Orbot 1.0.6 has a new feature that allows someone with a rooted Android device that offers wifi or USB tethering, to route the traffic of the tethered device(s) over Tor.
This means 1-5 devices connected over wifi, or just 1 device (a laptop most likely) over USB. While is definitely a feature that has a cool factor to it and will get some attention, I want to make sure we have thought through the risks/downsides of utilizing this feature, so that we can communicate them in any blogs, websites or tutorials. I also wonder if similar thoughts or documentation has been created within the TorRouter context. For example, Bob's iPad connects to Alice's Android's Tor-fied Wifi connection, and uses all sorts of non-https apps that leak enough information about Bob (google map location data), that reveals Alice's real-life location. I keep saying this is no different than TorRouter in terms of risk profile, but am I wrong? Here's the important bits of code: https://gitweb.torproject.org/orbot.git/blob/HEAD:/src/org/torproject/android/service/TorTransProxy.java#l316 Best, Nathan / n8fr8 _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
