On 9/13/19 3:51 AM, Hans-Christoph Steiner wrote:
teor:
It's not always safe to have apps share Tor: a malicious website in one app can use various caches to discover activity in other apps. And there may be similar data leaks in other shared data structures or network connections.
How do these data leaks affect your use cases?
With Orbot, all apps are already sharing one tor daemon, so this isn't a new development.
.hc
Most the use cases for Tor outside of Tor Browser and Briar tend to be related to anti-censorship, reduction of passive surveillance, and opportunistic access to onions (nytimes, DDG, facebook, etc).
Also has hc said, we are talking about non-browser type applications.
Since these are also applications you already have installed on your phone, they already can know a heckuva a lot about you and your device. Thus, with the threat model scope for this work, the app itself is not our adversary, just the network.
+n