[tor-dev] iObfs: obfs4proxy on iOS

Mike Tigas mike at tig.as
Sat Mar 26 21:44:54 UTC 2016

Hash: SHA512

[Cross-posted to guardian-dev and tor-dev.]

Hey, friends.

I suppose this serves as a project announcement of sorts, and also as
a progress report regarding the current status of this thing.

iObfs is an effort to build obfs4proxy for iOS and to also build out
some techniques for actually making it usable within other
Tor-enabled iOS apps. You may have heard me or n8fr8 discuss the idea
at the dev meeting a few weeks ago. I'm not in love with the name I
gave it (it's a placeholder that stuck around), but such is life. The
repository is currently hosted at [1].

[1]: https://github.com/mtigas/iObfs

The initial sprint is being supported by a small Guardian Project
grant through mid-April. The high-level goals are to:

  1) successfully cross-compile obfs4proxy for the iOS environment
  2) "library-ify" it and link it into a proof-of-concept iOS app
  3) figure out how to get it to work without "managed mode"
  4) build out a process for maybe putting it into Onion Browser,
     iCepa[2], and other Tor iOS efforts

[2]: https://github.com/iCepa

I've got a bit of work regarding #1. I think I'm close to getting the
binary running, thanks to the existence of the gomobile tools[3].
Using gomobile, you easily get[4] an "obfs4proxy.app" and (given a
properly configured Xcode and iPhone) you can put it on a device. But
it crashes right now because (I believe) the iOS SDK requires apps to
declare some user interface (even if it's blank). So that's close,
but my relative lack of experience with Go and the Go buildchain have
made #1/#2 a bit slow-going.

[3]: https://golang.org/x/mobile/cmd/gomobile
[4]: https://github.com/mtigas/iObfs/blob/master/buildobfs4.sh

This week, I also took the time to figure out how PT "managed mode"
actually works and now have a good idea of how I'd get obfs4proxy to
work in an environment where tor can't fork it as a subprocess. There
were some conversations I had during the dev meeting where we thought
I'd have to use the control port and manually build circuits or
something crazy like that -- but it turns out that the solution is a
lot simpler.[5]


This essentially solves #3, so the big barrier now is
cross-compiling, "library-ifying", and linking -- rather than the
software implementation bits.

Anyway, that's where things are. Progress will surely ramp up a bit
over the next few weeks. Comments welcome.


Mike Tigas
@mtigas | https://mike.tig.as/ | 0xA993E7156E0E9923


More information about the tor-dev mailing list