Orbot is a TOR network client for Android. It works great on unrooted phones, maintaining your network privacy, but for rooted phones it is a lot better at catching everything and has a lot more options.
First off, you might not be familiar with TOR and why you would need it. For the average user, there’s probably no reason to have used TOR in the past, but with the ever increasing data mining, snooping, firewalling, and network hijacking that people are experiencing these days, TOR becomes a godsend if you need to anonymously send and receive data.
TOR stands for The Onion Router (not to be confused with the world’s finest news agency) and refers to the layers of obfuscation that exist between your device and the data you’re getting. The data that you send and receive is encrypted and re-encrypted multiple times, then sent through successive TOR relays which each are in charge of decrypting portions of the packet data.
The result is that once data leaves your device on the TOR network, intercepting it and decoding it becomes nightmarish. The network also hides your IP address, so if you’re a reporter/dissident trying to report and being blocked by content firewalls, you can hopefully poke through those on TOR and post your message without the fear of the government being able to track you down.
Or, if you’re a more average user using free WiFi in a store to comparison shop and find that suddenly some of the websites of the competitors of the store you’re in are mysteriously down, you can reach them through the TOR network assuming they’re not actually down and are just blocked by the store you’re in.
Although Orbot works for rooted or unrooted phones, I’m going to look more at the rooted options, which allows the program to automatically transparently manage all of your applications. For unrooted devices, you’ll need to configure apps to use the Orbot service on an individual basis, but that’s not hard.
On rooted devices, you can set up transparent proxying of all apps, or just the ones you choose. As the TOR network is not exactly the speediest connection out there, I don’t want all of my traffic going over it, just what I don’t want anyone to be able to know anything about.
For me that’s my browser and social networks. I seriously do not want to alert a store I’m currently in that I’m looking elsewhere for products, leaving a tip on Yelp, or let Twitter know I’m somewhere so they can feed me more targeted advertising. I also do not want any record of where I browse when researching S-OFF techniques, root exploits, etc. I’m afraid sometime soon it will be something that becomes targetable via the DMCA or some future act that will label people who do security research/tinker with our phone’s innards, as criminals, or at the very least be an excuse to kick someone off of the carrier’s network who they don’t like very much.
Orbot works as a proxy on unrooted devices for any application that can be configured to use proxy transports. In Twitter, for example, this is as simple as going to menu, settings, proxy and entering the information Orbot gives you. Your tweets will be protected.
There are also options to participate and give back bandwidth and router ability, although I’d skip out on this one, except for when you’re sitting in a WiFi hotspot all day. Options also are there for being an exit route from the TOR network, although that may expose you to claims that you’re involved in copyright violations, illegal activity, or whatever the person on the other end was doing.
After I installed this, I set Chrome to be TOR’d and the default internet browser to not be. Going to whatismyip.com resulted in Chrome giving me an IP address in Kansas, and the default browser giving me my home router’s address. Subsequent searches tended to back this up.
The great thing about Orbot is that if you don’t care, you can turn it off by pressing one button in the app. If you are worried, just turn it on.
It doesn’t guarantee absolute anonymity and privacy, which is pretty hard to guarantee unless you’re in possession of all the code to your phone, including firmware, to check for passive logging or CarrierIQ-like software, but it’s a good start. And if you’re just wanting to check a couple of job boards and Facebook while you’re on your lunch break stuck in a cube farm in a basement on WiFi, it’ll not trigger any alerts to the sysadmins that you’re job surfing.
Whatever you plan to use TOR for, Orbot’s a great app, has easy setup, and gets you running easily. It also has options to TOR anything that’s connected via WiFi or USB tethering, which means you can set up a WiFi hotspot and access all your internet anonymously.
Keep in mind, neither Orbot, nor the TOR network, will take a publicly posted note that says you’re plotting to overthrow the government from hotel room #311 at the Holiday Inn and translate that into “I like pancakes” for purposes of anonymity. Also be aware that some software may be capable of accidentally exposing you if you aren’t rooted or aren’t transparently proxying everything. For example, if you have the internet browser set to proxy, and you click a link that launches an external app, that external app isn’t going to be configured behind the proxy and will expose your IP address.
Download: Google Play