Allow easy transition to a new ToxID without having to start afresh #3335
Comments
Nope. There is a wrong assumption here. I.e. you don't have IDs of your friends, only PKs, which are insufficient to add friends to the new profile[1]. Thus it's not really possible to migrate. Idea is nice (aside from the button in main window) & stuff, but currently it's not really possible to make it work[2]. [1] Yes, it is possible to add PKs, but your friends will get no notification about your new PK, thus they won't even "see" your new profile. At all. And yes, for any interaction at all, you need to have either ID of someone, or you and your friend both need to know each others PKs. |
|
@zetok, What are the current ID sharing proposals? Maybe I could have a look if you listed some and see if I can think of a better one... |
There's Antox/Antox#134. |
|
@zetok, Ok, by the way, thought I would just let you know someone had a really good idea here about having a recovery pass-phrase so that I guess when you setup the profile you set it so that if you are to then later on try to request a change of the keys and ToxID for it to require the pass-phrase. |
|
If one manages to get access to your computer (either physically or remotely) they can steal your Tox profile and potentially also your password for it (if it's an encrypted profile). And all one can really do currently about it is to create a new profile, delete the old, then just reconfigure the new and add all contacts back. Now this is fine except for I think that there could be a better transition between the old and the new profile where your contacts' ToxIDs at least get saved and so are your settings to make it less of a shake up when you get compromised and you have to sort of start afresh again.
So I think that a really good method for this would be to have a button somewhere on the main screen which allows one to create a new profile (so to generate a new set of keys and ToxID and everything) but all of their contacts and current settings stay so that they just click this button and it's done, maybe they need to restart qTox, but it's that simple when you get compromised to get secure again.
So then the idea is that perhaps immediately or perhaps when you click on a contact (as they will still have your old profile listed as a contact and if it is set to automatically remove your old profile from their contacts list and add the new one a hacker getting hold of your profile could just as easily use this as a method to blocking you out so that they get your contacts, and you get no-one) you get a notice explaining the as you changed your keys you need to re-send all your contacts requests (but at least you have all your contacts easily listed there and don't have to get all of the necessary ToxIDs so it makes the process easier and less stressful) and there will be a little button or something allowing you to do this
Now when your contact receives the request it should probably launch a little box explaining to them that this profile is based on the profile of one of their current contacts and that they should make contact with the contact through other means before accepting the new request as this could just be a hacker with their profile, and if so then they should simply advise their friend to also change their keys as the hacker is still likely to have access to their current and proper profile.
So basically this would just make it much easier for a user whose profile is compromised to create a new profile in terms of security and privacy so that the hacker can't send stuff as the real them any more nor read their messages, but mean that the user doesn't have to reconfigure qTox again and have to get all the necessary ToxIDs again to add all their contacts back as it would all come with, the only thing that would be new would be the security side of things.
I originally filed a report on this on the upstream toxcore project but they thought it was more of a client side-implementation issue: irungentoo/toxcore#1580.
The text was updated successfully, but these errors were encountered: