[guardian-dev] Auditing Twitter with Orbot
Nathan of Guardian
nathan at guardianproject.info
Wed Jun 13 20:40:58 EDT 2012
Great post+effort by our new intern "Patch", and generally good outcome
in how Twitter implemented proxying support, save for one aspect - push
notifications!
"I decided to take on the challenge of auditing Twitter+Orbot to gain
more insight (and hopefully trust) into their new support for proxying.
I logged some traffic on my Nexus One using the proxied Twitter
application to see what was going on. To eliminate excess traffic I used
Droidwall to permit only traffic from Orbot and Twitter. This still
allows the Twitter application the option to leak data while blocking
other traffic we don’t wish to see. I began logging with Orbot off and
attempted to update my Twitter application. So far so good, it was not
able to retrieve any tweets. Once Orbot was running the application
worked great, I ran some searches and made a test tweet. "
Read on:
https://guardianproject.info/2012/06/13/auditing-twitter-with-orbot/
More information about the Guardian-dev
mailing list