[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[Fwd: Re: Tor on Android]

To: tor-java@xxxxxxxxxxxxxx
Subject: [Fwd: Re: Tor on Android]
From: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Date: Wed, 16 Sep 2009 03:27:54 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: tor-java-outgoing@xxxxxxxx
Delivered-to: tor-java@xxxxxxxx
Delivery-date: Wed, 16 Sep 2009 03:28:07 -0400
Openpgp: id=9D0FACE4; url=http://www.appelbaum.net/gpg.asc
Reply-to: tor-java@xxxxxxxxxxxxxx
Sender: owner-tor-java@xxxxxxxxxxxxxx
User-agent: mutt

This message from Lexi was rejected by majordomo and I'm forwarding it
on here...

-------- Original Message --------
Subject: Re: Tor on Android
Date: Wed, 16 Sep 2009 08:55:47 +0200
From: Lexi Pimenidis <siegen@xxxxxxxxxxxxx>
To: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>,	Andriy Panchenko
<panchenko@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
CC: tor-java@xxxxxxxxxxxxxx <tor-java@xxxxxxxxxxxxxx>
References: <4AB07511.7030605@xxxxxxxxxxxxx>

On Wed, Sep 16, 2009 at 07:18:09AM CEST, Jacob Appelbaum wrote:

Hej everybody,

> http://www.cl.cam.ac.uk/research/dtg/android/tor/

Uh, first time I learn from this project.

> Do we want to look at the project as a good starting point? Should we
> consider it time, as a community, to pick up where Lexi left off?

(for the record: it was a whole bunch of people...)

> Should we get the C client ported over to Android and packaged up?

I haven't been developing apps for Android, hence I don't know to which
extend
porting the C client will work. However, one of the many (long-term, and not
yet fulfilled) intentions of developing OnionCoffee was to avoid that a
bug in
the very single application running th Tor network could be used to exploit
all clients. (However, I agree that the Tor-client is one of the best
audited
pieces of software I've seen)

Hence my opinion is: sure, go ahead. OC was never ment to replace the
original
client in any way. On the other hand we invested a significant amount of
time
into it, so maybe it is worth the effort (for some open source developers)
to remove the bugs and keep it more or less up to date.

> Adam Langley did a build of the C Tor client for Android:
> http://www.mail-archive.com/or-talk@xxxxxxxxxxxxx/msg09408.html

Well done :)

> I think having Tor on Android is very important and it's a good first
> step to having anonymity enabled mobile devices.

I agree. If anywhere, mobile devices are in need of more privacy.

>----------------------- 2nd email -------------------
[.. a lot of accurate and correct stuff cut..]

> From just a cursory look, I do not believe it is safe to use OnionCoffee
> derived software when security or anonymity are desired properties.

You're completely right. OnionCoffee is more like a research platform than
suitable for wide deployment (in its current state).

> It doesn't seem like it would be impossible to fix these things and it seems
> likely that if we shake the tree, we'll find more stuff to fix...

I guess so. However, I personally do not have the time for contributing
significant amounts of time into OC - still, I'd be more than happy to
support those who do.
Maybe we could look for contributers on the main tor mailinglist - my guess
is that there are a bunch of people out there who know to code Java and
would gladly be able to send in fixes. At least I myself, maybe Andriy too,
could read the diffs and check in thos, which seem to advance the current
state.

Cheers,

	Lexi

-- 
Om. Uzlf Pfyzifofn, fOzr AyhD, Npfjdzminbm. 73, 50672 Gkzui
QA Gkzui DMH 58720, Aznjdqztbntczdmcia: Yfjdqzu Yzmbzin
| Dqhz ici, qjd! Pdfuknkpdfz, Scmfnbzmzf cio Yzofxfi,
| Cio uzfozm qcjd Bdzkukafz!  Ocmjdqcn nbcofzmb, yfb dzfnnzy Hzyczdi.
| Oq nbzd fjd ici, fjd qmyzm Bkm!  Cio hfi nk guca qun wfz xcrkm;

Prev by Author: Issues with Onion Coffee...
Next by Author: Re: Tor on Android
Previous by thread: Issues with Onion Coffee...
Next by thread: Non-member submission from [Andriy Panchenko <andriy.panchenko@xxxxxxxxxxxxxxxxxxx>]]
Index(es):
- Author
- Thread