AndroidAppsGood and EVO

Orbot brings TOR network privacy to Android phones

2013 02 27 14.44.16 - for some reason we don't have an alt tag hereOrbot is a TOR network client for Android. It works great on unrooted phones, maintaining your network privacy, but for rooted phones it is a lot better at catching everything and has a lot more options.

First off, you might not be familiar with TOR and why you would need it. For the average user, there’s probably no reason to have used TOR in the past, but with the ever increasing data mining, snooping, firewalling, and network hijacking that people are experiencing these days, TOR becomes a godsend if you need to anonymously send and receive data.

TOR stands for The Onion Router (not to be confused with the world’s finest news agency) and refers to the layers of obfuscation that exist between your device and the data you’re getting. The data that you send and receive is encrypted and re-encrypted multiple times, then sent through successive TOR relays which each are in charge of decrypting portions of the packet data.

The result is that once data leaves your device on the TOR network, intercepting it and decoding it becomes nightmarish. The network also hides your IP address, so if you’re a reporter/dissident trying to report and being blocked by content firewalls, you can hopefully poke through those on TOR and post your message without the fear of the government being able to track you down.

Or, if you’re a more average user using free WiFi in a store to comparison shop and find that suddenly some of the websites of the competitors of the store you’re in are mysteriously down, you can reach them through the TOR network assuming they’re not actually down and are just blocked by the store you’re in.

2013 02 27 13.46.14 - for some reason we don't have an alt tag hereAlthough Orbot works for rooted or unrooted phones, I’m going to look more at the rooted options, which allows the program to automatically transparently manage all of your applications. For unrooted devices, you’ll need to configure apps to use the Orbot service on an individual basis, but that’s not hard.

On rooted devices, you can set up transparent proxying of all apps, or just the ones you choose. As the TOR network is not exactly the speediest connection out there, I don’t want all of my traffic going over it, just what I don’t want anyone to be able to know anything about.

For me that’s my browser and social networks. I seriously do not want to alert a store I’m currently in that I’m looking elsewhere for products, leaving a tip on Yelp, or let Twitter know I’m somewhere so they can feed me more targeted advertising. I also do not want any record of where I browse when researching S-OFF techniques, root exploits, etc. I’m afraid sometime soon it will be something that becomes targetable via the DMCA or some future act that will label people who do security research/tinker with our phone’s innards, as criminals, or at the very least be an excuse to kick someone off of the carrier’s network who they don’t like very much.

Orbot works as a proxy on unrooted devices for any application that can be configured to use proxy transports. In Twitter, for example, this is as simple as going to menu, settings, proxy and entering the information Orbot gives you. Your tweets will be protected.

2013 02 27 15.19.44 - for some reason we don't have an alt tag hereThere are also options to participate and give back bandwidth and router ability, although I’d skip out on this one, except for when you’re sitting in a WiFi hotspot all day. Options also are there for being an exit route from the TOR network, although that may expose you to claims that you’re involved in copyright violations, illegal activity, or whatever the person on the other end was doing.

After I installed this, I set Chrome to be TOR’d and the default internet browser to not be. Going to whatismyip.com resulted in Chrome giving me an IP address in Kansas, and the default browser giving me my home router’s address. Subsequent searches tended to back this up.

The great thing about Orbot is that if you don’t care, you can turn it off by pressing one button in the app. If you are worried, just turn it on.

It doesn’t guarantee absolute anonymity and privacy, which is pretty hard to guarantee unless you’re in possession of all the code to your phone, including firmware, to check for passive logging or CarrierIQ-like software, but it’s a good start. And if you’re just wanting to check a couple of job boards and Facebook while you’re on your lunch break stuck in a cube farm in a basement on WiFi, it’ll not trigger any alerts to the sysadmins that you’re job surfing.

Whatever you plan to use TOR for, Orbot’s a great app, has easy setup, and gets you running easily. It also has options to TOR anything that’s connected via WiFi or USB tethering, which means you can set up a WiFi hotspot and access all your internet anonymously.

