Delivery-Date: Sun, 27 Jul 2014 19:57:08 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 6D4EF1E02C2
	for <archiver@seul.org>; Sun, 27 Jul 2014 19:57:06 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id DCED02FAA9;
	Sun, 27 Jul 2014 23:57:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id CB72D2FE85
 for <tor-talk@lists.torproject.org>; Sun, 27 Jul 2014 23:51:10 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Km73HrG_jDvx for <tor-talk@lists.torproject.org>;
 Sun, 27 Jul 2014 23:51:10 +0000 (UTC)
Received: from patternsinthevoid.net (greyarea.patternsinthevoid.net
 [106.187.37.158])
 by eugeni.torproject.org (Postfix) with ESMTP id 5235F2FE52
 for <tor-talk@lists.torproject.org>; Sun, 27 Jul 2014 23:51:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by patternsinthevoid.net (Postfix) with ESMTP id 70C023A1414
 for <tor-talk@lists.torproject.org>; Sun, 27 Jul 2014 23:51:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at patternsinthevoid.net
Received: from patternsinthevoid.net ([127.0.0.1])
 by localhost (greyarea.patternsinthevoid.net [127.0.0.1]) (amavisd-new,
 port 10024)
 with ESMTP id Cvk7aL_h-7yh for <tor-talk@lists.torproject.org>;
 Sun, 27 Jul 2014 23:51:00 +0000 (UTC)
Date: Sun, 27 Jul 2014 23:50:41 +0000
From: isis <isis@torproject.org>
To: tor-talk@lists.torproject.org
Message-ID: <20140727235041.GE6056@patternsinthevoid.net>
References: <53D0A151.6030801@tengu.ch> <20140724093138.GC5476@loar>
 <53D0ECB9.7040205@451f.org> <53D0F5C9.6090509@tengu.ch>
 <53D1102B.4060806@451f.org> <53D12334.4080702@tengu.ch>
 <20140725072410.GM7899@patternsinthevoid.net>
 <53D2118C.6040909@tengu.ch> <20140726013601.GC7153@torproject.org>
 <53D359B9.6070408@tengu.ch>
MIME-Version: 1.0
In-Reply-To: <53D359B9.6070408@tengu.ch>
X-GPG-Public-Key-URL: https://blog.patternsinthevoid.net/isis.txt
X-Louis-Lingg: In this hope do I say to you I despise you. I despise your
 order, your laws, your force-propped authority. Hang me for it!
Subject: Re: [tor-talk] Android app: Torrific
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============3586064286746002725=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============3586064286746002725==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="/QKKmeG/X/bPShih"
Content-Disposition: inline


--/QKKmeG/X/bPShih
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

CJ transcribed 6.4K bytes:
>=20
> On 07/26/2014 03:36 AM, Mike Perry wrote:
> > CJ:
> >> On 07/25/2014 09:24 AM, isis wrote:
> >>> CJ transcribed 2.5K bytes:
> >>>> On 07/24/2014 03:54 PM, u wrote:
> >>>>> CJ:
> >>>>>> On 07/24/2014 01:23 PM, u wrote:
> >>>>>>> Lunar:
> >>>>>>>> CJ:
> >>>>>>>>> Just a small announce (not sure if this is the right ML, sorry).
> >>>>>>>>> I'm developing an Android app allowing to block all IP traffic,=
 and
> >>>>>>>>> force only selected app through Orbot.
> >>>>>>>>> This is done because neither Orbot nor AFWall (or other free, o=
pensource
> >>>>>>>>> Android iptables managment interface) seem to be able to do tha=
t...
> >>>>>>>> Orbot is free software. Isn't there a way to add the needed feat=
ures
> >>>>>>>> directly to it?
> >>>>>>>>
> >>>>>>>> Sorry if it's a naive question, I'm not very knowledgable regard=
ing
> >>>>>>>> Android. But I know that asking our users to install 3 different=
 apps or
> >>>>>>>> even more is not friendly.
> >>>>>>> AFAIK this works in Orbot if you have a rooted Android device.
> >>>>>> Not the "block all other output" part in fact :)
> >>>>> That said, I am also interested in your answer to Lunar's question =
:)
> >>>>> Why not contribute to Orbot instead?
> >>>>>
> >>>>> Cheers!
> >>>> It's possible I push some pull-request later, yes.
> >>>> But, as said in some previous email, I'm not really sure it's Orbot =
job
> >>>> to set up firewall... I rather prefer dedicated app for dedicated ta=
sk ---
> >>>> Orbot main task is, for me, connecting to Tor network... Basically, =
this
> >>>> just doesn't involve the firewall at all.
> >>>>
> >>>> But yeah, I know, users like "all-in-one apps" --- who knows, once
> >>>> torrific is ready (i.e. no more broken rules, no more bugs like "cra=
ps,
> >>>> network's broken")... the devs may get some PR ;).
> >>>> Torrific is also, for me, a way to play with android without annoying
> >>>> other applications.
> >>>>
> >>>> To be honest, I'd rather contribute this function in AFWall than Orb=
ot,
> >>>> as it already is a firewall manager (and not a bad one).
> >>>>
> >>>> Cheers,
> >>>>
> >>>> C.
> >>> I agree that this should be done outside Orbot, for several reasons t=
hat I'm
> >>> not going to get dragged into again. And FWIW, Mike's blog post on An=
droid
> >>> security specifically recommends setting up DroidWall (a similar AOS
> >>> iptables-based firewall app) with some bash scripts to log and deny a=
ll leaky
> >>> traffic from Orbot.
> >>>
> >>> My primary concern would be regarding whether Torrific's iptables rul=
es are
> >>> applied ASAP after Orbot starts Tor, and I actually can't recommend a=
nything
> >>> there (short of building a new initramfs which enforces starting the =
firewall
> >>> from there, early during the boot process).
> >>
> >> torrific works with an init-script blocking all the traffic --- same w=
ay
> >> droidwall or afwall are working, same problem with older android versi=
ons.
> >> torrific starts on boot, maybe earlier than orbot, which is a good
> >> thing. it also uses orbot uid (as well as app uid) in order to set the
> >> redirects and allow orbot to go out.
> >>
> >>> DroidWall already has a mechanism for running user-specified scripts =
at
> >>> startup... Perhaps the most portable way to do what you're trying to =
do would
> >>> be to add a similar script-sourcing mechanism to AFWall? Then you cou=
ld simply
> >>> maintain a repo of startup scripts which (hopefully) work for any And=
roid
> >>> firewall app which supports this mechanism.
> >>
> >> problems with handmade scripts: how to catch app uid automatically?
> >> that's not userfriendly. Not at all...
> >> That was the first version of this app: an init-script, a "lib" written
> >> in shell, and a script applying the rules, using a shell array as sour=
ce
> >> for application information.
>=20
> Hello Mike, nice to see you're following this small project, your post
> was really inspiring! My nexus7 original ROM didn't see the light, it
> was directly erased (though I prefer slimroms over CM). I stumbled on it
> a bit after starting my project.
>
> > FWIW, in the shell scripts in my howto[1], I do this UID detection in
> > shell with dumpsys. Here's an example script:
> > https://people.torproject.org/~mikeperry/android-hardening/android-fire=
wall/firewall-allow-linphone-udp.sh
> >
> > The userinit problem I solved in a Cyanogenmod-specific way (I think).
> > Cyanogenmod has a special init script location in
> > /data/local/userinit.sh. For extra fun, I think it supports that instead
> > of more standard Android init-scripts, because the AFWall+ startup
> > script hack does not work on my devices. That's the main reason I
> > created this userinit hack:
> > https://people.torproject.org/~mikeperry/android-hardening/android-fire=
wall/userinit.sh
>
> Also supported on Slimroms, that's how I'm closing all IP network:
> https://github.com/EthACKdotOrg/Torrific/tree/master/app/src/main/res/raw
>=20
> >> the app I've done lists the installed application requesting network
> >> access, you just have to check those you're wanting to allow network
> >> access and they are forced through orbot :).
> >
> > That LinPhone example script above also has another neat feature that I
> > wish were available by default in a firewall app such as this. It allows
> > only the UDP activity of LinPhone to bypass the Tor proxy. This means I
> > can make TLS+SIP+ZRTP calls where the call setup and signaling goes over
> > Tor, but encrypted voice and video data goes directly peer-to-peer over
> > UDP.
>
> Yep, it's on the TODO. This part will be a bit tricky in the UI, but I
> think I have a nice way to do that :)
> Also, I'll implement the possibility to get "a browser" (the one we
> wish) to bypass the whole firewall/Orbot thing for captive portals. You
> also added such a script
> This will also add support for other SIP applications such as CSipSimple
> (the one proposed for Ostel.co services).
>=20
> > I recognize the UI for supporting this in the general case is a bit
> > tricky to create without a lot of clutter, and it's questionable if you
> > want to expose this ability for all apps (because for non peer-to-peer
> > apps it can mean deanonymization to a central server). However, for this
> > specific case it is very handy, at least until Tor is performant enough
> > to support live, unbuffered voice+video data.
>
> Sure, that's why I'm wanting to implement it. Plus, it will be a good
> exercise with Android UI :). As an option you may activate in the
> settings, with some warning regarding security issues and so
>=20
> Cheers,
>=20
> C.
>=20
> >
> >
> > 1. https://blog.torproject.org/blog/mission-impossible-hardening-androi=
d-security-and-privacy
> >
> >
> >

