[guardian-dev] Methods for using anonymization tools

Hans-Christoph Steiner hans at guardianproject.info
Wed Apr 29 15:50:49 EDT 2015


I think the ideal scenario for supporting Tor in apps is a mix of the
standalone app (i.e. Orbot) and the embedded Tor library.  Something like this:

* OnionKit includes Tor in the library

* app that wants to support Tor uses OnionKit

* OnionKit detects whether Orbot is installed, and if so, uses it

* OnionKit starts embedded Tor if no available Orbot

* OnionKit looks for other instances of OnionKit, and requests users
  install Orbot is more than 1 or 2 instances of OnionKit are running

* OnionKit can optionally be used without embedded Tor, and instead just
  prompts user to install Orbot

The main downside to this approach is that OnionKit will take up more space,
since it includes Tor.  Another downside is that if apps don't update
OnionKit, they will be running old versions of Tor.  Installing Orbot will
help there, though.

Then the big question is: who has the cycles to do implement this? :)

.hc


Nathan of Guardian:
> 
> On Tue, Apr 28, 2015, at 02:03 PM, Marvin Arnold wrote:
>> I'm interested in how to best use existing anonymization tools (Tor,
>> I2P, etc) with client applications. The current approach requires users
>> to install the anonymizer (Orbot, etc) + the client (Chat Secure, etc)
>> separately. Even if there was no further configuration necessary, I
>> believe this is a deal breaker for most people.
> 
> I've been hearing the idea that it is "too hard for people to install
> another app" argument for a very long time. Yet, if you look at the
> habits of most smartphone users, you will see that many people are happy
> to install an app, if it benefits them in some new way, and especially
> if it is free. That is why many users, typical outside of the U.S., use
> multiple messaging apps to reach different groups of users or friends.
> 
> The idea that installing Orbot, or any core service type app, is too
> hard is just not something I agree with. We have had well over 5 million
> downloads of Orbot, and while that is not 50 million, it is something.
> Additionally, if we had some network effect feature in the app, say
> allowing Orbot users to share files with each other over hidden
> services, then I think we could easily see a 10x growth in the next
> year.
> 
>> Alternatives that I have heard mentioned include a) putting Orbot into
>> every client that wants to use it, and b) some type of embedded library
>> that makes sure only one Orbot instance is running per device. Of course
>> both of these solutions risk using up a lot of data for users who may
>> not have understood what they are downloading.
> 
> Tor is directly built into ChatSecure and Onion Browser on the iOS side,
> since that is a requirement of how that platform works (no long live
> background services).
> 
> Now it is true that Tor can add a decent amount of overhead to your
> traffic, and that is something to take seriously, and make sure the user
> understands.
> 
>> This has led me to a thought that Tor (etc), regardless of how it is
>> incorporated, may be overkill for some applications. Specifically, my
>> friend and I have started working on a proof of concept text messaging
>> app that will use a custom mixnet to send SMSs. It is likely to have
>> higher latency and be more traceable than a Tor based implementation,
>> but will also consume less data (we are interested in starting with the
>> US where most plans include unlimited SMS), extend battery life, and be
>> a single step installation.
> 
> Regardless of what I have said before this, I do think this is a great
> idea to explore!
> 
>> I'm very interested in hearing your thoughts about the best way to
>> incorporate existing anonymization tools and the merit of our proposed
>> approach of a custom mixnet implementation. Ultimately it is a question
>> about how to best manage privacy, usability, and user expectations.
> 
> One of the benefits of using Tor, or any general
> anonymity/circumvention/onion-routing system, is that your traffic is in
> the mix with all the other traffic, and that is all in the mix with all
> mobile IP traffic. SMS on the other hand, is one of the most surveilled
> and filtered mediums, and so I am somewhat concerned about using it as a
> transport for anonymity.
> 
> Thanks for sharing!
> 
> +n
> _______________________________________________
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org
> 

-- 
PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81


More information about the guardian-dev mailing list