?l=1&s=8&d=market%3A%2F%2Fdetails%3Fid%3Dorg.torproject - for some reason we don't have an alt tag hereKeep in mind, neither Orbot, nor the TOR network, will take a publicly posted note that says you’re plotting to overthrow the government from hotel room #311 at the Holiday Inn and translate that into “I like pancakes” for purposes of anonymity. Also be aware that some software may be capable of accidentally exposing you if you aren’t rooted or aren’t transparently proxying everything. For example, if you have the internet browser set to proxy, and you click a link that launches an external app, that external app isn’t going to be configured behind the proxy and will expose your IP address.

Download: Google Play

Pocketables does not accept targeted advertising, phony guest posts, paid reviews, etc. Help us keep this way with support on Patreon!
Become a patron at Patreon!

Paul E King

Paul King started with GoodAndEVO in 2011, which merged with Pocketables, and as of 2018 he's evidently the owner. He lives in Nashville, works at a film production company, is married with two kids. Facebook | Twitter | Donate | More posts by Paul | Subscribe to Paul's posts

Avatar of Paul E King

23 thoughts on “Orbot brings TOR network privacy to Android phones

  • Great find. Thanks, Paul.

    Reply
    • Avatar of Paul E King

      It’s an oldie but a good one. With the new Six Strikes legislation in the US, combined with multiple stories I’ve heard of people getting nasty calls from Sprint for visiting sites they don’t want you to (how true these are, who knows,) figured it was time to start looking into this.

      While picturing a future where visiting XDA (or my root pieces) could make you a criminal is a bit over the line, it’s not too far fetched to think with the current level of tech understanding that Congress and the Senate have that someone could plant an exploitable bug in a popular program that downs the cell networks/internet/Whitehouse.gov two weeks after an update with no explanation was quietly pushed to counter that by all the carriers.

      Rooted phones get linked to cyberterrorism, and the next thing you know people looking to S-OFF their phones are called cyberterrorists and visiting those sites becomes reason enough to kick you off the network.

      So yeah… however, current real-world applications for this can be seen from the Greatest Page in the Universe in which Maddox was blocked from any Apple store (according to his video) because of his negative reviews about Apple products. You can get the KKK website there, and evidently nudity/sex sites, but going to his gives a false 404 message. Break open a TOR client and you’ll get through their firewall to it.

      Interesting times. TOR leads to slow browsing, but it’s nice to know it probably leads to the real internet and not what’s filtered by your current connection.

      Reply
  • Avatar of weirdia

    I’m not rooted, but would like route all my PDANet traffic through this for privacy. Your article says: “For unrooted devices, you’ll need to configure apps to use the Orbot service on an individual basis, but that’s not hard.”

    Can you elaborate a bit? I don’t know how to configure and app to use the Orbot service.

    The description in the Google Play Store doesn’t match:

    “STANDARD/NO ROOT:
    – Works best with Firefox Mobile+ProxyMob Add-on
    – Works with Orbot-enabled apps like Gibberbot (secure chat) and Orweb”

    Reply
    • Avatar of Paul E King

      Orbot unrooted sets up a socks proxy server.

      I don’t have PDANet, but in your PDANet settings there should be one for upstream proxy address/port.

      Orbot is your proxy. Go into it, there should be an address/port listed. It’s the same thing you’ll see when installing it and it asks if you want to set twitter to use those ports.

      Most likely 127.0.0.1 port 9150 or something similar looking. Any socks-capable client can use it.

      Without the software though, can only guess at it.

      Reply
  • Avatar of weirdia

    Thanks, now I get it. Unfortunately it appears PDANet is not a socks client because there are no settings for a proxy. It does have some settings to “Hide Tether Usage”… but they don’t say what they do to achieve this.

    Reply
  • Avatar of Braaainz

    Love Tor! I would also recommend the Obscuracam app which allows you to censor out features from pictures and videos.

