Go to file
Kevin Froman ea04c5ea2c removed whitespace check that was not necessary 2020-04-24 11:28:18 -05:00
src removed whitespace check that was not necessary 2020-04-24 11:28:18 -05:00
tests fix test_server.py 2020-04-23 22:22:50 -05:00
.gitignore updated gitignore 2020-04-23 04:29:35 -05:00
.travis.yml added tor build dependencies apt install 2020-04-23 04:55:39 -05:00
CHANGELOG.md removed whitespace check that was not necessary 2020-04-24 11:28:18 -05:00
LICENSE initial commit 2020-04-16 06:41:49 -05:00
Makefile added stuff for CI 2020-04-23 04:36:55 -05:00
README.md Update README.md 2020-04-23 10:18:31 +00:00
dummy.png fixes and added images 2020-04-20 06:15:19 -05:00
no-dummy.png fixes and added images 2020-04-20 06:15:19 -05:00
requirements.in added stuff for CI 2020-04-23 04:34:51 -05:00
requirements.txt added stuff for CI 2020-04-23 04:34:51 -05:00
run_tests.sh initial commit 2020-04-16 06:41:49 -05:00
setup.cfg initial commit 2020-04-16 06:41:49 -05:00
setup.py removed whitespace check that was not necessary 2020-04-24 11:28:18 -05:00

README.md

youandme 🧑‍🤝‍🧑

Build Status

Only you and the person you're talking to should know the details of the converation.

This is a Python library to share data anonymously and securely* with limited traffic metadata. It is designed for generic byte streaming, but a script 'yam' is included to enable basic CLI instant messaging.

* The ID one connects to a host with must be shared via a secure (private, authenticated) channel.

$ pip install youandme

You also need a recent Tor daemon in executable path. 0.4 Tor is what is tested. https://www.torproject.org/download/tor/

why

In normal socket connections, Eve can see when Alex and Bob communicate and the size of their communications.

This library sends continuous streams of data (null bytes) even when no information is being communicated, in order to increase unobservability of transmission times and packet sizes.

Anonymity and encryption is provided via Tor onion services, though this library could easily be adapted to use plaintext (and encryption by an application) or another relay like I2P.

security

As stated above, this library does no authentication. However, if the ID is shared privately and safely, the tunnel will have roughly the security of a Tor v3 onion service, with increased metadata unobservability.

What an attacker sees in a normal Tor connection

What an attacker sees in a youandme connection