[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] TOR Fone - p2p secure and anonymous VoIP tool


I haven't seen TOR Fone discussions on this list. Description (selection
by adrelanos, see TOR Fone homepage [1] for original text).

> TORFone was designed to communicate voice via Internet (make phone calls to the addressee) similarly to Skype but with the following differences:
> 1. TORFone is an open source project, therefore it indicates no "backdoors" and allows quick fixing of potential vulnerabilities.
> 2. TORFone is fully portable (it can be run from a flash carrier or virtual TrueCrypt-disk and leaves no residue in the system) and works with all versions of Win32 from Windows 98, has very low system requirements (above PI 233 MHz 32M RAM), is economical in traffic (at least 20 kbit/s which corresponds to the GPRS Class 10).
> 3. TORFone decentralized ie does not use an external server and does not require pre-registration number.
> 4. TORFone provides full confidentiality (by using DH-4096 to match the session key and 3-DES to encrypt the voice traffic). The attacker who mirrors the traffic is unable to listen to the conversation and is not able to decode it later even if he gains access to the computers of participants.
> 5. Caller and callee are completely anonymous to each other and to outside observers (a call is made on hidden TOR-service user).
> 6. Calls using TORFone is hidden to the outside observer since TOR traffic not differs from usual https-connection.
> I think now that TORFone is one of the most anonymous and confidential tools for the Internet telephony. The payment for anonymity is voice latency up to 2-4 seconds (because traffic goes through a chain of 6 nodes located around the world). If anonymity is non-important Torfon can work as a direct connection "point to point" using IP-adress / domain name which fully keeps the privacy. Torfon also provides subscriber voice authentication to avoid attack "man in the middle" and, therefore, it can be used to exchange by personal data (such as files or short text messaging) safely.

It looks like an interesting tool.

Before writing this mail, I contacted the author of TOR Fone and asked
him if he is signed up on tor-talk or willing to so because I was
planing to ask some questions about TOR Fone in public. He answered fast
and told me he signed up, so he will probable answer questions here.
Looking forward to that.

My questions...

What's the difference in TOR Fone and zfone/ZRTP?

If PGPfone has been abandoned by in favor of zfone/ZRTP, doesn't this
mean, PGPfone lacks security features from zfone/ZRTP?

Why does TOR Fone use encryption at all? Is this supposed to be an extra
layer of encryption added to the one already provided by Tor hidden

Why did you fork PGPfone and not some actively maintained Voip application?

Do you plan to make a Linux version, is this possible at all or does it
run in Wine?

> Added safe text message feature (crypto chat).

Based on what?

> Enabled the safe file transfer feature (was disabled in the original

Why was it disabled in the original PGPFone?

What's the license of PGPfone?

What's the license of TOR Fone?


[1] http://torfone.org/
tor-talk mailing list