    Another appreciated app is “Image Privacy”. It strips out GPS/location data from pictures… information which is automatically embedded in every pic you take with your phone.

    Reply
  • Hey Paul, do you have any idea why this app stores so much data? After using it once for testing purposes, this app jumped to over 15 mb…

    Reply
    • Avatar of Paul E King

      my guess would be a remembered hosts list – remember the first time you started the thing up how slowly it ran to find a connection, and then subsequent times it popped open on no time.

      At least for me it did.

      Looking at other programs, MyFitnessPal and Netflix, two apps which shouldn’t be storing any data past username, password/token, each have 20+mb of data sitting there. That’s not even the cache size.

      I do wonder what’s taking up so much space now… time to check…

      Reply
    • Avatar of Paul E King

      The contents of the data directory for Orbot (and sizes) for my install

      cached-certs- 16.55K
      cached-microdesc-consensus – 628.12K
      cached-microdescs – 1269K
      cached-microdescs.new – 645K
      control_auth_cookie – 32 bytes
      lock – 0 bytesstate – 6K

      There’s a BIN directory under data that has what appear to be a couple of executable files along with several iptables files – perhaps a shell-level TOR client for root?

      All together looks like it adds up to close to what my data says it is.

      I think it should be storing the cache files in cache, not data, but I’m not an android programmer yet so there may be reasons behind keeping cached certificate data in data – such as not letting cachecleaner or the like wipe it out accidentally.

      Reply
  • This is why I love this site and your articles in particular. Thanks, Paul. I emailed the developer because I was curious. I’ll post a response when/if I get one.

    Reply
    • Avatar of Paul E King

      will check the permissions on that TOR thing in bin, in a minute, am actually on the phone right now so trying to do anything fun is limited by my desire to not be tethered to the desk by a 3 foot USB cable ;)

      Reply
    • Avatar of Paul E King

      Here’s the current layout, it shark a bit while I was on the phone, and “tor” evidently was an installed program:

      root@android:/data/data/org.torproject.android # ls
      ls
      app_bin
      app_data
      cache
      lib
      shared_prefs
      root@android:/data/data/org.torproject.android # ls app_bin/
      ls app_bin/
      iptables
      obfsproxy
      privoxy
      privoxy.config
      tor
      torrc
      torrctether
      root@android:/data/data/org.torproject.android # ls app_bin/ -la
      ls app_bin/ -la
      -rwx—— u0_a213 u0_a213 134308 2013-02-27 13:45 iptables
      -rwx—— u0_a213 u0_a213 963309 2013-02-27 13:45 obfsproxy
      -rwx—— u0_a213 u0_a213 346549 2013-02-27 13:45 privoxy
      -rwx—— u0_a213 u0_a213 883 2013-02-27 13:45 privoxy.config
      -rwx—— u0_a213 u0_a213 6261006 2013-02-27 13:45 tor
      -rwx—— u0_a213 u0_a213 324 2013-02-27 13:45 torrc
      -rwx—— u0_a213 u0_a213 291 2013-02-27 13:45 torrctether
      root@android:/data/data/org.torproject.android # ls app_data/ -la
      ls app_data/ -la
      -rwx—— u0_a213 u0_a213 16947 2013-02-27 13:50 cached-certs
      -rw——- u0_a213 u0_a213 643195 2013-03-01 09:47 cached-microdesc-consensu
      s
      -rw——- u0_a213 u0_a213 1930355 2013-03-01 10:15 cached-microdescs
      -rw——- u0_a213 u0_a213 0 2013-03-01 10:15 cached-microdescs.new
      -rw——- u0_a213 u0_a213 32 2013-03-01 09:45 control_auth_cookie
      -rwx—— u0_a213 u0_a213 0 2013-03-01 09:45 lock
      -rw——- u0_a213 u0_a213 6365 2013-03-01 10:37 state
      root@android:/data/data/org.torproject.android # ls cache/ -la
      ls cache/ -la
      drwx—— u0_a213 u0_a213 2013-02-28 13:15 com.android.renderscript.
      cache
      root@android:/data/data/org.torproject.android # ls lib/ -la
      ls lib/ -la
      root@android:/data/data/org.torproject.android # ls shared_prefs/ -la
      ls shared_prefs/ -la
      -rwxrw—- u0_a213 u0_a213 1580 2013-02-27 15:14 org.torproject.android_pr
      eferences.xml
      root@android:/data/data/org.torproject.android #

