Tor Messenger 0.1.0b5 is released

We are pleased to announce another public beta release of Tor Messenger. This release features important security updates to libotr, and addresses a number of stability and usability issues. All users are highly encouraged to upgrade.

The initial public release was a success in that it garnered a lot of useful feedback. We tried to respond to all your concerns in the comments of the blog post but also collected and aggregated a FAQ of the most common questions.

OTR over Twitter DMs

Tor Messenger now supports OTR conversations over Twitter DMs (direct messages). Simply configure your Twitter account with Tor Messenger and add the Twitter account you want as a contact. Any (direct) message you send to another Twitter contact will be sent over OTR provided that both contacts are running Tor Messenger (or another client that supports Twitter DMs and OTR).

Facebook support dropped

Facebook has long officially deprecated their XMPP gateway, and it doesn't appear to work anymore. We had multiple reports from users about this issue and decided that it was best to remove support for Facebook from Tor Messenger.

We hear that an implementation of the new mqtt based protocol is in the works, so we hope to restore this functionality in the future.

Before upgrading, back up your OTR keys

Before upgrading to the new release, you will need to back up your OTR keys or simply generate new ones. Please see the following steps to back them up.

In the future, we plan to port Tor Browser's updater patches (#14388) so that keeping Tor Messenger up to date is seamless and automatic. We also plan to add a UI to make importing OTR keys and accounts from Pidgin, and other clients, as easy as possible (#16526).

The secure updater will likely be a part of the next release of Tor Messenger.

Downloads

Please note that Tor Messenger is still in beta. The purpose of this release is to help test the application and provide feedback. At-risk users should not depend on it for their privacy and safety.

Linux (32-bit)

Linux (64-bit)

Windows

OS X (Mac)

sha256sums.txt
sha256sums.txt.asc

The sha256sums.txt file containing hashes of the bundles is signed with the key 0x6887935AB297B391 (fingerprint: 3A0B 3D84 3708 9613 6B84 5E82 6887 935A B297 B391).

Changelog

Here is the complete changelog since v0.1.0b4:

Tor Messenger 0.1.0b5 -- March 09, 2016

  • All Platforms
    • Bug 13795: Remove SPI root certificate because Debian no longer ships it
    • Bug 18094: Remove references to torbutton from start-tor-messenger script
    • Bug 18235: Disable Facebook as they no longer support XMPP
    • Bug 17494: Better error reporting for failed outgoing messages
    • Bug 17749: Show version information in the "About" window
    • Bug 13312: Add support for OTR over Twitter DMs
    • Bump libotr to 4.1.1
  • Mac
    • Bug 17896: Add Edit menu to the conversation window on OS X
  • Windows
    • ctypes-otr
      • GH 65: Support Unicode paths on Windows
Anon

March 11, 2016

Permalink

OTR over Twitter DM is an incredible feature. I wonder if moxie would be willing to share his work on encrypted twitter DMs that was blocked for surveillance considerations... could be an excellent feature set to incorporate!

FBI Director Comey is spending quite a bit of time these days testifying before Congress, and not all his auditors are entirely happy with his rumored decision to charge Mrs. Clinton or his insistence on breaking American cybersecurity (not to mention privacy) in order to spy better on dead criminals or whatever nonsensical excuse he offers.

Suggestion for a fun PR stunt:

Get some journalists to communicate by TM over Twitter DM with a well known whistleblower and Tor supporter currently residing in Russia, and make sure someone passes a note to Comey to tell him about it during his testimony.

> We plan to highlight this feature a bit more.

Good.

> I guess without the two people you mentioned :)

I defer to your judgment on that score, but you/Shari *must* issue a statement on DOJ orders served on Apple and other companies, especially the rumored forthcoming backdoor order naming WhatsApp.

Oppressive governments may be willing to cooperate in a concerted attack on their perceived common enemy, human rights activists who use Tor, Ricochet, WhatsApp, Signal in iPhone, or whatever. On this basis, it seems not impossible that the security services of USA, UK, CN, RU, IR, VN might ink deals to collaborate in "rubber hose" breakage of cybersecurity measures protecting Open Source software. Even though those countries would be unlikely to collaborate on anything else, they are all likely to see HRW, Riseup Networks, Tor Project, WhisperSystems, Silent Circle, Apple, etc, as "dangerous adversaries" worthy of overt oppression.

It may now be true that the hand of every government is raised against us.

