[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion

To: Roger Dingledine <arma@xxxxxxx>, tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion
From: Nathan Freitas <nathan@xxxxxxxxxxx>
Date: Fri, 21 Jul 2017 13:55:28 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 21 Jul 2017 13:55:50 -0400
In-reply-to: <512753.da8c3bc73300a9bd8bf4034c96c9e64b48ab223b@popretr.messagingengine.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <HE2ETFQK_9de7bryhTFmCf-TF0N7eD2RMc0CB-BjVnvyp1fYcxN7QuWp9uKrkDXkcCgCfIpiVvigf-rwCaM7nA5IYHd0tm2VqyF65v_8diE=@protonmail.com> <512753.da8c3bc73300a9bd8bf4034c96c9e64b48ab223b@popretr.messagingengine.com> <20170719054400.GA13346@moria.seul.org>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Wed, Jul 19, 2017, at 01:44 AM, Roger Dingledine wrote:
> On Tue, Jul 18, 2017 at 11:30:44AM -0400, InterN0T wrote:
> > The developer basically took Mike Tigas' iOS app and introduced several vulnerabilities to it that could be used to track users
> 
> To be clear, right now there are no ios apps that are on par with the
> protections that Tor Browser provides.
> 
> You can read more about the general issue at
> https://blog.torproject.org/blog/tor-heart-onion-browser-and-more-ios-tor
> 
> tl;dr you should assume that there are proxy bypass flaws in every
> single ios app that aims to be a Tor Browser replacement.

Yes, but there is a big difference between malicious, intentional flaws,
and ones that are the result of the limitation of the Apple platform and
policies. We can't lump Mike's Onion Browser effort in with the former.

Onion Browser 2 (now in beta) is NOT Tor browser for iPhone. However, it
is a fantastic privacy-enhancing browser for iOS, that includes Tor,
HTTPS Everywhere, and other security and privacy oriented features
unavailable in most browsers for iPhones. It does not track you. More on
the new beta here:
https://www.patreon.com/posts/quick-onion-2-0-12054247

+n
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion
  - From: InterN0T
- Re: [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion
  - From: Roger Dingledine

Prev by Author: [tor-talk] Fwd: Orfox v1.4 Beta (based onTor Browser 7.5) is out
Next by Author: [tor-talk] Reminder: Support for 0.2.4, 0.2.6, and 0.27 will end on 1 August 2017
Previous by thread: Re: [tor-talk] Beware of insecure mobile Tor apps such as Orion/Torion
Next by thread: [tor-talk] PDF download difficulty in TBB
Index(es):
- Author
- Thread