[tbb-dev] So, about the Linux sandbox in the long term?

Georg Koppen gk at torproject.org
Sat Jun 3 18:16:00 UTC 2017

Yawning Angel:
> On Tue, 30 May 2017 20:22:09 +0200
> Hans-Christoph Steiner <hans at guardianproject.info> wrote:
> [snip]
>> Android is a very different OS than all the desktops.  GNU/Linux, OSX
>> and Windows are much more similar to each other than to Android.
>> Android is also the most popular computing platform in the world, so
>> its worth investing it.  More users and more page views than Windows.
>> Given the desire for stronger sandboxing, it could make sense to keep
>> tor in something like Orbot, which is installed separately.  That
>> means its isolated from the browser part with all the Android
>> tricks.  Things like CopperheadOS make that sandboxing even stronger.
>> As for Android apps updating their own code, it is possible, and it is
>> occasionally done.  It is considered a bad practice, and Google has
>> been gradually locking that down over time.  Android already provides
>> a solid install procedure, at best, I think it would be a waste of
>> time to build a custom in-app updater to replace that.  For example,
>> that will break nice security properties like the code being
>> installed read-only even to the app itself.
> The general gist I'm getting from this is:
>   Continue to treat Android like the red headed stepchild that it is,
>   because a tor-launcher deprecation/rewrite doesn't affect the one
>   platform that doesn't really even use tor-launcher in the first
>   place.

FWIW the upcoming DRL work is supposed to change that: we promise to
give Android users with Tor Browser for Mobile the same safe experience
as we have on Desktop, including Tor Launcher.

That said: let's have some discussion about how we can move forward work
in this area during the Tor Browser meeting on Monday next week. Isabela
will be there and help to keep the momentum going and the future work


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20170603/0db76bd8/attachment.sig>

More information about the tbb-dev mailing list