Hello, Nathan! Thanks for the compiled executable Tor for Android and for your advice. I think the use of Tor in the form of a statically linked library has some advantages but also disadvantages.
Now in my TorFone I use your Tor executable similarly as in Orbot: app create torrc with the RunAsDaemon 1, run Tor using system() (my main app is also native) and return to the parent after a few time. The one goal is Tor daemon continues to work even if the main application has been stopped in the background. The other is that user can easily update Tor manually by grabbing the executable from your repository, placing it in the apk and re-signing with his own key. I think this is safer than updating the entire application. My TorFone is completely rewieved compared to 10 years ago. Now it is cross-platform (Windows, Linux, Android already ready and iOS in plans) and uses a modular architecture that allows to run modules (Transport, Storage, Cryptography + audio and GUI) on a separate hardware (Transport with Tor requires OS but other modules can be run on bare metal, for example, Cortex MK without OS) and connected via strictly specified serial interface (UART, USB CDC, BT SPP etc.). TorFone has two layers of own cryptography using modern protocols (tDH, SPEKE) and primitives (X25519, Elligator2, Shake128 with Keccak, ChaCha20 etc.) also with assembler codes for Cortex M1-M4. The speech latency is surprisingly small due to specially designed tricks taking into account the peculiarities of the Tor nodes. For users who are not worried about anonymity NAT traversal can be performed for P2P UDP connection using session keys agreed in Tor parent session. In addition in the case of Tor blocking there is the possibility of a direct call to IP:port with traffic obfuscation and authentication with own application private key and contact's public keys stored in address book. Now TorFone is under active development so PGP signed source codes and libraries will be available a little later. But it is already possible to estimate speech latency using the Android application available here: http://torfone.org/download/Torfone.apk Very brief manual (for now only draft) is here: http://torfone.org/download/Torfone_Android_howto.pdf Your notion on this project is important for me. Best regards, Van Gegel. --- Original message --- From: [email protected] Date: 23 March 2019, 18:01:24 Send guardian-dev mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://lists.mayfirst.org/mailman/listinfo/guardian-dev or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of guardian-dev digest..." Today's Topics: 1. Orbot and Tor updates for Android ! (Nathan of Guardian) ---------------------------------------------------------------------- Message: 1 Date: Fri, 22 Mar 2019 13:40:55 -0400 From: Nathan of Guardian <[email protected]> To: Guardian Dev <[email protected]> Subject: [guardian-dev] Orbot and Tor updates for Android ! Message-ID: <[email protected]> Content-Type: text/plain; charset="utf-8" Orbot 16.0.6-BETA-1-tor-0.3.5.8 <https://github.com/n8fr8/orbot/releases/tag/16.0.6-BETA-1-tor-0.3.5.8> https://github.com/n8fr8/orbot/releases/tag/16.0.6-BETA-1-tor-0.3.5.8 is out (binaries on Github for now) for testing, specifically on Android Q. It is built on a new release of: tor-android-binary-tor-0.3.5.8-rc <https://github.com/n8fr8/tor-android/releases/tag/tor-android-binary-tor-0.3.5.8-rc> https://github.com/n8fr8/tor-android/releases/tag/tor-android-binary-tor-0.3.5.8-rc This now uses the method of bundling the tor executable as a tor.so library, allowing the Android runtime to unpack them into the /data/libs read-only space within the app's private directory. We then can just execute it there, without needing to unpack it, copy it, etc. The word is that this will work on Android Q still. I have tested on an emulator, but not a real device yet. I don't have a Pixel of any kind, at the moment, so please let me know if you do and can test. Otherwise, we are working to move tor and other important binaries, like obfs4proxy, into actual in-process libraries. We've recently made great progress with this on our iOS work with Onion Browser, and so it should now be possible on Android. New commits below.... *** ATTENTION ANDROID Q / PIXEL TEST USERS: We've made changes just for you! WARNING: Meek/Obfs4 bridges WILL NOT work on Android Q yet, just plain Tor fb14c76 <https://github.com/n8fr8/orbot/commit/fb14c76c3a75977af9e86887b54dad5d15ae254e> fixed strings with two many \ escapes 4557577 <https://github.com/n8fr8/orbot/commit/455757726d519ac56cd53eaed29c3abef25707d4> updating to tor-0.3.5.8-rc to add support for Android Q 22d5ffd <https://github.com/n8fr8/orbot/commit/22d5ffdf8bc3d51bb014e319d9f1e6b2ecb3e840> update gradle tools 76796fe <https://github.com/n8fr8/orbot/commit/76796fea83ef7efe3e33f6f5862fd71171a70cdd> Merge pull request #200 <https://github.com/n8fr8/orbot/pull/200> from eighthave/fastlane-supply 6ba0cec <https://github.com/n8fr8/orbot/commit/6ba0ceccbde67310c22fc9fa4e0dc88d932740f5> add .gitlab-ci.yml setup with errorprone 3face00 <https://github.com/n8fr8/orbot/commit/3face00a66874afb793470922e381a9e463b116c> build gradle to 4.4.1, and make gradlew verify the download 69bd7fe <https://github.com/n8fr8/orbot/commit/69bd7fe9e6fd0fcde92ea53dd6236e50f7b37017> move app store graphics into fdroid/fastlane file layout f93c11e <https://github.com/n8fr8/orbot/commit/f93c11e74599cc24c7467d58ba0fc81c38c3c496> Merge pull request #190 <https://github.com/n8fr8/orbot/pull/190> from SkewedZeppelin/master 8ab13f6 <https://github.com/n8fr8/orbot/commit/8ab13f63a6f529d97816568170e02a1bced3c186> Fixup bad indentation from 6e4b700 <https://github.com/n8fr8/orbot/commit/6e4b7008035b2bf1a9035b730aad178bfd424f85> 12b91c4 <https://github.com/n8fr8/orbot/commit/12b91c44f3af675dd0db5a3bacbf232c0f8d61f4> Expose PreferIPv6 and NoIPv4Traffic options 8ad7668 <https://github.com/n8fr8/orbot/commit/8ad7668013a7291b98cf8689cd99961db69f8ed3> Move Google repo above jcenter d4befad <https://github.com/n8fr8/orbot/commit/d4befad117f3485f0aa67b2ce44d3f1b13de2720> cleanup and binary loading fixes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20190322/426118e7/attachment-0001.sig> ------------------------------ Subject: Digest Footer _______________________________________________ guardian-dev mailing list [email protected] https://lists.mayfirst.org/mailman/listinfo/guardian-dev ------------------------------ End of guardian-dev Digest, Vol 103, Issue 2 ********************************************
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
