Collecting needs of developer/projects integrating tor in mobile
WHO
- ooni
- the guardian project
- the briar project
- ricochet
- zcash
- kraken
- TB
STEPS
- collect data on what devs need to integration
- we already have some of this scattered around (missing bindings for mobile for example)
- write down what we have
- interview external developers about what are the needs that is not working with what we have
- share the findings back to everybody
COLLECTING NEEDS
We'd like to have a way where it's easy to use Tor in your applications, and easy to write applications that use Tor. We are looking for challenges that developers have of integrating tor in mobile apps and what features they will need to work with tor.
- Use case
- Deployment environment (platform, language, etc)
- How they are integrating tor
- Challenges
-
Are you OK with a tor daemon running along side your application?
-
Are you OK having much less control over tor?
-
What kind of control you want over tor?
-
What kind of information are you expecting your application to get back from tor?
-
Are you comfortable with an in-process library that does async I/Os and regular wake ups? If not, what fine grained control do you want?
-
Can you live with building a C library or linking with a shared library?
-
What kind of abstraction layer are you looking for? TCP socket level, connection level, ... ?
- Wishlist
- Who other developer/project we should consult?
OONI
- Use case
- Deployment environment
- How they are integrating it
- Challenges
- Wishlist
References:
-
https://github.com/ooni/ooni.org/blob/8b5a879f74ee483557a07e619f8767c1cd833ca4/content/nettest/tor.md
-
https://github.com/ooni/probe-legacy/blob/bdd86c3c6da6bf82a713a2b34a728d2929faeaae/docs/source/tests/bridge_reachability.rst
THE GUARDIAN PROJECT
contact: nathan/hans (android) and benjamin (ios)
Use case
- Browser implementation (via socks) and VPN network extensions (ideally via tunnel)
Deployment environment
- iOS + macOS via carthage (package manager for libraries and cocoapod)
How they are integrating it
Via the C headers and linking. XXX(ahf): link to the code here from Tor.framework.
Challenges
- Memory issues.
- Integration is hard.
- OnionBrowser: URLSession on Apple supports socks, but for "Alt-Svc", but "Host" header cannot be changed? Does curl make sense here? Curl is built without socks on the Apple package management point.
Wishlist
- Tunnel interface (number #1 (closed)).
- Memory consumption handling.
- API over ControlPort if possible.
- Thread safety.
- Multiple options to "start" Tor: pass command line options and then connect to control port: should be a set of documented API calls.
- Provide .a and .so file for everything in Tor.
Other companies to talk to:
- BitCoin mining node control apps: ProofOfKeags/Fontaine in Tor.framework issue #65)
THE BRIAR PROJECT
- Use case
- Deployment environment
- How they are integrating it
- Challenges
- Wishlist
RICOCHET
- Use case
- Deployment environment
- How they are integrating it
- Challenges
- (not mobile) problems integrating tor in windows
- Wishlist
ZCASH
- Use case
- Deployment environment
- How they are integrating it
- Challenges
- Wishlist
KRAKEN
- Use case
- Deployment environment
- How they are integrating it
- Challenges
- Wishlist