-
Notifications
You must be signed in to change notification settings - Fork 435
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can background apps use the same exit node? #458
Comments
In principle, the Tor client creates different circuits (1 circuit is an entry node, a middle node and an exit node) for every request. With limitations:
=> Even when browsing with Onion Browser, you will always use multiple exit nodes for different websites, as long as you didn't manage to limit the Tor client to only one left to use. => Since Orbot tunnels all device traffic, the Tor client in Orbot cannot see the difference in origin of the requests it receives. It will treat all requests alike. In terms of caveats, the same apply as for standard Tor operation on desktop computers. For the question of how much more traffic is going through Tor when using Orbot compared to using the Tor within Onion Browser: Compared to tunneling all traffic on desktop computers, it's a lot less: iOS manages lifecycles of apps pretty sharply, so there's not a lot of stuff which is actually allowed to happen in the background. The rest is typically pretty obvious to the user: background audio streaming, tracking and sharing your location (e.g. with WhatsApp). Some apps use background data uploads/downloads. Either when you triggered them explicitly in the app, they might finish in the background. (But that probably breaks and stops, when you interrupt it with an Orbot start). Note: Some iOS system traffic bypasses any VPNs (e.g. captive portal detection for hotel WIFis). That's a design decision made by Apple, we cannot mitigate against. For the question of tracking you down: It depends on the attacker profile: If you have a government actor, who is specifically after you personally, almost nothing can help you. Stop doing anything which might incriminate you or move out of that government's reach. Is the attacker the exit node itself? In that case, almost all HTTP traffic is TLS encrypted nowadays. So they'll not going to learn a lot about your traffic, regardless if it's from multiple apps. They don't even know, where it's from. It comes from another Tor node. Is the attacker 10% or the nodes? Still highly unlikely that they learn anything. The chance of deanonymizing you is pretty small. Is the attacker 75% of all the nodes? Well, then the chance of traffic correlation is pretty high and the attacker can deanonymize you. However, even though anybody can contribute resources to the Tor network, the Tor Project manages the network to some degree. They are continuously excluding fishy actors from providing nodes. To this day, nobody managed to take over the Tor network to deanonymize users. Not even the most well funded government agencies. Does it now make a difference if your background apps send some more traffic over the Tor network when using Orbot, then when using Onion Browser with the built-in Tor? No, I don't think so. |
Given Onion Browser now uses Orbot, is there a risk that Onion Browser traffic will share the same exit node as background apps? Could that be used to track down specific users?
Also, is there a list of caveats, or did Orbot fix all of them?
The text was updated successfully, but these errors were encountered: