wish could have no log vpn then add orbot after

xzutils

And force all connections through orbot

Xtreix

xzutils If you want all connections to go through Orbot, it will behave like a glorified VPN and you can't use Orbot plus a VPN since Orbot will already occupy the VPN slot.

mmmm

You could put a VPN directly on to your router and Orbot on your phone's slot. Then when connected to your network you could have what you wish for. Why are you trying to achieve this? You want to hide from your ISP the fact you're using Tor?

Xtreix

mmmm You want to hide from your ISP the fact you're using Tor?

Speaking of hiding your use of Tor, I think connecting first to your VPN provider and then to Tor is an easier way than going through your router.

xzutils

mmmm it would be good to be able to do this on phone without a router

Tor nodes can log and be malicious. No log vpn to routing data through random circuits is a better way to avoid big tech tracking

mmmm

Xtreix yeah, thats what I do. But thats using tor browser. The op wants phone connections run through tor as well, as far as I can gather.

mmmm

xzutils it would be good, but I believe you cannot do both on the phone at the same time.

boldsuck

xzutils Tor nodes can log and be malicious

ROFL Read: what can vpn collect The whole thread is insightful.
Tor entry or bridge nodes can see where you come from, nothing more.
VPN nodes can see where you come from and where you go and can be malicius and can sell your data.
Apart from Mullvad, iVPN and RiseUP, I only trust our own.

paul_le_roux

I'm not 100% sure, but if there is such an option, then only with Rethink DNS.
Unless you have root access, but gOS doesn't provide root (rooted gOS is not considered gOS by the creators).

mmmm

paul_le_roux I thought the same, about rethink. But I had a quick look and it doesn't seem possible to use them both at once, even though you can connect via orbot or wireguard.

xzutils

boldsuck there are many tor nodes that are owned by state actors and many state actors have data sharing agreements

Yes some kind people who support freedom operate their own nodes but often ownership is indeterminate.

The liklihood of getting 3 compromised nodes doesnt seem incredibly low. Prior to tor and vpns, governments may have had too much data to examine. Vpns and tor let people self-sort.

With an audited good vpn, unless it's a honeypot the server wont log. There still may be secret devices at all or many data centers that correlate trafic and log packets.

It seems better to use both and trust that neither always is safe and could be always tainted. If every data center has devices that log beyond the servers, then both often only offer illusions, except when 1 node isn't a data center.

They probably dont log everywhere since many scammers still dont get caught. But it may be scammers always use socks5 outside data centers. This is all speculation.

Xtreix

xzutils there are many tor nodes that are owned by state actors and many state actors have data sharing agreements

A first malicious node can see the encrypted traffic coming from your computer, it sees your IP address using Tor, it still doesn't know who you are or what you're doing on Tor.

A second malicious node can't see a thing.

A third malicious node can see the traffic you send to Tor, but it won't know who sent it. You must always use HTTPS so that the malicious node only knows the destination.

The probability of using 3 malicious nodes is extremely low if not completely improbable and would still not be a huge problem, unless you use HTTP.

If you're being targeted by a state actor, there are plenty of ways other than Tor nodes to catch you.

boldsuck

xzutils there are many tor nodes that are owned by state actors and many state actors have data sharing agreements

The same can be said about VPNs, some are operated by state actors, others sell their netflow data via their security appliances such as Fortinet, Palo Alto or to Team-Cymru

But define many, and provide sources if you know of any, then the relays will be blocked.
We and NTH have 40-50% of Tor exit traffic. I know over 70% of the relay operators. (These are long running relay associations and individuals.)
In the last 2 years, many tools have been improved to detect malicious operators. Operation Liberty Lane was a topic at the last Tor relay Meetup. KAX17 and others were detected and blocked. It cannot be ruled out that some individual malicious operators operate Tor relays, but they cannot cause any damage in a Tor circuit.
State actors don't need to bother running Tor relays. They buy Netflow data and thus have an overview of 90% or more of all Internet traffic. ;-)

xzutils

Xtreix if all 3 servers are run by cooperating organizations, all of your statements don't hold. All 3 can log, send the logs to server 4, and go "xzutils who is based in south africa went to a foot fetish website. Since it's a cloudflare website, we know from asking cloudflare for data that xzutils uploaded photos of theit feet covered in ants and honey and received .001 XMR."

paul_le_roux

I forgot to add - when it comes to hiding the use of Tor from the ISP, that's what Tor bridges are for.

xzutils

paul_le_roux it's a good point, but either you trust the bridge or run the bridge

Xtreix

xzutils Malicious nodes are a problem and that's why Tor recently included HTTPS mode by default, efforts are made to remove untrustworthy providers, the browser is designed to make eavesdropping extremely complicated by routing your traffic to 3 random relay points in different countries (6 nodes with the . onion), the first node may be static for some time, using 3 malicious nodes is a highly improbable speculation and the 3 nodes would essentially only see encrypted traffic.

Of course, the Tor browser isn't perfect, its security is pretty weak and anti-fingerprinting with the crowd concept creates a monoculture for the most interesting targets. Note that I'm only talking about the desktop version, the Android version is not recommended.

xzutils

Also even if you run the bridge you trust theres no data center ingress and egress exploits

mmmm

Xtreix who says the tor version for Android isn't recommended? You personally? Because thats not the consensus, and tor themselves develop the android version. Do you have something to back up this claim?

Xtreix

mmmm Android must provide WebView which is used by Chromium (Firefox doesn't use WebView), Firefox on Android lacks site isolation which is a powerful security feature, the sandbox doesn't go beyond the normal application sandbox, Tor Browser is based on Firefox so this applies to it too, it introduces a significant attack surface.

mmmm

Xtreix yeah and thats a massive bummer, but for a lot of people that doesn't negate the massive benefits of using tor. It depends on how you browse, but the limitation can be mitigated by careful use. Tor in general is a much better idea using with a desktop, pteferably with whonix/Qubes, due to the much larger pool of use (finger printing etc), but I wouldn't dismiss the android tor browser as not recommended (do trusted privacy advice sites actually say that android tor is not recommended?) - tor is something above a browser deficiency, even if it is a major deficiency. I would certainly like to read some more material about actively not recommending tor for Android though, if you have something.