[guardian-dev] OrbotVPN

Delyan Kratunov guardian at delyan.me
Fri Jan 23 16:04:11 EST 2015


On Friday, January 23, 2015 03:13:34 PM Patrick Connolly wrote:
> But someone else might be able to fill in on the specifics. 

I guess I have some insight here (since I dropped the ball on it). 

The big outstanding issue is DNS. Tor runs its DNS resolver but we can't 
give Android a DNS port, only an IP address. Which means that we'd 
need a layer that can inspect raw UDP packets, redirect them to the 
Tor resolver, read the response, turn it into raw UDP packets, and then 
spoof its origin. It's a non-trivial amount of work (there's a fair amount 
of book-keeping and concurrency) and last I looked there was no 
elegant way to do this in the C codebase Orbot is using (tun2socks).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20150123/c9cfdfcb/attachment.html>


More information about the Guardian-dev mailing list