Tor Messenger Review – Just Another Messenger or Light at The End of Privacy Tunnel?

Introduction

In October, 29 Tor Project has presented the Tor Messenger – client for popular IM-services like Facebook, Google, Twitter, XMMP and based on Instantbird. OTR (Off-The-Record) Messaging in XMPP-based services are default enabled. General idea of this new messenger – users can communicate with their usual serviсes via Tor tunnels and government or hackers can’t track their client-server routes and location.

Why Instantbird? Tor developers says:

  •  transport protocols are written in JavaScript – nice memory-safe language (Not for me – TLHP)
  •  good GUI and extension support * XUL application – code can be imported from Tor Browser (also Firefox-based)
  •  big community
  •  OTR support

Now Tor Messenger can be use in Linux, Windows and OS X. Mobile version isn’t available. Checksum verification and regular updates highly recommend.

Client

Tor Messenger is a Instantbird with the minimal improvements: new logo, additional theme , and some new extensions: ctypes-otr – js-ctypes wrapper for libotr; and Tor Launcher for running Tor tunnel. Every human who uses Firefox can remember this settings window:

Right, this is the Mozilla Firefox – Instantbird made by Mozilla in Firefox style. You can also change some “under the hood” settings in about:config editor. Maybe if you use Firefox – Instantbird isn’t a bad choice. Some untypical things for Firefox style – default themes: Instantbird has four default themes and supported the color scheme change for every theme. Other themes and extensions is also supported.

Here is all supported services: Facebook Chat (now dropped by Facebook), Google Talk, IRC, Odnoklassniki (Russian social network), Twitter, XMPP, Yahoo.

Resume

Shortly – I want more. Seriously, in the scheme client <-> Tor <-> services we can see a one problem – services. Really, if you use some proprietary services like a Google/Yahoo/Twitter is too hard detect you, but nothing impossible: contact lists, messages, style and others can blow on. The Tor is not a placebo – let’s remember the Silk Road history. Pidgin in my opinion is better than Instantbird, also support OTR and have a larger community. OTR is a great thing, but all clients need to support it: if your XMPP-client don’t support OTR – conversation works without OTR encryption.

Some service like Google use two-factor authentication and location warning (if you authorize from non-typical IP), using Tor with those services is hard.

I don’t recommend this application is serious security use cases, but using can be interested in countries with strong censorship like China or Russia: for example, Google is banned in China.

Tor Messenger today only in beta stage, some features can change in the future. If you are interested in secure chat, please also check the Tox and Matrix articles – this protocols doesn’t use proprietary services. Thanks for reading.

Read more:

Introduction to Matrix — Free & Open Source messenger with audio/video calls as Skype/Viber/Slack Alternative

Introduction to Tox — Free & Open Source messenger with audio/video calls as Skype Alternative

Programming with GNOME Builder: Review and Coding Practice

Qubes OS Review – Every Application Running in Isolated Xen VM