This is awesome. It seems like you've covered all the previous init script
functionality, except with an added UI. Hopefully this makes safer Tor usage
on Android devices more accessible for a greater number of people.

--=20
 =E2=99=A5=E2=92=B6 isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt

--/QKKmeG/X/bPShih
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQMhBAEBCgELBQJT1ZBRBYMB4TOAVhSAAAAAACUAKGlzaXMrc2lnbnN1YmtleUBw
YXR0ZXJuc2ludGhldm9pZC5uZXRGQzYzQUE1Q0QxOTM4NjlDMzIzNzE0NUE1QzE3
Nzc2RTI3RjdFODRESxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRoZXZvaWQubmV0
MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIzNS4aaHR0cHM6
Ly9ibG9nLnBhdHRlcm5zaW50aGV2b2lkLm5ldC9wb2xpY3kudHh0LJhodHRwczov
L2Jsb2cucGF0dGVybnNpbnRoZXZvaWQubmV0L2lzaXMudHh0AAoJEFwXd24n9+hN
12QP/1RbzHTf038XMP4UR7zE8mq/LSrPHjR8jh6upT/KZCzgjtCuouObu/x0e82X
NZpATYdR5mRc4IOrzGxBwyDvZQlYMyquqJCCvW590lpkWqwooFcRVCxoX0CGfJW8
IWh5yZN4lLrv/DA//KydbUebqbY6+sNAkRj06ZckzHVx8Rsw4sggmlgfcK6u31O7
wc+XYH3mBe/cBx64rL2Z6nQFFMFCMEMcL77IWhMWw19hjSlADUSfHkFu/qLCAPUC
3CvVStpSBfNOtwI3NjPClZN2O3St/cQPeFdS19c+lWDoG0u7t4LuVoDC14PJr8bk
QwJBkx3yFyK+yqMhVk9QDdjFnFuiUmS2eYBg+4/ax9BIUEpmZXMQHYNk2RU5gBd9
k5GNGFsZzIYsx2RMXhJpMoRVvovDJjqcOayjxr7qJiwftfK0rzbhFhUbpcdPmbAe
J8H178BeSujVN54S1b0K3AFG8Z+1Oi+xhpPMCJBXoW76ujVvrZ4BrhiZ1U0f0dTQ
5Gqwby8s54tSgMUznWszBNaF/2g89W/H95yJSpJlVXWTg6MLXbAE+gCtdpHPBQR4
GoK6hkk+hPLa72N3MqOgYmlXTvdc+0rMlXslQvJZhScf5VKnZO3MIyIaISbqQT8R
Weblc3ityTCHC3gXmfkR3qv95TLRUJSaq5XuXUokp+/ccnAv
=kb5I
-----END PGP SIGNATURE-----

--/QKKmeG/X/bPShih--

--===============3586064286746002725==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============3586064286746002725==--