> Oppressive governments may be willing to cooperate in a concerted attack on their perceived common enemy, human rights activists who use Tor, Ricochet, WhatsApp, Signal in iPhone, or whatever. On this basis, it seems not impossible that the security services of USA, UK, CN, RU, IR, VN might ink deals to collaborate in "rubber hose" breakage of cybersecurity measures protecting Open Source software.

Not a day later, comes this grim news:

http://thehill.com/policy/cybersecurity/273047-china-asks-fbi-chief-to-…
China asks FBI chief to help battle terrorism, hackers
Cory Bennett
15 Mar 2016

> Chinese leaders on Monday urged FBI Director James Comey to work more closely with his Beijing counterparts on Internet security and anti-terrorism cases.
>
> The message came during a meeting in Beijing between Comey and Chinese Public Security Minister Guo Shengkun, according to Xinhua, a state-run news agency.
>
> “The two sides agreed to have more pragmatic cooperation in cybersecurity and anti-terrorism,” the report said.

A key point here is that China (and increasingly, the US--- cf Prepresident Trump) have rather broad interpretations of the meaning of the word "terrorism". China already uses this term to include political dissidents, and recently FBI keeps broadening its own use of the term, to cover for example eco-activists, animal-rights activists, BLM activists, divestment activists, social-justice activists, etc. (since any of these people, according to FBI, could turn violent at any moment, or might become "anarchists" or cybersecurity enthusiasts).

The major tech companies are outraged that the USG never really supported their attempts to stand up to Chinese demands for data on Chinese citizens (and exiles living in "the West"), and have been further outraged by the hypocrisy of FBI's anti-encryption campaign (CWII) and NSA's all-pervasive economic espionage.

And now it seems FBI and NSA are considering voluntarily sharing with the government of China the personal data of US persons and proprietary information of US companies which they collect under "counter-terror" mandates. What next? NSA sharing its data trove with the government of RU? VN? IR?

All the world's governments increasingly see themselves at war with the giant tech companies, because these companies increasingly operate independently of any government's control. A spate of trade treaties even prohibits national governments from enacting laws which would attempt to bring them back under government control. So to some extent, CWII ties in with a rather desperate attempt by the world's government to wrest back control of their national portion of the global economy. Hence demands such as these by the governments of USA and CN and other nations:

> China has also irked the international business community with a series of national security laws that foreign businesses say could give Beijing access to their source code and user data.

All the world's governments also see themselves at war with their own citizens, because increasingly the masses everywhere see their interests as being grossly abused by the political/economic elite.

So in broad outline, the history of the 21st Century seems likely to involve a grand global struggle between governments, corporate mega-conglomerates, and citizens. All three of these groups will increasingly tend to put the situation like this:

It's all of them against all of us.

Anon

March 11, 2016

Permalink

@ sukhbir:

Thanks for bringing us TM! Early days yet but I think this will be great!

Suggestion for the FAQ:

https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger/FAQ

Under libpurple add what you replied in previous threat to questions about the security of JavaScript. (You said it was a decision you made carefully and that you believe that JavaScript as used in TM is not as dangerous as JavaScript as used in Mozilla Firefox and thus in TB. Words to that effect.)

I hear many good things about Ricochet. Maybe explain in the FAQ why TM is not compatible with Richochet and whether that might change?

This is a big one: any chance you can persuade Shari to have Tor people reach out to journalists to promote TM use by journalists and whistleblowers? That doesn't quite contradict "at-risk people shouldn't beta test" since there is *no alternative* to TM that I see for at-risk people who need to chat with a journalist.

Good point, I've updated the FAQ with a section on JavaScript.
https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger/FAQ#Java…

We've been planning a table to detail who has access to what metadata for the various protocols that Tor Messenger supports, and how that compares to Ricochet.
https://trac.torproject.org/projects/tor/ticket/17528

Isn't Ricochet an example of an alternative though? She'd sooner encourage you to use that. It was recently audited,
https://ricochet.im/files/ricochet-ncc-audit-2016-01.pdf

Tor Messenger has only had a minimal internal audit at this point, with lots left to cover. We mean it when we say, "At-risk users should not be depending on it for their privacy and safety."
https://trac.torproject.org/projects/tor/ticket/10944

OT, but speaking of tables, I would love to see Tor Project, in concert with EFF, Access, ACLU and other civic minded groups, to reach out to student orgs at major universities around the world but especially in the US, possibly providing materials for "tabling", in which activists sit at a table at some prominent location on campus, perhaps near the student union, and offer information, leaflets, advice, Tails DVDs, and Tor stickers to students. Another good location might be outside Apple stores or Google stories if management agrees.

