Fwd: Orbot v15-alpha-3 with VPN and Meek!
----- Original message ----- From: Nathan of Guardian <nathan@guardianproject.info> To: guardian-dev@lists.mayfirst.org Subject: Orbot v15-alpha-3 with VPN and Meek! Date: Sat, 14 Feb 2015 02:57:34 -0500 More progress on Orbot VPN support, and now, thanks to our new PLUTO library (https://github.com/guardianproject/pluto), support for Meek (https://trac.torproject.org/projects/tor/wiki/doc/meek) and soon Obfs4 as well. Currently you can use Meek or you can use VPN, but you can't use both together... still working on that, as I can't get Meek to talk to the passthrough HTTP proxy I use to allow socket connections out of the VPN filter. To use Meek, just enable the "Bridges" button on the home screen, without using any bridge config info, and it will default to using the Meek Azure instance. If you set the bridge line to 0 it will use Google, and 1 it will use Amazon, and 2 it will use Azure. The VPN mode is just as easy, just enable VPN using the homescreen toggle button, then start/restart Orbot. All apps on your phone should now be running through Tor. Remember, Bridges and VPN don't work at the same time, for now... but please test both features separately, and let me know how well they work for you. APK: https://guardianproject.info/releases/Orbot-v15.0.0-ALPHA-3.apk SIG: https://guardianproject.info/releases/Orbot-v15.0.0-ALPHA-3.apk.asc Source: https://gitweb.torproject.org/n8fr8/orbot.git/log/?h=v15-dev or https://github.com/n8fr8/orbot/tree/v15-dev -- Nathan of Guardian nathan@guardianproject.info
On 14/02/15 08:58, Nathan Freitas wrote:
----- Original message ----- From: Nathan of Guardian <nathan@guardianproject.info> To: guardian-dev@lists.mayfirst.org Subject: Orbot v15-alpha-3 with VPN and Meek! Date: Sat, 14 Feb 2015 02:57:34 -0500
More progress on Orbot VPN support, and now, thanks to our new PLUTO library (https://github.com/guardianproject/pluto), support for Meek (https://trac.torproject.org/projects/tor/wiki/doc/meek) and soon Obfs4 as well.
Currently you can use Meek or you can use VPN, but you can't use both together... still working on that, as I can't get Meek to talk to the passthrough HTTP proxy I use to allow socket connections out of the VPN filter.
To use Meek, just enable the "Bridges" button on the home screen, without using any bridge config info, and it will default to using the Meek Azure instance. If you set the bridge line to 0 it will use Google, and 1 it will use Amazon, and 2 it will use Azure.
The VPN mode is just as easy, just enable VPN using the homescreen toggle button, then start/restart Orbot. All apps on your phone should now be running through Tor.
Remember, Bridges and VPN don't work at the same time, for now... but please test both features separately, and let me know how well they work for you.
APK: https://guardianproject.info/releases/Orbot-v15.0.0-ALPHA-3.apk SIG: https://guardianproject.info/releases/Orbot-v15.0.0-ALPHA-3.apk.asc
Source: https://gitweb.torproject.org/n8fr8/orbot.git/log/?h=v15-dev or https://github.com/n8fr8/orbot/tree/v15-dev
Hello Nathan! Glad seeing this VPN part going further! I just have concerns regarding my app compatibility (orwall): does orbot still opens ports on localhost, and are they still the same, or shall I detect orbot version and/or probe for opened ports? I'll give a try to this alpha version shortly hopefully (time is a weird thing fleeing at light speed). Cheers, C.
On Sat, Feb 14, 2015 at 02:58:28AM -0500, Nathan Freitas wrote:
More progress on Orbot VPN support, and now, thanks to our new PLUTO library (https://github.com/guardianproject/pluto), support for Meek (https://trac.torproject.org/projects/tor/wiki/doc/meek) and soon Obfs4 as well.
Currently you can use Meek or you can use VPN, but you can't use both together... still working on that, as I can't get Meek to talk to the passthrough HTTP proxy I use to allow socket connections out of the VPN filter.
An upstream HTTP proxy should work, either through torrc HTTPProxy or the --proxy option. I just remembered that an upstream SOCKS proxy won't work if you are using naked meek-client, because when I looked there wasn't SOCKS client support in the Go standard library. This function determines what types of proxy are acceptable: https://gitweb.torproject.org/pluggable-transports/meek.git/tree/meek-client... David Fifield
On Sat, Feb 14, 2015 at 12:08:10AM -0800, David Fifield wrote:
An upstream HTTP proxy should work, either through torrc HTTPProxy or the --proxy option.
Careful! The torrc "HTTPProxy" line is only for non-tunneled directory fetches. It's the "HTTPSProxy" line that most people want -- that causes Tor to send its TLS connections via the proxy using the CONNECT command. Unless meek does something way cool to redirect its browser requests or something. :) --Roger
On Sat, Feb 14, 2015 at 03:22:38AM -0500, Roger Dingledine wrote:
On Sat, Feb 14, 2015 at 12:08:10AM -0800, David Fifield wrote:
An upstream HTTP proxy should work, either through torrc HTTPProxy or the --proxy option.
Careful! The torrc "HTTPProxy" line is only for non-tunneled directory fetches.
It's the "HTTPSProxy" line that most people want -- that causes Tor to send its TLS connections via the proxy using the CONNECT command.
Okay, whatever it is that sets TOR_PT_PROXY, because that's what meek-client is reading.
participants (4)
-
CJ -
David Fifield -
Nathan Freitas -
Roger Dingledine