[tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jul 13 02:21:00 UTC 2018
#21863: Ensure proxy safety on Android
-------------------------------------------------+-------------------------
Reporter: gk | Owner: sysrqb
Type: defect | Status:
| accepted
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-mobile, tbb-7.0-must, tbb- | Actual Points:
proxy-bypass, TorBrowserTeam201807 |
Parent ID: #26531 | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Comment (by sysrqb):
Replying to [comment:26 gk]:
> Replying to [comment:24 sysrqb]:
> > In addition, I went down the rabbit hole: "What does Android *do* when
you ask it to establish a connection using a proxy". The result of this
long and windy path is "it seems safe", but only when the Java/Dalvik/ART
VM uses the default AOSP configuration.
> >
> > I'll attempt succinctly explaining proxy safety on Android here, but
we should seriously consider using Necko for all networking calls in the
future (which means exposing necko via jni). I believe GeckoView is
already considering this - but how hard could it be? :)
>
> Yes, please. Do you have a ticket for GeckoView tracking this work? I
looked a bit around but did not find anything.
No, I dont, I'll ask the devs if they have an open bugzilla ticket.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21863#comment:30>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list