#21863: Ensure proxy safety on Android -------------------------------------------------+------------------------- Reporter: gk | Owner: sysrqb Type: defect | Status: | accepted Priority: Very High | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: tbb-mobile, tbb-7.0-must, tbb- | Actual Points: proxy-bypass, TorBrowserTeam201807 | Parent ID: #26531 | Points: Reviewer: | Sponsor: | Sponsor4 -------------------------------------------------+-------------------------
Comment (by sysrqb): Replying to [comment:26 gk]: > Replying to [comment:24 sysrqb]: > > In addition, I went down the rabbit hole: "What does Android *do* when you ask it to establish a connection using a proxy". The result of this long and windy path is "it seems safe", but only when the Java/Dalvik/ART VM uses the default AOSP configuration. > > > > I'll attempt succinctly explaining proxy safety on Android here, but we should seriously consider using Necko for all networking calls in the future (which means exposing necko via jni). I believe GeckoView is already considering this - but how hard could it be? :) > > Yes, please. Do you have a ticket for GeckoView tracking this work? I looked a bit around but did not find anything. No, I dont, I'll ask the devs if they have an open bugzilla ticket. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21863#comment:30> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs