[guardian-dev] Orbot Stream Isolation

Hans-Christoph Steiner hans at guardianproject.info
Wed Jan 11 09:23:37 EST 2017



Rusty Bird:
> Hans-Christoph Steiner:
>> Rusty Bird:
>>> Nathan of Guardian:
>>>> If the app supplies a ransom user/password to the socks port, a new Tor
>>>> circuit will be created for it.
>>>
>>> This seems like something NetCipher would be in a good position to take
>>> care of automatically, no?
>>>
>>> Rusty
>>
>> Yes, we just need to figure out how best to handle that.  I'm not sure
>> all apps want isolation by default. I guess at the very least NetCipher
>> could have a method to enable/disable isolation.
> 
> Hmm, why not make it opt-out? For the last year or so, I've been
> isolating each transparently torified app on my phone and haven't
> experienced any problems.

I think it would be good to make it opt-out to have more privacy by
default, but it would need to be tested a lot before forcing everyone to
use the more isolated route.  It might cause dramatic slowdowns in some
situations.

.hc

-- 
PGP fingerprint: EE66 20C7 136B 0D2C 456C  0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556


More information about the guardian-dev mailing list