Orbot is a TOR network client for Android. It works great on unrooted phones, maintaining your network privacy, but for rooted phones it is a lot better at catching everything and has a lot more options.
First off, you might not be familiar with TOR and why you would need it. For the average user, there’s probably no reason to have used TOR in the past, but with the ever increasing data mining, snooping, firewalling, and network hijacking that people are experiencing these days, TOR becomes a godsend if you need to anonymously send and receive data.
TOR stands for The Onion Router (not to be confused with the world’s finest news agency) and refers to the layers of obfuscation that exist between your device and the data you’re getting. The data that you send and receive is encrypted and re-encrypted multiple times, then sent through successive TOR relays which each are in charge of decrypting portions of the packet data.
The result is that once data leaves your device on the TOR network, intercepting it and decoding it becomes nightmarish. The network also hides your IP address, so if you’re a reporter/dissident trying to report and being blocked by content firewalls, you can hopefully poke through those on TOR and post your message without the fear of the government being able to track you down.
Or, if you’re a more average user using free WiFi in a store to comparison shop and find that suddenly some of the websites of the competitors of the store you’re in are mysteriously down, you can reach them through the TOR network assuming they’re not actually down and are just blocked by the store you’re in.
Although Orbot works for rooted or unrooted phones, I’m going to look more at the rooted options, which allows the program to automatically transparently manage all of your applications. For unrooted devices, you’ll need to configure apps to use the Orbot service on an individual basis, but that’s not hard.
On rooted devices, you can set up transparent proxying of all apps, or just the ones you choose. As the TOR network is not exactly the speediest connection out there, I don’t want all of my traffic going over it, just what I don’t want anyone to be able to know anything about.
For me that’s my browser and social networks. I seriously do not want to alert a store I’m currently in that I’m looking elsewhere for products, leaving a tip on Yelp, or let Twitter know I’m somewhere so they can feed me more targeted advertising. I also do not want any record of where I browse when researching S-OFF techniques, root exploits, etc. I’m afraid sometime soon it will be something that becomes targetable via the DMCA or some future act that will label people who do security research/tinker with our phone’s innards, as criminals, or at the very least be an excuse to kick someone off of the carrier’s network who they don’t like very much.
Orbot works as a proxy on unrooted devices for any application that can be configured to use proxy transports. In Twitter, for example, this is as simple as going to menu, settings, proxy and entering the information Orbot gives you. Your tweets will be protected.
There are also options to participate and give back bandwidth and router ability, although I’d skip out on this one, except for when you’re sitting in a WiFi hotspot all day. Options also are there for being an exit route from the TOR network, although that may expose you to claims that you’re involved in copyright violations, illegal activity, or whatever the person on the other end was doing.
After I installed this, I set Chrome to be TOR’d and the default internet browser to not be. Going to whatismyip.com resulted in Chrome giving me an IP address in Kansas, and the default browser giving me my home router’s address. Subsequent searches tended to back this up.
The great thing about Orbot is that if you don’t care, you can turn it off by pressing one button in the app. If you are worried, just turn it on.
It doesn’t guarantee absolute anonymity and privacy, which is pretty hard to guarantee unless you’re in possession of all the code to your phone, including firmware, to check for passive logging or CarrierIQ-like software, but it’s a good start. And if you’re just wanting to check a couple of job boards and Facebook while you’re on your lunch break stuck in a cube farm in a basement on WiFi, it’ll not trigger any alerts to the sysadmins that you’re job surfing.
Whatever you plan to use TOR for, Orbot’s a great app, has easy setup, and gets you running easily. It also has options to TOR anything that’s connected via WiFi or USB tethering, which means you can set up a WiFi hotspot and access all your internet anonymously.
Keep in mind, neither Orbot, nor the TOR network, will take a publicly posted note that says you’re plotting to overthrow the government from hotel room #311 at the Holiday Inn and translate that into “I like pancakes” for purposes of anonymity. Also be aware that some software may be capable of accidentally exposing you if you aren’t rooted or aren’t transparently proxying everything. For example, if you have the internet browser set to proxy, and you click a link that launches an external app, that external app isn’t going to be configured behind the proxy and will expose your IP address.
Download: Google Play
Great find. Thanks, Paul.
It’s an oldie but a good one. With the new Six Strikes legislation in the US, combined with multiple stories I’ve heard of people getting nasty calls from Sprint for visiting sites they don’t want you to (how true these are, who knows,) figured it was time to start looking into this.
While picturing a future where visiting XDA (or my root pieces) could make you a criminal is a bit over the line, it’s not too far fetched to think with the current level of tech understanding that Congress and the Senate have that someone could plant an exploitable bug in a popular program that downs the cell networks/internet/Whitehouse.gov two weeks after an update with no explanation was quietly pushed to counter that by all the carriers.
Rooted phones get linked to cyberterrorism, and the next thing you know people looking to S-OFF their phones are called cyberterrorists and visiting those sites becomes reason enough to kick you off the network.
So yeah… however, current real-world applications for this can be seen from the Greatest Page in the Universe in which Maddox was blocked from any Apple store (according to his video) because of his negative reviews about Apple products. You can get the KKK website there, and evidently nudity/sex sites, but going to his gives a false 404 message. Break open a TOR client and you’ll get through their firewall to it.
Interesting times. TOR leads to slow browsing, but it’s nice to know it probably leads to the real internet and not what’s filtered by your current connection.
I’m not rooted, but would like route all my PDANet traffic through this for privacy. Your article says: “For unrooted devices, you’ll need to configure apps to use the Orbot service on an individual basis, but that’s not hard.”
Can you elaborate a bit? I don’t know how to configure and app to use the Orbot service.
The description in the Google Play Store doesn’t match:
“STANDARD/NO ROOT:
- Works best with Firefox Mobile+ProxyMob Add-on
- Works with Orbot-enabled apps like Gibberbot (secure chat) and Orweb”
Orbot unrooted sets up a socks proxy server.
I don’t have PDANet, but in your PDANet settings there should be one for upstream proxy address/port.
Orbot is your proxy. Go into it, there should be an address/port listed. It’s the same thing you’ll see when installing it and it asks if you want to set twitter to use those ports.
Most likely 127.0.0.1 port 9150 or something similar looking. Any socks-capable client can use it.
Without the software though, can only guess at it.
Thanks, now I get it. Unfortunately it appears PDANet is not a socks client because there are no settings for a proxy. It does have some settings to “Hide Tether Usage”… but they don’t say what they do to achieve this.
Love Tor! I would also recommend the Obscuracam app which allows you to censor out features from pictures and videos.
Another appreciated app is “Image Privacy”. It strips out GPS/location data from pictures… information which is automatically embedded in every pic you take with your phone.
Hey Paul, do you have any idea why this app stores so much data? After using it once for testing purposes, this app jumped to over 15 mb…
my guess would be a remembered hosts list – remember the first time you started the thing up how slowly it ran to find a connection, and then subsequent times it popped open on no time.
At least for me it did.
Looking at other programs, MyFitnessPal and Netflix, two apps which shouldn’t be storing any data past username, password/token, each have 20+mb of data sitting there. That’s not even the cache size.
I do wonder what’s taking up so much space now… time to check…
The contents of the data directory for Orbot (and sizes) for my install
cached-certs- 16.55K
cached-microdesc-consensus – 628.12K
cached-microdescs – 1269K
cached-microdescs.new – 645K
control_auth_cookie – 32 bytes
lock – 0 bytesstate – 6K
There’s a BIN directory under data that has what appear to be a couple of executable files along with several iptables files – perhaps a shell-level TOR client for root?
All together looks like it adds up to close to what my data says it is.
I think it should be storing the cache files in cache, not data, but I’m not an android programmer yet so there may be reasons behind keeping cached certificate data in data – such as not letting cachecleaner or the like wipe it out accidentally.
This is why I love this site and your articles in particular. Thanks, Paul. I emailed the developer because I was curious. I’ll post a response when/if I get one.
will check the permissions on that TOR thing in bin, in a minute, am actually on the phone right now so trying to do anything fun is limited by my desire to not be tethered to the desk by a 3 foot USB cable
Here’s the current layout, it shark a bit while I was on the phone, and “tor” evidently was an installed program:
root@android:/data/data/org.torproject.android # ls
ls
app_bin
app_data
cache
lib
shared_prefs
root@android:/data/data/org.torproject.android # ls app_bin/
ls app_bin/
iptables
obfsproxy
privoxy
privoxy.config
tor
torrc
torrctether
root@android:/data/data/org.torproject.android # ls app_bin/ -la
ls app_bin/ -la
-rwx—— u0_a213 u0_a213 134308 2013-02-27 13:45 iptables
-rwx—— u0_a213 u0_a213 963309 2013-02-27 13:45 obfsproxy
-rwx—— u0_a213 u0_a213 346549 2013-02-27 13:45 privoxy
-rwx—— u0_a213 u0_a213 883 2013-02-27 13:45 privoxy.config
-rwx—— u0_a213 u0_a213 6261006 2013-02-27 13:45 tor
-rwx—— u0_a213 u0_a213 324 2013-02-27 13:45 torrc
-rwx—— u0_a213 u0_a213 291 2013-02-27 13:45 torrctether
root@android:/data/data/org.torproject.android # ls app_data/ -la
ls app_data/ -la
-rwx—— u0_a213 u0_a213 16947 2013-02-27 13:50 cached-certs
-rw——- u0_a213 u0_a213 643195 2013-03-01 09:47 cached-microdesc-consensu
s
-rw——- u0_a213 u0_a213 1930355 2013-03-01 10:15 cached-microdescs
-rw——- u0_a213 u0_a213 0 2013-03-01 10:15 cached-microdescs.new
-rw——- u0_a213 u0_a213 32 2013-03-01 09:45 control_auth_cookie
-rwx—— u0_a213 u0_a213 0 2013-03-01 09:45 lock
-rw——- u0_a213 u0_a213 6365 2013-03-01 10:37 state
root@android:/data/data/org.torproject.android # ls cache/ -la
ls cache/ -la
drwx—— u0_a213 u0_a213 2013-02-28 13:15 com.android.renderscript.
cache
root@android:/data/data/org.torproject.android # ls lib/ -la
ls lib/ -la
root@android:/data/data/org.torproject.android # ls shared_prefs/ -la
ls shared_prefs/ -la
-rwxrw—- u0_a213 u0_a213 1580 2013-02-27 15:14 org.torproject.android_pr
eferences.xml
root@android:/data/data/org.torproject.android #
I have heard the tor network is very sketchy and involved in the secret wiki and the onion and whatnot. I have also heard of people in the network being able to get info off of your comuter or phone and even being able to see you from your camera. Is any of this true?
it’s the internet, just encoded.
So, exact same network you’re on now, just with coding and it’s extremely hard to track where an attack is coming from… so, pretty much like the internet.
I’ll say on there you’ve probably got a higher level of technical savvy as you’re using an obfuscation program, but all it is is a connection.
If your phone was vulnerable to hacking in one place, it would be in the other. Same with camera, computer, etc.
I think Homeland has managed to convince people it’s a dark underground, but it’s the same things you’ve got in the free and open internet.
Well yea but tor is used to get into allot of dark web .onion dyes too and they always say to put tape over your webcam if you use those. Mainly the illigal ones. But I didn’t know if that was just on those sites or on the tor network in general.
Hey Paul, I received a response from the dev re: app storage size:
“Tor downloads detailed information about all Tor relays to be able to use them.
We are aware that this is quite a lot, and are working on making it smaller.”