-
Notifications
You must be signed in to change notification settings - Fork 89
Quiet FAQ
No! We don't want your data or your metadata.
No! We don't believe in forcing users to choose between running their own server and trusting someone else's, so we made Quiet fully peer-to-peer.
Quiet uses the Tor network. Those are servers in a sense, but they relay encrypted data given the protections established by Tor. Quiet also uses Github to deliver updated versions of Quiet. Other than that, Quiet is fully peer-to-peer.
Yes. Via Tor onion addresses.
No. The only time Quiet connects to the Internet without Tor is to check for app updates and download them.
Members of a Quiet community (analogous to a Slack organization or a Discord "server") use libp2p/IPFS to connect to each other, in an insular network for a specific community.
No. Each community creates its own totally isolated IPFS network, with members connecting over Tor.
Yes. Community members must have a valid certificate to connect to other peers.
No.
No. Quiet uses v3 onion addresses, which are not guessable.
No, only Tor onion addresses.
Quiet uses Tor for basic privacy protection, for metadata privacy, for reliability, and for decentralization.
If not done carefully, decentralized tools can quickly become less private than centralized alternatives. Tor is essential to achieving a baseline level of privacy in Quiet because it gives us clear guarantees that make reasoning about the privacy properties of the overall system much easier.
IP addresses can reveal a lot of information. They could reveal where you live, where you are now, and your approximate movements throughout the day, as well as your institutional affiliation if you are connecting via an academic or company network. In a centralized messaging app, everyone connects through a central server, so this information is only revealed to the server, which can use it responsibly. They might reveal it to advertisers or government, but not to random users. However, in a peer-to-peer network, an IP address could easily be revealed to many or all random users.
A user of a messaging app would not expect to reveal their approximate location, educator, and/or employer to other random users. Nor would they expect to be sued by a copyright troll over an image posted by someone else. But a decentralized messaging app that exposes user IP addresses could do both of these things.
Without something like Tor (or a VPN) a decentralized messaging app would be less private and worse than its centralized competitor, leaking this sensitive IP address information. As everyone who has ever received a warning letter for using Bittorrent knows, this can be quite an unpleasant surprise. Decentralized apps need Tor (or something like it) not for "dark web" style anonymity—they need it to just maintain parity with the built-in privacy of centralized apps like Slack and Discord.