[tor-talk] Anonymity and Voip

grarpamp grarpamp at gmail.com
Fri May 11 05:33:41 UTC 2018 

On Thu, May 10, 2018 at 8:43 AM, panoramix.druida
<panoramix.druida at protonmail.com> wrote:
>> https://www.onioncat.org/
>> https://github.com/david415/onionvpn
> So my understunding is that I could use any IP protocol and communicate with each other as if we where in a LAN. Is that right?

Yes, even raw IPv6 (protocol 0), nmap, etc, all works fine over them.
They call it a lan since it's a /48 on an interface, but there's no
broadcast traffic, so technically not a lan, but it's better that way.

> If so is there any FLOSS VOIP program that allows me to comunicate directly to other IP without the need of a server?

There's a see also section with links to lots pages of tools...
https://wikipedia.org/wiki/Tox_(protocol)

Some of those tools will be TCP, UDP, onion aware, IPv4, IPv6, or not.
Even point-to-point stuff like Cu-SeeMe / pgpfone from 25 years ago is
still out there, pick whatever makes you happy. But to be on the safe side
you probably want something that is currently maintained, uses current
(aka: efficient, etc) opensource codecs, supports perfect forward secrecy
or at least a strong crypto model, and so on.

Direct serverless connection typically termed point-to-point (ptp),
not peer-to-peer (p2p).

There's more apps listed at places like...
prism-proof.org
privacytools.io


> If the conversation is end to end encrypted no one should now that they where talking and that the converation happend.

Well you need to define the threat model. But generally,
encryption alone over clearnet is insufficient to do that.
It needs run over an anonymity network to hide the participants.
Should use it's own in app crypto in case the anon network crypto
fails or you fuck up. And if the clients log, there's easy proof
there, which can easily be hacked into any client anyway.

Then there's what the anon net can do...
Protect from local ISP, work, school, cafe, some website... ok sure whatever.
Protect from FVEY++ and all their partner / tapped tier-1's,
a pile of corporate or other sybils, etc... you better be asking some serious
pointed questions of any anon network that claims this, including tor,
and up the opsec more than a couple levels to hopefully compensate.

More information about the tor-talk mailing list