Tor Messenger beta debuts, promises unlogged Jabber for all
Instant messages with onion breath to scare away the spooks
The Tor Project has launched what some say is the easiest-to-use encrypted chat tool for the truely paranoid.
The beta version of Tor Messenger, which routes conversations through the global Tor network, is the culmination of about two years work and follows the launch of an Alpha version last February.
Tor Messenger is different from rival TorChat in that it works with Jabber and Adium IM protocols used by the likes Facebook, Google, and Yahoo! but hides the Off-the-Record protocol and Tor routing complexity behind a simple GUI that won't boil the blood of regular net users.
Logging is switched off by default, which will frustrate law enforcement who often find a trove of evidence in digital chat trails.
"Tor Messenger builds on the networks you are familiar with, so that you can continue communicating in a way your contacts are willing and able to do," developer Sukhbir Sing proudly blogs.
"This has traditionally been in a client-server model, meaning that your metadata (specifically the relationships between contacts) can be logged by the server, however, your route to the server will be hidden because you are communicating over Tor.
"Our current focus is security, robustness and user experience - we will be fixing bugs and releasing updates as appropriate, and in the future, we plan on pairing releases with Mozilla's Extended Support Release cycle."
The software is in Beta mode still requires comprehensive auditing. On the cards for future work is automatic updating, encrypted file transfer, and Off-the-Record support for Twitter direct messaging.
The client is available Windows, 32-and-64-bit Linux and Mac OS X.
Privacy wonks are urged to get in touch with the non-profit group with suggestions and any bug finds. One has already emerged and inflicted pain when your correspondent tried the tool under Windows 10. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Privacy Sandbox
- Trusted Platform Module
- Zero trust