Unfortunately Tor Messenger is much more stable then Ricochet currently. With Ricochet I've been having issues seeing people online that I know are online (because they're in the same room as me), while we can see other people online (so we're clearly connected to the network). Plus random crashes. I guess I should file a bug report.

Tor Messenger is working great, though! Would like to be able to have the same options editing an account as creating it. (For example, if I made a typo in the username/server when adding an account, I have to delete and re-add to fix it.)

Is our Man on Ars still available for a TM chat?

@ sukbhir:

Can please you have a dozen other Tor Project people sign your signing key please? Some of us actually do try to use the Web of Trust. I know its clunky and far from ideal, but given the lethality and determination of our enemies, we need to use every tool at our disposal.

Thanks for your work on TM! Stay safe, and don't let the b*tards get to your keyring!

The current key (0xB297B391) expires soon so we will transition to a new key that has been signed by many more Tor developers than the current one.

Good, good.

I beg you to respond to questions raised in this blog about the rapidly rising potential that USG and its allies will attempt to compel TM devs (and other signers) to sign under duress a FBI-bought/made modification of TM, for either a targeted or dragnet attack on your users, who will accept the fake-TM as genuine because they have no way of knowing the signature was compelled.

This would be analogous to a healthy patient (happy TM user) who goes to the doctor for an annual flu shot (TM user who goes to torproject.org for latest edition of TM), who trusts her doctor (Tor Project) to inject her with a genuine beneficial health-preserving medicine (latest edition of TM), but unknown to the hapless patient, the government has coerced the doctor to replace the genuine vaccine with a deadly neurotoxin (state sponsored APT malware), and forbids the doctor to tell anyone what happened.

Can something like SSSS (Shamir's Secret Sharing System) and geolocation diversity of TP people who sign future editions of TM help?

@ sukhbir:

Although sha256 is currently considered good, md5 and sha1 are considered thoroughly broken by our most lethal adversary, NSA. Given that NSA is known to be expert in breaking cryptographic hash algorithms, wouldn't it be wiser to use GPG to sign the tar balls directly, instead of signing a statement of the expected sha256 results?

(If you hear different from anyone like Bruce Schneier or Jacob Appelbaum I defer to their judgment. But please share what they said with us!)

The reason we sign the sha256sums.txt instead of the bundles directly is that it makes verification easier if multiple people build Tor Messenger, which is currently the case; the Linux builds are reproducible and boklm and I build and compare the hashes and then sign the file sha256sums.txt file with my key. This also makes verification by users easier and we encourage you to do so.

I would support that Anonymous. It is much more convenient to make single "gpg --verify file.asc" command than to compare hashes with grep. I would also point out that Tor Browser Boundle provides both: signed (by all developers) file of hashes and directly signed tarball (with detached signature).

Thanks for the support. Yes, I too don't see how signed statement of hash values is more convenient than a detached gpg signature.

In any case, the new threat Tor Project needs to guard against is the possibility that FBI will compel coerced signing of FBI-modified files using authentic signing keys, and/or compel CA's to collaborate in secretly evading https and sending Tor users to a fake torproject.org sign serving malware, and possibly also faked statements from verifiers that the hash values for their own builds check.

It is far from clear that FBI could not also compel the verifiers to cooperate if they thought that would be useful. Once FBI starts using Putin-style rubber hose breakage of cryptosecurity measures, it would be difficult to imagine any national government which is truly immune from USG pressure. At best, some governments might be strong enough to demand a quid pro quo for their cooperation.

I too don't see how signed statement of hash values is more convenient than a detached gpg signature.

In open source community it is quite widespread to sign file with hashes, because typically one needs to sign bunch of different files. However, if only a single or couple of files will typically be download and verified by users (e.g., TBB case), then it is better to produce separate detached signatures for these files too.

An other reason for signing a file containing hashes is that it also contains the file names.

I always do, but I am very concerned that DOJ will shortly serve TP with a court order demanding that devs abuse the genuine cryptographic signing keys by improperly signing a version of TB or TM which has been modified by USG agencies or contractors to contain a covert undetectable APT malware function (cyberespionage backdoor with cyberwar data modification/destruction function), and prohibit any of you from telling anyone what happened. This could be used in either a targeted attack on some Tor users (people who speak out against FBI abuses for example), or a dragnet attack on all Tor users.

There is already Tor Chat, Ricochet, and others ones out there. Best to combine them all into one and merge with Tor Messenger?

I seem to recall that there may be some technical reason why Ricochet and TM can't work well together?

