Frequently asked questions

Why should I use QRTalk?

QRTalk is the right choice for you if one of the following holds:

✓ I don’t want my confidential messages to be stored on someone else’s server.

✓ I want to be able to discontinue service whenever I want and to erase all data from server disks.

✓ I want to be able to control who accesses the system deleting or locking undesired accounts.

✓ I don’t want to disclose my personal info such as my email, telephone number or name.

✓ I don’t want to disclose my mobile device info such as telephone number, IMEI or UDID.

✓ I want to create a private dark-net to support confidential communications between trusted persons.

✓ I don’t want anybody to be able to disclose my messages unless they steal my phone and prove to be very good hackers.

Is QRTalk really anonymous?

Yes, it is. You can be sure that QRTalk does not access your personal data simply checking app permissions.

Compare QRTalk required permissions with other messengers’ required permissions browsing your phone system settings.

nulltap-permissions

QRTalk

other-permissions

Other messenger

What makes QRTalk encryption different?

Many messengers pretend to encrypt exchanged messages, however service operators are still able to read the contents of your messages or to forge messages.

✓ Only the connection between mobile device and server is encrypted. Messages cannot be accessed while in transit over the network, but they are back in plaintext form again when they reach the server.

✓ Messenger claims to use end-to-end encryption, but users have no way to verify each other’s public keys. It is easy for the service operator to make a man in the middle attack by manipulating the key exchange mechanism.

✓ Messenger claims to protect public keys, but users have no way to verify that message sender owns the complete key pair (i.e. both private and public key); message forging remains possible.

QRTalk encrypts all messages twice: using recipient’s public key upon creation and using session key before network transmission.

QRTalk allows users to verify public keys of other users offline (recipient certification).

QRTalk allows users to sign message contents with their private key (sender certification).

QRTalk offers private servers: no service operator stands anymore between you and your contacts since the server is owned and controlled by you.

Does QRTalk require Google Play Services?

QRTalk is independent of Google Play services.

However, if you choose to install Google Play services, Google Cloud Messaging (GCM) will be available on your device. Google Cloud Messaging speeds up new messages notification when QRTalk is in background and minimizes overall battery drain.

Is QRTalk battery hungry?

Yes, it is. Security comes with a price and strong security is not cheap.

Encryption is a CPU intensive task and CPU activity means battery drain. The more messages you exchange, the more battery you use. When you don’t send or receive messages, no battery is used at all.

Can I install QRTalk on multiple devices?

Yes, you can. Keep in mind however that QRTalk is totally anonymous and each profile will have its own unique key-pair, user ID and directory entry on server. You cannot use the same profile on two different devices at the same time. However you can export a profile and import it back on a different device.

It’s up to you to choose an appropriate distinctive nickname or avatar for each of your profiles.