The most common questions we get are answered here. If you have a question for us that you think should appear in this list that doesn't, send an email to the support mailing list with your suggestion: firstname.lastname@example.org
Tox protects your privacy by:
Look in the profile or settings panel of your client to get your Tox ID which should look something like:
Give yours to your friend and get your friend to add it. That's it.
If you remove someone from your contacts list, they will see you go offline, as if you closed your client normally. They can't communicate with you any longer until you add them to your contacts list again.
Tox makes no attempt to cloak your IP address when communicating with friends, as the whole point of a peer-to-peer network is to connect you directly to your friends. A workaround does exist in the form of tunneling your Tox connections through Tor. However, a non-friend user cannot easily discover your IP address using only a Tox ID; you reveal your IP address to someone only when you add them to your contacts list.
No. That said, in some situations a client will choose to use publicly listed bootstrap nodes to find their way into the DHT.
Tox uses the cryptographic primitives present in the NaCl crypto library, via libsodium. Specifically, Tox employs curve25519 for its key exchanges, xsalsa20 for symmetric encryption, and poly1305 for MACs.
Tox does not make use of SIP.
Tox generates a temporary public/private key pair used to make connections to non-friend peers in the DHT. Onion routing is used to store and locate Tox IDs, to make it more difficult to, for example, associate Alice and Bob together by who they are looking for in the network.