[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Anonymity on mobile devices



Hi,

<SNIP piece explaining why tor on the device is not feasable>

> So we switched to a different architecture: now there is gateway to 
> which the user connects to and which does all the anonymizing for him. 
> This means we have a single point of failure, but we only need to 
> connect securely (TLS,VPN,...) to the gateway.
> Additionally we want to enable the user to choose the way of 
> anonymizing, e.g. using Jap or Tor. Because of this and because we use 
> the gateway for some other things, we had to design our own protocol 
> which is similar to Socks, but has some additional parameter for the 
> anonymity configuration.
> So our architecture looks like this: the mobile client connects securely 
> (by VPN) to the gateway, then it sends a Socks-like connect request 
> along with the configuration parameters to the gateway, the gateway 
> sends a request to the chosen anonymity service (e.g. talking socks5 to 
> Tor on port 9050) and after the connection has been established the 
> gateway forwards all incoming data.
> 
> What do you think of this architecture and of anonymity on mobile 
> devices in general? There was a system called mCrowds which implemented 
> Crowd's Jondos on WAP-gateways. Does anyone know it?

What do you want to protect against ? the provider snooping? if so where is 
this gateway running?

gtx.
  dvorak