62 lines
2.9 KiB
Plaintext
62 lines
2.9 KiB
Plaintext
aTox privacy policy
|
|
|
|
1. aTox uses libtoxcore (https://github.com/TokTok/c-toxcore) to provide
|
|
instant messaging and audio/video conference functionality.
|
|
|
|
2.1 aTox stores your Tox profile only on your device, it's not stored on any
|
|
server.
|
|
|
|
2.2 If someone gains access to the Tox profile stored on your device, they can
|
|
claim your identity on Tox.
|
|
|
|
2.3 As a consequence of storing the profile only on the device, you can't
|
|
restore your Tox profile if you lose it.
|
|
|
|
3. aTox stores the message and audio/video call logs only on your device, they
|
|
are not stored on any other server.
|
|
|
|
4. All the data sent over the network, including messages and audio/video
|
|
calls, are sent encrypted in such a way that only the intended recipient can
|
|
decrypt them.
|
|
|
|
5.1 All the data sent over the network, including messages and audio/video
|
|
calls, are sent directly to the intended recipient without use of any central
|
|
server, with a few exceptions as follows.
|
|
|
|
5.2 Tox tries to establish a direct, peer-to-peer, connection with the
|
|
recipients. In some cases it's not possible due to the network restrictions
|
|
(restrictive NATs), in which case libtoxcore uses a relay node to relay all
|
|
your conversations with a recipient. Note that by #4 the relay node can't
|
|
decrypt contents of messages and audio/video calls, as the relay node is not
|
|
the intended recipient of them.
|
|
|
|
5.3 If you have TCP mode enabled, your traffic is routed though a relay node.
|
|
Note that by #4 the relay node can't decrypt contents of messages and
|
|
audio/video calls, as the relay node is not the intended recipient of them.
|
|
|
|
5.4 If you have specified a HTTP or SOCKS5 proxy, libtoxcore will relay the
|
|
traffic using that proxy. Note that by #4 the proxy can't decrypt contents of
|
|
messages and audio/video calls, as the proxy is not the intended recipient of
|
|
them.
|
|
|
|
6.1 In order to be able to discover other Tox users and be discovered by them,
|
|
libtoxcore uses DHT. Every Tox client is a DHT node. The data that is stored in
|
|
DHT is 1) your temporary DHT public key, which can't be used to identify you as
|
|
it's generated randomly and changes every time you restart aTox, and 2) your IP
|
|
address.
|
|
|
|
6.2 The implication of this is that everyone can traverse the DHT and find the
|
|
IP addresses of all Tox users, including you. Everyone can tell that someone on
|
|
your IP address is running Tox. Those IP addresses might be the actual
|
|
addresses of Tox users, or addresses of proxies if the Tox users used a proxy.
|
|
If you don't want to let anyone know that you are running Tox on your IP
|
|
address, you should use a proxy.
|
|
|
|
6.3 Tox is designed to prevent any user you have not authorized (added as a
|
|
friend) from finding the association of your Tox ID and IP address based on DHT
|
|
data.
|
|
|
|
7. To connect to the DHT aTox utilizes a list of bootstrap nodes maintained by
|
|
Tox Project at https://nodes.tox.chat/. aTox chooses several of the bootstrap
|
|
nodes of this list at random and connects to them.
|