teor:
Hi,
On 12 Sep 2019, at 20:50, Hans-Christoph Steiner hans@guardianproject.info wrote:
Then that work will hopefully be extended into sharing tor between apps, e.g. letting Briar, Tor Browser, etc share the tor SOCKS proxy to other apps that want to use it. That would happen via Android mechanisms like Intents to manage the discovery of SOCKS ports.
It's not always safe to have apps share Tor: a malicious website in one app can use various caches to discover activity in other apps. And there may be similar data leaks in other shared data structures or network connections.
How do these data leaks affect your use cases?
Is there some documentation of these leaks somewhere so I can dive into it? Like what kind of caches? Browser caches? We're mostly talking about apps that are not browsers, like messaging, nextcloud, etc.
Currently, running multiple tor daemons is really a showstopper for most mobile users in the world, both because of battery usage and bandwidth costs. I guess there was some progress towards getting tor sleeping more effectively as well as not consuming as much bandwidth in the background. So the big question is: will it be feasible to have a usable tor on mobile that aggressively sleeps to stop consuming any battery and bandwidth when not directly in use? If so, then running multiple tor daemons should be workable. If not, then we need to find a way to share the tor daemon across all apps in the device.
With Orbot, all apps are already sharing one tor daemon, so this isn't a new development.
.hc