[guardian-dev] NetCipher interface for anonymity configurations

Tom Ritter tom at ritter.vg
Sun Nov 13 09:27:46 EST 2016

On 13 November 2016 at 03:22, Hans-Christoph Steiner
<hans at guardianproject.info> wrote:
> Tor Browser includes lots of changes beyond just forcing all network
> traffic over Tor.  There are many little details in how apps use the
> network that can leak identity info that are ameliorated in Tor Browser.
>  I think we should aim to make NetCipher the canonical collection of
> these config for Android apps.
> For example:
> * TLS Session Identifiers/Tickets
> * detailed info in HTTP User Agent
> * HTTP ETag
> The only question for me is how best to expose this stuff to the
> developer using the NetCipher library.  We should make NetCipher include
> all protections by default, so it does the right thing for anonymity
> without special setups.  Otherwise it is too easy to mess up and leak
> private info.  But since some of these things provide substantial speed
> improvements, we need to provide a way to disable them.
> One idea would be to tell devs to use plain networking when going direct
> and not through Tor.  Another would be to have methods to disable
> specific settings. I'm hoping to open up the discussion to hear other ideas.

When you consider app or device UUIDs, local or public IP addresses,
user account information, contact lists, photos....  how far are you
willing to go? How far do you want to go?


More information about the guardian-dev mailing list