      Reply
  • Avatar of spencer311

    I have heard the tor network is very sketchy and involved in the secret wiki and the onion and whatnot. I have also heard of people in the network being able to get info off of your comuter or phone and even being able to see you from your camera. Is any of this true?

    Reply
    • Avatar of Paul E King

      it’s the internet, just encoded.

      So, exact same network you’re on now, just with coding and it’s extremely hard to track where an attack is coming from… so, pretty much like the internet.

      I’ll say on there you’ve probably got a higher level of technical savvy as you’re using an obfuscation program, but all it is is a connection.

      If your phone was vulnerable to hacking in one place, it would be in the other. Same with camera, computer, etc.

      I think Homeland has managed to convince people it’s a dark underground, but it’s the same things you’ve got in the free and open internet.

      Reply
  • Avatar of spencer311

    Well yea but tor is used to get into allot of dark web .onion dyes too and they always say to put tape over your webcam if you use those. Mainly the illigal ones. But I didn’t know if that was just on those sites or on the tor network in general.

    Reply
  • Hey Paul, I received a response from the dev re: app storage size:

    “Tor downloads detailed information about all Tor relays to be able to use them.
    We are aware that this is quite a lot, and are working on making it smaller.”

    Reply
  • Avatar of Jay Dogg

    I have a htc rooted phone, on this phone I use my wifi tether a lot. But I have not been able to use it while using orbot settings set to Transparent Proxy and Tor Everything. Any one have any thoughts on this. I think it would be cool to have any devise surfing the internet via my phone tether connected and protected via the tor network.

    Reply
    • WiFi tethering operates at a low level, so does this TOR client. Why not just install a TOR client on your other devices? Not an all-in-one, but probably easier than attempting to get it to work.

      Reply
  • Avatar of Jay Dogg

    Yeah that is true and I do run tor on my laptop. But I was hoping this could be done so I didn’t have to turn off orbot every time I use my tether. On the other hand battery seem to go down at a pretty fast rate when I left orbot running all the time with Transparent Proxy and Tor Everything on. So I may just turn tor on when I need or select just a few app to use the tor newtowk. Orbot may not be the app sucking down the power but maybe the problem. I was think if one of my app is having a problem talking through the tor network then it maybe consistently trying to talk out and killing my battery. I did notice I was not able to download a few mms yesterday while orbot was running with everything tor. Well I have some testing to do and will report back with my findings. If any one else has some insight to this join the conversion.

    Reply
  • Avatar of papacchio

    Hello, can you help me?
    Im using orbot on a rooted device, Actually I live in switzerland, and I would like to know how to set it in order to show my location as if Im in italy, because I would like to watch italian streaming TV and its available only for connection from Italy.
    Thanks for your support
    Ciao

    Reply
  • Avatar of jack deez

    seriously….props,,,,,but !! why dosent the whole wifi tether app work, limited access,,bs? or is it just me ..ehhhh.well im running orbot on androoid sg3, rooted, 4.1.2,love sprint…. no throttle bs,,Yes!,but sooner or l8tr theyll catch on. what 2 do? when i kill the orbot app tether wrx fine but wtf thats not the point,,,,hlp plz!!!!somethin with the setting..maybe the TrevE mod app im using sux w/ klink too,,,ahhhhh pain in the ass.

    Reply
  • Avatar of jack deez

    pappachio….theres an app called fake gps!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *