Cedric Jeanneret wrote: > > > On 08/14/2014 06:07 PM, Hans-Christoph Steiner wrote: >> >> >> Cédric Jeanneret wrote: >>> On August 11, 2014 3:41:41 PM CEST, Nathan of Guardian >>> <[email protected]> wrote: >>>> >>>> >>>> On 08/11/2014 03:01 AM, Cédric Jeanneret wrote: >>>>> Hello, >>>>> >>>>> Currently working on orwall[1], a user submitted an interesting >>>> issue[2]. >>>>> >>>>> First, I thought "I'll need some lib [netCipher?] to be able to >>>> manage >>>>> Tor via some Orbot Intent", but now I'm just realizing there's the >>>> Tor >>>>> Admin port we may use as well… >>>> >>>> What are the specific settings you want to control in Orbot? At some >>>> point, it seems like you are taking on more and more of the Orbot apps >>>> features and functions, and so perhaps you should submit patches to us, >>>> instead of adding more features into Orwall. >>> >>> Aim was to be able to create new transPort or SOCKS or DNSProxies. But this >>> seems to be useless seeing your other answers. >>> >>>> >>>>> ° I didn't see any password regarding Tor Admin Port — is that >>>> correct? >>>>> As it's a local port, does it mean any app knowing how to talk "Tor" >>>> may >>>>> connect and send commands in order to configure stuff? >>>> >>>> Any app may connect, but the control port is protected by a file cookie >>>> value, that only Orbot has access to read. We could use the password >>>> option in Orbot instead, but that would require a config change. >>> >>> Good news, I was a bit surprised. The commented method generating password >>> is a bit misleading, and I didn't dig further. >>> >>>> >>>>> ° Is it a good idea to send management/configuration commands through >>>>> this port from an external app? >>>> >>>> Not really. Orbot is meant to be the controller, and protect the state >>>> of the Tor instance. >>> >>> Right. Completely OK with that statement. Especially if there's a way to >>> order stuff to orbot. >>> >>>> >>>>> ° more related to the issue itself: is it possible to set up multiple >>>>> DNSproxy and TransProxy in tor (seems it is the case)? Will the >>>> circuits >>>>> be different for each opened port? If not, any reason? >>>> >>>> If you are connecting to the SOCKS port, then you can force creation of >>>> a new circuit for each connection by sending a random user/password >>>> combo as part of the SOCKs authentication. Orbot can also send a >>>> "NEWNYM" command to the control port to force the creation of new >>>> circuits. We could open this up as part of the Intent API that >>>> netcipher >>>> users. Creating multiple ports to achieve the same thing isn't the best >>>> approach. >>> >>> Oh?? Great! Meaning I may use netcipher in order to create "bridges" for >>> non-SOCKS-aware app with some random credentials as well? Pretty sure this >>> will be "the" way to go in order to get sort of per-app circuit… >>> >>> It would be great if the "NEWNYM" could be part of the intent, as this >>> would also allow other app to get the "torbutton" action "create new >>> identity" (or something lime that). >>> >>> Thanks a lot for your answers. Just to know, any ETA for the orbot intent >>> availability? Any dev-branch I may use in order to do some tests on my side >>> so that I can help you (a bit, my level is "beginner") ? >>> >>> Cheers, >> >> >> Just wanted to say quickly that it is great that you are making this app! I >> think your approach has a lot of promise for thinking about the future of Tor >> and related stuff on Android. > > Thanks for your support :). That makes me happy, really. Orwall was just > an idea. > Now it can be part of something bigger, and that's really great. > >> >> About Intents that control Tor, that is something that we need to do >> carefully, since we don't want to open up vulnerabilities. For example, it >> is >> not entirely clear what are the security risks of allowing NEWNYM or even >> starting tor by Intent. >> >> .hc > > Well, Intent may require an authorization (like registration) from the > external app. > I explained a bit in the opened issue on orwall what would be "good". > > Fact is, allowing, through the Intent, to add new configuration snippets > isn't bad, as Orbot will be able to filter good/bad stuff. > It may be interesting to trigger different warning messages depending on > the action we're wanting to do: > > ° add a new DNSProxy: not a huge security problem, just ask "do you > accept … ?" > > ° NEWNYM: if this may create problems (I don't see what, but I'm not a > "Tor internal guy", just a simple user), another warning type may be > used, why not with a link to the documentation > > ° … and so on > > OK, this will be complicated. This will take time, a lot of time. But > doing it this way, carefully, action by action, should prevent most of > the problems. > > It would require to take, config key by config key, each possible > action, filter them, ensure syntax is correct, ensure it won't break the > service, ensure it won't leak data. This latest point will most probably > be the most difficult. Especially when we want to add a ton of > configuration in Tor. > > As also said, in my case, orwall needs only 1-2 actions, basically > add/remove DNSProxy ports, SOCKS ports and TransPorts (SOCKS isn't > mandatory, as we can "fake" using random authentication, thus playing > around with netCipher in order to do some smart proxy asking new > circuits for each app). > > I understand adding a new Intent, allowing external, potentially bad > apps to play with Tor configuration is a threat. That's the price, I > guess, in order to get some other possibilities for Orbot usage. > > All will be about communication, explanation of the potentials problems > if a user allows something and so on. And, well, trust. We (user) will > need to trust third-party app playing with Orbot, thus Tor. Thus playing > with our security. > > Orwall has some needs — if they cannot be met, well, I'll find other > ways, like netCipher proxying, though it won't be as easy, as smart and > as clean as Orbot Intent ;).
I'm not sure of the exact details here, but I can see a reason why you'd need to have multiple DNSProxy, SOCKs, etc. ports. > Just for information: I've a similar request regarding i2p support in > Tor, and there's currently a client library being developed. It should > provide the same kind of stuff I'm asking from Orbot. That will make > orwall a pretty nice app, supporting what I consider the two "main onion > router systems" :). > > By the way: I'm not a power-android-dev, but if I can help, just let me > know. I can learn and, who knows, have some ideas ;). > > Cheers, > > C. It would be great to support as many tools like this as possible, including of course i2p. .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