I think TorChat has been superseded by Ricochet (former no longer being developed, latter being developed).

I am not sure whether I can use Ricochet yet, but the software is available as a free download (with gpg detached signature) and the coder seems to know Sukhbir, and as mentioned above, unlike TM (so far), Ricochet has been audited and did fair--- which is better than most or even all other IM apps I think except Signal. Signal is only available for iOs devices, I believe.

Signal is available for Android, but won't work if you have a de-googled operating system without the Google Play Store service.

I'm waiting for something like Ricochet for phones.

You can try LibreSignal, which is a fork based on Web sockets without Google Play:
https://fdroid.eutopia.cz/

After connecting, receive error message: "Received unexpected data. Reconnecting in X seconds." Rinse, repeat. Using Yosemite.

What protocol and network? Anything in the error console? Can you file a bug on trac with more details so we can investigate?

Is Twitter group DM supported with OTR or just a one on one DM conversation?

The last time I used Tor Messenger with a Twitter account, it didn't prompt for a password the way Jabber prompts for a password. That would be bad for people who share computers.

OTR is for one-to-one conversations, so no, Twitter group DM is not supported yet. Re: your second point, do you mean you would like an option not to save the Twitter password?

Hello, is it coming in other languages than English? :)

Yes, most certainly. We are tracking this inhttps://trac.torproject.org/projects/tor/ticket/10945. We did ship an Arabic release earlier but have stopped doing it until we have a proper system in place to handle translations. But it is on our roadmap.

A million thanks to Calyx Institute for allowing us to register jabber accounts anonymously. But are they prepared to defend against FBI demands to backdoor their chat accounts?

Current edition of TM appears to allow my laptop to successfully connect to my Calyx account, but I think I accidently generated a new fingerprint when I intended to import my old one (tried to follow the directions in the FAQ). Any advice on checking/fixing?

Hoping to engage in one-one encrypted chat with a tech reporter or two or three million...

You can just replace the generated files with the ones you want to import (same as in the FAQ).

I don't think I am using TM correctly.

Is there a simple tutorial showing how to initiate an OTR chat once you are connected to a chat server?

Sadly, we don't yet have good documentation. It's on the roadmap for 1.0
https://trac.torproject.org/projects/tor/ticket/10947

The process should be similar to using other OTR enabled applications. Do you have any specific question I can answer?

My questions:

1. Using a previous edition of TM, I was able to create an account on a "Jabber" (xmpp?) chat server A and to generate OTR keys. J said he would be available there, but his handle suggests he is using another chat server entirely, chat server B.

When the current edition of TM came out, I followed directions to import previous keys fingerprint into current TM's directory on my computer.

When I call TM using the provided script, it appears to connect successfully to chat server A. But I dont seem to be able to contact J for a private OTR chat. And it seems TM might be confusing I and J.

Any suggestions?

2. I usually use Tails and have a strong preference for security/amnesia as well as anonymity. To use TM, AFAIK, I have to use online my usual offline OS (Debian stable). I believe TM tries to keep connection to chat server A alive by exchanging data every second. Is that right?

When I experiment with latest edition of TM, I also see an http connection to a mystery server associated with my ISP every minute or so, and this worries me. Should I be worried?

Vague suggestion for writing future TM documentation:

Some of your prospective users have virtually no experience with chat, and not all can buy a chat account. So we need explanations for everything. Videos work well for many people but some of us disable videos out of security concerns.

Can Clownfare go out of business PLEASE!

I have TBB 5.5.4

I keep getting disconnected when using Tor Messenger on my Twitter account. This message keeps appearing:

http://pho.to/A4iMY

While this message appears in the Tor Messenger tab in the section I try to send a Twitter DM to someone:

"An error (Your credentials do not allow access to this resource.) occurred while sending: ?OTRv2?
(my twitter account name) has requested an Off-the Record private conversation. However, you do not have a plugin to support that. See http://otr.cypherpunks.ca/ for more information."

I do have the OTR plugin. The people I try to DM also have Tor Messenger. They can't DM me either on Tor Messenger. Here is a screenshot of the OTR plugin I have:

http://pho.to/A4iOG

This also appears with a 401 error. It keeps getting disconnected, then re-connects, then disconnects and on and on.

http://pho.to/A4iMY

The Instantbird app does appear in my twitter account.

http://pho.to/A4iP5

Can you please file this using (https://trac.torproject.org/projects/tor/newticket) under the "Tor Messenger" component? We will carry on the discussion there. Thanks.

ICQ in tor messenger please tnks !