Hello , i'm very new to this and I'm sorry if this has already been posted but I looked around and all I could find were very diplomatic and dry replyes, whiteout very clear directions... I hope my post can bring some clarity about the usage of tor on graphene OS, at least for myself .
-Question 1 : I have set up graphene as a WiFi only phone. Which means usually if I want to use it when I'm around, I'll have to use my daily driver phone as a hotspot, which has a VPN. Now the question is : can i use tor on graphene os, even if the hotspot is redirecting traffic to a VPN? I know there is absolutely no added benefit from doing so, it's just a matter of conveniency, i wouldn't like to have to shut the VPN down each time and reenable it after I'm done browsing with the graphene phone. It just isn't convenient but I'll be happy to do it if there was no other way and actually pairing tor traffic going through a mobile hotspot with a VPN would pose a threat to my anonymity on the web.

-Question2: I'm very new to this again, so I'm not really that much aware of the history of these two apps : orbot and tor browser. I just read the gist of it , so none are endorsed by the tor project and so on. But it's not clear to me if i should or should not use them both , or at least have them installed both , since I read in past posts on Reddit that one time it was necessary , nowadays the tor browser has orbot incorporated. So what is the state of thing regarding these apps? Is it necessary to have them both installed , and if not, how would I assure that my whole traffic from my apps go through tor if orbot is not installed (and using vanadium as a browser to navigate Tor net)? And by reverse, how would I go online with the Tor browser if i already had orbot running as a VPN , already redirecting everything to tor and over that i would have a Tor browser attempting a connection to Tor again ...it doesn't feel right and i fear it would fall into a loop.
Thanks in advance for any clarifying reply to my noobish conundrums!
Have a nice day

1) Your main phone probably should be on grapheneos for improved privacy. You're kind of throwing everything away with that arrangement. Generally, if you're running a VPN on a phone, the tethered phone's traffic will NOT be directed through that VPN.

2) Tor browser and orbot (VPN) should not be used together, they will create an infinite loop and blow up the world. Orbot is for directing ALL traffic on the device through TOR, and TOR Browser is for directing just that browser's traffic through TOR. You can have them both installed, but should only activate one at a time.

    abcZ 1) yeah maybe I'll do the complete switch to graphene os , i wanted to try it and see what can I do on a Daily basis on it first and how much of a big slice of things i would have to change first .
    Anyway what if my main device used as a hotspot was running orbot instead of a VPN ? Which are actually very similar as in how they are treated in android... I tried doing it and i did a tor check with my graphene os phone and it was detected as connected to tor.
    How is so ?

    • abcZ replied to this.
      • [deleted]

      abcZ Regarding answers to point 1) Can you cite any sources to that statement- that generally a secondary tethered device won't inherit the VPN status of its hosting hotspot? That seems like something people should speak about more often. Tell us everything you can please. Obvious solution, encryption on all devices.

      • abcZ replied to this.

        [deleted] You can run a simple test to confirm if your phone functions per this generality; do a duckduckgo search on the tethered device for "my ip" and you'll see your public IP address listed near the top of the screen. Check if that matches the VPN or not.

          • [deleted]

          abcZ best way to learn, thank you. Can you explain the how and why of it not passing through?

            [deleted]

            The history of tethering may explain it. Back when cellular providers would want to charge extra for every MB/GB of tethering data, they didn't want users to hide their tethering activity through a VPN. They were still trying to steer customers to air cards for that. PDAnet+ became a popular alternative.

            [deleted] "How" is just a matter of the network routing table. "Why" is something you would have to ask to those who implemented it that way, but as @Graphite suggests, the history might imply a motive.

            a year later
            • [deleted]

            abcZ For your 2nd point, What if you simply enable all apps except for Tor Browser in Orbot settings? Would that fix the loop issue? And would this cause any leakage if wanting to use Orbot system wide to hide your ip from everything?