[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] iObfs: obfs4proxy on iOS



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

[Cross-posted to guardian-dev and tor-dev.]

Hey, friends.

I suppose this serves as a project announcement of sorts, and also as
a progress report regarding the current status of this thing.

iObfs is an effort to build obfs4proxy for iOS and to also build out
some techniques for actually making it usable within other
Tor-enabled iOS apps. You may have heard me or n8fr8 discuss the idea
at the dev meeting a few weeks ago. I'm not in love with the name I
gave it (it's a placeholder that stuck around), but such is life. The
repository is currently hosted at [1].

[1]: https://github.com/mtigas/iObfs

The initial sprint is being supported by a small Guardian Project
grant through mid-April. The high-level goals are to:

  1) successfully cross-compile obfs4proxy for the iOS environment
  2) "library-ify" it and link it into a proof-of-concept iOS app
  3) figure out how to get it to work without "managed mode"
  4) build out a process for maybe putting it into Onion Browser,
     iCepa[2], and other Tor iOS efforts

[2]: https://github.com/iCepa

I've got a bit of work regarding #1. I think I'm close to getting the
binary running, thanks to the existence of the gomobile tools[3].
Using gomobile, you easily get[4] an "obfs4proxy.app" and (given a
properly configured Xcode and iPhone) you can put it on a device. But
it crashes right now because (I believe) the iOS SDK requires apps to
declare some user interface (even if it's blank). So that's close,
but my relative lack of experience with Go and the Go buildchain have
made #1/#2 a bit slow-going.

[3]: https://golang.org/x/mobile/cmd/gomobile
[4]: https://github.com/mtigas/iObfs/blob/master/buildobfs4.sh

This week, I also took the time to figure out how PT "managed mode"
actually works and now have a good idea of how I'd get obfs4proxy to
work in an environment where tor can't fork it as a subprocess. There
were some conversations I had during the dev meeting where we thought
I'd have to use the control port and manually build circuits or
something crazy like that -- but it turns out that the solution is a
lot simpler.[5]

[5]:
https://github.com/mtigas/iObfs/blob/master/notes/obfs4-nonmanaged.md

This essentially solves #3, so the big barrier now is
cross-compiling, "library-ifying", and linking -- rather than the
software implementation bits.

Anyway, that's where things are. Progress will surely ramp up a bit
over the next few weeks. Comments welcome.

Best,

Mike Tigas
@mtigas | https://mike.tig.as/ | 0xA993E7156E0E9923
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJW9wKpAAoJEGQdTjqn+ftyos4IANK+jKe+mdU3IcDGGWp48QnT
34a8DCk4u17MhGnoiPuRVjyF4R380v6+O23lzDsXpDA3bhorBirn1fdkJpnvTsb1
IiS75Q3falq+TPZ5pYCnijFLE0sj0VphdHcZuoiHnn6n8HlYZ13ih9sfZTUg/4pa
nxNGL83H62vpuR2voeLWPgfJi+QRVIJVa9zSOz8xE3nE70sGNhbWpWlTn12UbMvj
f3QmclTPNAuLCXGANyEG1QkTu+k6lHWCCOcJh/wQmwgWHgfhu3fr+PEq6WpjFqMl
4Znhn7SvLlE1lADT8FnAbfz9ND1rT+BVmhITEnQ11eXcb0YHJOLPN8Fmua+G/eM=
=3Daj
-----END PGP SIGNATURE-----
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev