-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
[Cross-posted to guardian-dev and tor-dev.]
Hey, friends.
I suppose this serves as a project announcement of sorts, and also as a progress report regarding the current status of this thing.
iObfs is an effort to build obfs4proxy for iOS and to also build out some techniques for actually making it usable within other Tor-enabled iOS apps. You may have heard me or n8fr8 discuss the idea at the dev meeting a few weeks ago. I'm not in love with the name I gave it (it's a placeholder that stuck around), but such is life. The repository is currently hosted at [1].
[1]: https://github.com/mtigas/iObfs
The initial sprint is being supported by a small Guardian Project grant through mid-April. The high-level goals are to:
1) successfully cross-compile obfs4proxy for the iOS environment 2) "library-ify" it and link it into a proof-of-concept iOS app 3) figure out how to get it to work without "managed mode" 4) build out a process for maybe putting it into Onion Browser, iCepa[2], and other Tor iOS efforts
I've got a bit of work regarding #1. I think I'm close to getting the binary running, thanks to the existence of the gomobile tools[3]. Using gomobile, you easily get[4] an "obfs4proxy.app" and (given a properly configured Xcode and iPhone) you can put it on a device. But it crashes right now because (I believe) the iOS SDK requires apps to declare some user interface (even if it's blank). So that's close, but my relative lack of experience with Go and the Go buildchain have made #1/#2 a bit slow-going.
[3]: https://golang.org/x/mobile/cmd/gomobile [4]: https://github.com/mtigas/iObfs/blob/master/buildobfs4.sh
This week, I also took the time to figure out how PT "managed mode" actually works and now have a good idea of how I'd get obfs4proxy to work in an environment where tor can't fork it as a subprocess. There were some conversations I had during the dev meeting where we thought I'd have to use the control port and manually build circuits or something crazy like that -- but it turns out that the solution is a lot simpler.[5]
[5]: https://github.com/mtigas/iObfs/blob/master/notes/obfs4-nonmanaged.md
This essentially solves #3, so the big barrier now is cross-compiling, "library-ifying", and linking -- rather than the software implementation bits.
Anyway, that's where things are. Progress will surely ramp up a bit over the next few weeks. Comments welcome.
Best,
Mike Tigas @mtigas | https://mike.tig.as/ | 0xA993E7156E0E9923