[Question] Use orbot as a library #16
Comments
|
Managing your own install of Tor is not as easy as it sounds... It runs as its own background process, and you need to make sure you keep up to date with the latest versions, etc. The best bet is just to ask people to install Orbot (it really isn't that hard), and then use our NetCipher library to interact with Orbot transparently to the user: Otherwise, there is a project here that packaged up our version of the Tor binary into a library: |
|
I tend to disagree. Asking people to install one more app in order to use your app, is a blocking factor. If we want to advocate for tor usage, then we should make it simple to use, by everyone 😄 I am aware that I will have to port asap all the latest updates because they might include security patches, and I'm willing to do that 😄 Thanks for the reply! I will have a look at the library 😉 |
|
What if they have multiple apps all using Tor on one device... what about battery life? network usage? Tor is more of a service like a VPN or Google Play GCM services... there should really be only one on the device. In a time where people have five different messaging apps and two different browsers, and the app store is only a tap away, installing the < 10MB Orbot is really not that bad. In a perfect world, yes, there would be one perfect app for all... |
|
Funny, I just saw that you are with Microsoft... the Thali Project is a Microsoft Research efforts. You should connect up with @yaronyg |
|
Your points are valid... I haven't heard of project Thali before, but I will definitely read about it and connect with @yaronyg to see if I can help in any way 😉 Thanks a lot! |
|
You don't have to fork Orweb for that.. our NetCipher library includes all of this logic, and a nice BroadcastReceiver API to interact with Orbot status. See, I want to make your life easy! |
|
Hahaha great! 😃 Thanks! |
|
Alas the problem with having multiple apps that all have Tor functionality is a very real problem. In theory everything works but boy is it going to kill battery, bandwidth, etc. But what is the alternative? We could try an internal leader election but can App A really trust App B to behave properly? Presumably all the connections over TOR are themselves encrypted separately so App B couldn't actually interfere with content but App A can't be sure it is getting the traffic analysis protection that it signed up for since App B could be bad. My unproven, theoretical, personal belief, fact free opinion is that requiring people to install app A before they can use app B is just a non-starter. It's going to confuse too many people. At least for "popular" apps. Obviously that isn't (nor should it be) Orbot's first concern. Its target community are people who need privacy and are willing to jump through hoops to get it. But as we want to make Tor the "new normal" we need an approach that is more amenable to normal users. So perhaps the answer is - all of the above. An app can download with its own Tor functionality but if it detects that intents are there for Orbot then it can switch its internal Tor functionailty off and use Orbot instead (at least if Orbot's Tor version is >= to the version the app has). I opened this bug to track the issue but it's going to be months before we get back to working on the Tor functionality. First we have to get everything working over local radios. |
|
I agree with your approach! |
Hi,
Is there any way to tor-ify an Android app by using orbot as a library?
My goal is to be able to access Tor from my app, but at the same time make it completely transparent for the user.
For example I don't want to force him install orbot in order to be able to run my app.
Thanks!
:panos
The text was updated successfully, but these errors were encountered: