[tor-talk] Android app: Torrific

isis isis at torproject.org
Mon Jul 28 00:13:37 UTC 2014


isis transcribed 4.9K bytes:
> CJ transcribed 2.5K bytes:
> > 
> > On 07/24/2014 03:54 PM, u wrote:
> > > CJ:
> > >> On 07/24/2014 01:23 PM, u wrote:
> > >>> Lunar:
> > >>>> CJ:
> > >>>>> Just a small announce (not sure if this is the right ML, sorry).
> > >>>>> I'm developing an Android app allowing to block all IP traffic, and
> > >>>>> force only selected app through Orbot.
> > >>>>> This is done because neither Orbot nor AFWall (or other free, opensource
> > >>>>> Android iptables managment interface) seem to be able to do that…
> > >>>> Orbot is free software. Isn't there a way to add the needed features
> > >>>> directly to it?
> > >>>>
> > >>>> Sorry if it's a naive question, I'm not very knowledgable regarding
> > >>>> Android. But I know that asking our users to install 3 different apps or
> > >>>> even more is not friendly.
> > >>> AFAIK this works in Orbot if you have a rooted Android device.
> > >> Not the "block all other output" part in fact :)
> > > That said, I am also interested in your answer to Lunar's question :)
> > > Why not contribute to Orbot instead?
> > >
> > > Cheers!
> > It's possible I push some pull-request later, yes.
> > But, as said in some previous email, I'm not really sure it's Orbot job
> > to set up firewall… I rather prefer dedicated app for dedicated task —
> > Orbot main task is, for me, connecting to Tor network… Basically, this
> > just doesn't involve the firewall at all.
> > 
> > But yeah, I know, users like "all-in-one apps" — who knows, once
> > torrific is ready (i.e. no more broken rules, no more bugs like "craps,
> > network's broken")… the devs may get some PR ;).
> > Torrific is also, for me, a way to play with android without annoying
> > other applications.
> > 
> > To be honest, I'd rather contribute this function in AFWall than Orbot,
> > as it already is a firewall manager (and not a bad one).
> > 
> > Cheers,
> > 
> > C.
> 
> I agree that this should be done outside Orbot, for several reasons that I'm
> not going to get dragged into again.

The simplest, least-"ragetastic" [0] reason for these functionalities to be
separated into different apps is the security concern of privilege separation:
that the modifying a firewall requires root access, and as Orbot handles
controlling the underlying tor process and interacting with other apps such as
the browser, the QRcode scanner, etc. the attack surface is greatly increased
by giving root to Orbot when (to my knowledge) it's only needed to control the
firewall. The app which handles all those other actions doesn't need root, and
therefore shouldn't have it.

[0]: https://trac.torproject.org/projects/tor/ticket/12411#comment:2

-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140728/35b135f3/attachment.sig>


More information about the tor-talk mailing list