per-app permissions

The goal is to be able to choose which apps the user does and does not route over Tor. This involves some careful investigation around some of the major risk areas identified as Risks in the Network Activity Isolation for the low-level security properties: intents, platform services, Google Play APIs, notification registration.

For example, if you have one application that you want to route over tor, but you want to make sure it does not have any other proxy settings that would allow it to bypass the tor routed traffic, then having this proxy bypass prevention is a security property of per-app permissions.

Or an app or service blocks, or is too slow over Tor so the user should be able to exempt that app’s traffic from being routed through Tor, so they can use that app without needing to turn Tor routing off for the entire device