people into thinking that we think this is the one true way, and we think approaches like Pond and Ricochet are not the one true way. We don't think that. We like both approaches.)
Whether one day the Tor Messenger client adds support for the Ricochet protocol is still a matter under discussion by the Tor Messenger folks and the Ricochet developer. One reason against is actually because the Ricochet person wants Ricochet to be an experience (i.e. including a client with good usability), not just a standardized protocol that all sorts of apps can implement and present to the user however they want. One argument on the other side though is that Ricochet is going to have a tough time being its own self-contained network, and also still using Qt (and thus not working well on mobile). More thinking to be done there for sure.
As for the "doing it inside Tor Messenger would provide better familiarity with Tor" angle, we've actually brought the main Ricochet person under our umbrella and we're happy to call him a Tor person now. So we help him, and he helps us, just as much as in the Tor Messenger case.
And lastly, on the funding angle, actually neither project has any funding currently. We're working on helping both of them to fix that.
Does it launch it's own tor service or does it require to have Tor Browser opened first and will use its service?
If it starts an independent tor service, can we use it for other apps (curl, torsocks etc)?? You know as we do with tor browser for example (redirecting apps to 127.0.0.1:9150).
Thanks.
It launches its own Tor service. This is a feature, in that it simplifies everything from your perspective, but it's also sort of sad in that it would be nice for you to be able to run many applications at once, and they all use a single Tor client, and also they do it safely. We're not there yet though:
https://trac.torproject.org/projects/tor/wiki/org/meetings/2015SummerDevMeeting/TorProcessShare
And yes, if you want to attach some other program to the Tor that Tor Messenger launches, feel free.
The socks address for tor messenger is 127.0.0.1:9152
It doesn't work at all, Windows 7 64bit, Windows 8.1 32bit, and Windows 10 64bit.
Faulting application name: instantbird.exe, version: 41.0.0.5729, time stamp: 0x000232e8
Faulting module name: d2d1.dll, version: 6.2.9200.16765, time stamp: 0x528bf6b2
Exception code: 0xc0000005
Fault offset: 0x002284f6
Faulting process id: 0x1728
Faulting application start time: 0x01d112c2de7b0b89
Faulting application path: Tor Messenger\Messenger\instantbird.exe
Faulting module path: C:\Windows\system32\d2d1.dll
Report Id: 26f0368d-7eb6-11e5-8e12-005056c00008
Faulting application name: tormessenger-install-0.1.0b2_en-US.exe, version: 0.0.0.0, time stamp: 0x53c50d97
Faulting module name: SyncShellExtension86_70.dll, version: 0.0.0.0, time stamp: 0x560252bd
Exception code: 0xc0000005
Fault offset: 0x0000ce6e
Faulting process id: 0x1938
Faulting application start time: 0x01d112c2bdcd2844
Faulting application path: tormessenger-install-0.1.0b2_en-US.exe
Faulting module path: BitTorrent Sync\SyncShellExtension86_70.dll
Report Id: 0c5a1308-7eb6-11e5-8e12-005056c00008
Yep, see the above comments and also
https://trac.torproject.org/projects/tor/ticket/17453
Stay tuned for an update that fixes it!
Will there be skype support in the future?
Gosh. I don't want to speak for the Tor Messenger developers here, but I wouldn't be optimistic. Skype is notoriously closed, proprietary, incompatible, etc.
(I was going to say "I hope not", but actually, I do hope there's Skype support in the future -- it would mean that Microsoft came to its senses and embraced the open source world, the world of peer-reviewable protocols, and so on. Let's not hold our breath though.)
Most likely, no, for the reasons arma said.
Will Tor Messenger support TextSecure protocol?
This! I want to know this as well! (Protocol v2, axolotl.)
Yes! That would be really great.
If you'd go with Javascript, here are some libraries to consider using:
https://github.com/joebandenburg/libaxolotl-javascript
https://github.com/macropodhq/axolotl
https://github.com/alax/forward-secrecy
https://github.com/alexeykudinkin/axolotl.js
But it'd be possible to use ctypes as well, like with the OTR extension added tor Tor Messenger
Something that's definitely worth considering. We will open a ticket about this shortly.
I've installed Tor messenger, but it dousn't start... Appcrash. Something with d2d1.dll. Windows 8.1 x64
Yep, see the above comments and also
https://trac.torproject.org/projects/tor/ticket/17453
Stay tuned for an update that fixes it!
Avira wants to move instantbird to quaratine and I guess this is why the program doesn't work for me :(
You might enjoy
https://www.torproject.org/docs/faq#VirusFalsePositives
and
https://trac.torproject.org/projects/tor/ticket/17454
(Ok, you probably won't enjoy them, but they might give you some hope for the future.)
