[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tor-talk] Firefox with Tor on Android?
On Wed, May 20, 2015, at 03:44 PM, Jens Lechtenboerger wrote:
> Hi Nathan,
> many thanks for your quick reply!
> On 2015-05-19, Nathan Freitas wrote:
> > On Tue, May 19, 2015, at 04:33 PM, Jens Lechtenboerger wrote:
> >> the usage instructions for Tor on Android at
> >> https://www.torproject.org/docs/android.html.en
> >> are unsafe for Firefox users.
> >> Firefox on Android downloads favicons without respecting proxy
> >> preferences. See here:
> >> https://bugzilla.mozilla.org/show_bug.cgi?id=507641#c12
> > Yes, that page is very out of date and needs to be updated. It wasn't a
> > bug originally, but when Mozilla started moving more code over to
> > Android/Java domain, they introduced it. I am making it a priority to
> > make sure it is accurate. We have also removed the Proxy Mobile add-on
> > from the Mozilla Add-on store awhile ago, when the favicon leak issue
> > was discovered.
> Some big warning signs might be a good idea. In particular, on
> pages like this:
Yes, we are actually in a dev sprint right now to do a few things:
1) Remove all traces of broken or no longer recommended solutions
2) Add more clear documentation about when WebView/WebKit apps like
Orweb or Lightning are safe to use (on Android 4.3 and higher, etc)
> > Hmm... "Tor Everything" should work if you have a rooted Android device
> > with a kernel that supports iptables properly. Also, if you haven't seen
> > Mike Perry's post on Android hardening/tuning, please read it:
> > https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
> Great post, many thanks for the reminder!
> > Which Android OS are you running, and which version of Orbot?
> Android 4.2.2. I tried Orbot 15.0.0-RC-3 and 14.1.4-PIE.
> > Have you tried the latest "Apps VPN" feature that tunnels all
> > device traffic through Tor without root?
> Initially, I didn’t because the warning said that “it should NOT be
> used for anonymity.”
> I just tried that with 15.0.0-RC-3, but failed to get VPN working.
> If I klick “Apps” first, and start Tor afterwards, no circuit gets
> built. In the log I repeatedly see “The connection to the SOCKS5
> proxy server at 127.0.0.1:10720 just failed.”
That is the way to do it (click Apps first, then start Tor). Make sure
to disable all root, transparent proxying options, and also flush/remove
all transproxy rules in the "Debug" section of Orbot settings.
> If I start Tor first, and klick Apps afterwards, I cannot open any
> web page. (Very little data transfer is shown for OrbotVPN, some
> packets for each web attempt. The Orbot logs show some circuits but
> “Tried for 120 seconds to get a connection to [scrubbed]...”)
> I guess that I need “Request Root Access.” Other options?
No root is needed for this method.
> Firefox without proxy configuration?
You don't need any proxy config, correct.
> > Finally, if you use Orweb (super basic) or Lightning Browser (most
> > features you want), there is no favicon or other leakage.
> I’m surprised that you recommend Orweb. There is a big red warning
> at: https://guardianproject.info/apps/orweb/
> I’ll check out Lightning Browser at some later point in time.
Again, that language is out of date. I really need a web / documentation
person to help make sure we keep this content accurate.
tor-talk mailing list - firstname.lastname@example.org
To unsubscribe or change other settings go to