[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Android Was: Re: Tor on the Nokia N900 (Mobile Tor stuff)



Rich Jones wrote:
> Jacob - Are you aware of TorProxy / Shadow Browser for Android -
> http://www.cl.cam.ac.uk/research/dtg/android/tor/ - is this going to
> building on that? Either way, I'm excited. I've gotten quite good at
> Android stuff and would be interested in helping out, if you need a
> hand.

Hi Rich,

Yes - we've been somewhat in contact with the authors of TorProxy and
Shadow Browser. They did great work and it's quite a slick pair of
applications. However, the TorProxy in the Android market is absolutely
unsafe to use. It is based on research code that was never intended for
high security needs or real serious public use:
http://archives.seul.org/or/java/Sep-2009/msg00003.html

Rather, we're working on building an Android package we've codenamed Orbot:
https://svn.torproject.org/svn/projects/android/trunk/Orbot/

Orbot will replace the TorProxy component and it includes the C
reference implementation of Tor. It will also ship with Privoxy
(although we're also looking into Polipo) to provide an HTTP proxy as
well as the normal SOCKS4A/5 proxy interface into the Tor network.

We don't have a great solution for Shadow at this point and it's
non-trivial to sew it into Orbot. Nathan has a better grasp on the
Android internals that make the web browser component complicated across
Android versions. Perhaps he'll weigh in on it...

In any case, we're may move to a hybrid model for some mobile phones.
It's easy to provide a compiled Tor binary (the C reference
implementation) and a Java Tor implementation [0] in a single container.
This should allow for greater compatibility and hopefully everyone will
have better anonymity as a result.

Best,
Jake

[0] http://github.com/brl/JTor

Attachment: signature.asc
Description: OpenPGP digital signature