Any plans for an android client?
Not at present. You might enjoy Chatsecure, which used to be Gibberbot, on Android.
crashhhhhhhhhhhhhh
If you are on Windows, you can try this workaround: https://trac.torproject.org/projects/tor/ticket/17453#comment:7
Windows XP, instantbird.exe - entry point not found:
"the procedure entry point _vsnprintf_s could not be located in the dynamic library msvcrt.dll"
We are tracking this here: https://trac.torproject.org/projects/tor/ticket/17469.
Avira and McAfee say it's a virus... :-o http://i.imgur.com/DtNDAYE.jpg
See https://blog.torproject.org/comment/reply/1086/113488 (arma's comment earlier).
This is magic... effectively got Adium back for Facebook Messenger.... brilliant job... Thanks
Any suggestion to fix the problem when i click to open tor messenger but nothing appear..
Are you Windows 10? If yes, we know this is a bug. We have a workaround here: https://trac.torproject.org/projects/tor/ticket/17453 ... or you can just wait for the next release, which should be next week.
any plans to add gpg encryption support?
We use OTR (https://otr.cypherpunks.ca/). I am not sure how GPG fits into this?
Is instabird being funded directly or indirectly by the Department of State? Is Department of State funding for instabird tied to Congressional legislation on sanctions against Iran? Will Tor Project release its contract (or subcontract) with Department of State for instabird? Why does Sponsor O's Trac page not say Department of State? Where is the transparency?????
I appreciate what you are doing, I wish I can run the app to try it out at least. Windows 7 64-bit. It's not starting because of this:
Problem Event Name: APPCRASH
Application Name: instantbird.exe
Application Version: 41.0.0.5729
Application Timestamp: 000232e8
Fault Module Name: d2d1.dll
Fault Module Version: 6.2.9200.16765
Fault Module Timestamp: 528bf6b2
Exception Code: c0000005
Exception Offset: 002284f6
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
You can try the following workaround: https://trac.torproject.org/projects/tor/ticket/17453#comment:7
I am unable to connect to OFTC or any other IRC network. Maybe its because tor-messenger connects to ip's (servers) that forward traffic and resulting in failed connects. Can we use tor-messenger for hidden services?
Yes, you can use Tor Messenger with hidden services. Just provide an onion address instead wherever applicable.
OFTC seems to throttle Tor connections on and off, and we are aware of this. One possible solution would be try this with a new exit and checking if that works or not. You can't currently do this from Tor Messenger but it's in our to-do list. (https://trac.torproject.org/projects/tor/ticket/10950).
Avira finds TR/ATRAPS.gen in the Windows installer and instantbird.exe...
See arma's comment above (https://blog.torproject.org/comment/reply/1086/113488).
What's the difference between Tor Messenger and TorChat?
Tor Messenger is based on the client-server model and builds on existing networks like IRC, XMPP, etc. TorChat was a decentralized service that is no longer active? (Also Tor Project does not develop TorChat.)
i tried running it in windows 10, to no avail but windows 7, its running okay.
You can try the following workaround: https://trac.torproject.org/projects/tor/ticket/17453#comment:7
Downloaded the client, installed it and when I try to run it says:
Instandbird has stopped working
Unfortunately :(
I'm on Windows 7 Ultimate 64 bit
Try the workaround in https://trac.torproject.org/projects/tor/ticket/17453 or wait for the next release.
Tried with 2 Gmail accounts.. on 1, no problems. The other failed, and I got a gmail message saying "someone has your password" - access was blocked due to "unsafe app"
This is a problem with Gmail/Google. See https://blog.torproject.org/comment/reply/1086/113404 for a workaround.
Win 7 64bit here. Tor Messenger is not working for me. It is just not starting after executing the exe. Compatibility mode (e.g. Win Vista) is not helping either.
In the taskmanager I can see that the Instantbird process is starting (even with ~78MB of RAM usage) and closing after around three seconds. There is no error whatsoever, it is just closing the process and never opening any window.
Try the workaround in https://trac.torproject.org/projects/tor/ticket/17453 or wait for the next release.
Signature du problème :
Nom d’événement de problème: APPCRASH
Nom de l’application: instantbird.exe
Version de l’application: 41.0.0.5729
Horodatage de l’application: 000232e8
Nom du module par défaut: d2d1.dll
Version du module par défaut: 6.2.9200.16765
Horodateur du module par défaut: 528bf6b2
Code de l’exception: c0000005
Décalage de l’exception: 002284f6
Version du système: 6.1.7601.2.1.0.256.48
Identificateur de paramètres régionaux: 1036
Information supplémentaire n° 1: 0a9e
Information supplémentaire n° 2: 0a9e372d3b4ad19135b953a78882e789
Information supplémentaire n° 3: 0a9e
Information supplémentaire n° 4: 0a9e372d3b4ad19135b953a78882e789
Try the workaround in https://trac.torproject.org/projects/tor/ticket/17453 or wait for the next release.
I was able to connect to my Google Apps (for Work) gTalk account, but when I try to connect to a regular gmail gChat account it says Not Authorized and won't connect.
I'm guessing this has to do with 2-step verification. Same issue I'm having, despite correct password.
Likely has to do with 2-step verification. I'm having the same issue, despite entering the correct password.
Two things: check that you create an authorized app for use with 2-step. And secondly, see the comments above related to Google. (Ctrl+F "TorBirdy")
Hi, thanks for the nice work! I will test it soon.
Are you sure this really supports Facebook chat? I think Facebook dropped its XMPP support sometime earlier this year (see https://developers.facebook.com/docs/chat ) and as far as I can see Instantbird uses XMPP for the Facebook chat.
You mention in the release notes that it works wit gtalk and facebook, but does this assume thay they have their XMMP endpoints open? Facebook closed theirs a couple of months ago and gtalk only works if the user has not migrated to hangout. Is it sitll valid in those cases?
Does not start on Windows 8.1.
Maybe test a little before releasing?
We did test but there was an issue with hardware acceleration on some computers. We have a workaround here that will be fixed in the next release: https://trac.torproject.org/projects/tor/ticket/17453.
My Facebook account doesn't allow me to log in because it is from an unknown location. But this is going to happen all the time, right? What can I do about it?
LOL, does not accept any username for facebook.
Seriously, why are you pushing out a broken product? Are you developing pc games in your free time?
Jesus.
The reason why I switched from pidgin to gain as XMPP-Client was that there openpgp plugin allows to send offline-messages to your contacts -- something that doesn't work with OTR. An other tool that allows to send encrypted offline messages is retroshare and at least I think that an messanger that's not capable to send offline messages is quite useless. Personally, I prefer OpenPGP solutions over OTR, mostly because I have to share my public just once and not at every single contact (on the down-side their is no deniability).
I doubt this is a good idea. With this you basically send the message that it is OK to log via Tor to your personal gmail or facebook account - which obviously defeats the purpose of connecting via Tor on the first place.
The identity of most people is linked to their "normal" accounts, especially on Facebook which enforces a strict "real names" policy.
Furthermore, both gmail or facebook will kick you out if you try to connect via Tor, and that is going to be confusing and furstrating for the vast majority of uninformed users.
Summing up:
- not user friendly
- it encourages super bad OPSEC.
This is not just for Google Talk or Facebook. This is for IRC and Jabber as well, both of which work fine without associating any real identity. Not to mention, like we said in the blog post, a lot of people use Google Talk or Facebook because they have their existing networks there -- we are just providing a secure way for them to use it without revealing their location or the content of their chats, which Tor and OTR take care of quite nicely.
"Not user friendly". We know we can do better. It will help to know the specific concerns.
Why doesnt TOR work with Jitsi.org I think its the best encrypted chat platform because it also handles end to end encrypted VOIP and video calls, and is open source
Thoughts?
Is SILC still relevant? At one time there were some SILC servers operating as hidden services. I didn't see an Instantbird add-on for the SILC protocol. Pidgin works and is recommended on the main SILC website.
SILC - Secure Internet Live Conferencing
http://silcnet.org/
Feedback/Bugreport
The error message you get when running it right from the .dmg on OS X 10.11.1 is not correct: "Profile Missing Your Instantbird profile cannot be loaded. It may be missing or inaccessible."
Expected behaviour: Dialog:"Tor Messenger can not run from the disk image, pls copy to applications folder"
also the window for the "Tor Network Settings" stays ontop of all other windows
Try this: "On OS X, copy the Tor Messenger application from the disk image to your local disk before running it.".
Current version of todays date when connecting to irc networks that have ssl v2/v3 disabled and allow only TLSv1 to v1.2 and high ciphers such as aes256-gcm-sha384
please fix it.
The messenger tor works, but when you get using the Facebook "message", he warns that the password may be wrong, but is not! everything is right, the other features are OK, but when using the facebook does not work ... I'm on windows 8 64bit ... help!
When attempting to connect via Google Talk, it fails during authentication even though the correct password is presented. I figure this has to do with 2-step verification. Any way around this?
Please see https://blog.torproject.org/comment/reply/1086/113404 for more information.
Post new comment