TOR Tor at the Heart: Onion Browser (and more iOS Tor)

Discussion in 'TOR | TAILS' started by survivalmonkey, Dec 6, 2016.

  1. survivalmonkey

    survivalmonkey Monkey+++

    During the month of December, we're highlighting other organizations and projects that rely on Tor, build on Tor, or are accomplishing their missions better because Tor exists. Check out our blog each day to learn about our fellow travelers. And please support the Tor Project! We're at the heart of Internet freedom.
    Donate today!

    Onion Browser

    Onion Browser is an open-source iOS web browser that connects to Tor. The app has been available in the Apple App Store since 2012; it was previously $0.99 but recently became free of charge. You can download it in the App Store here and access the source code on GitHub.

    In addition to Tor support, Onion Browser features an experimental NoScript-like mode, user agent spoofing, and (since August) support for obfs4 and meek bridges.

    It’s primarily developed by Mike Tigas, who works as a developer and investigative journalist at ProPublica by day. (Did you know? ProPublica is one of the first major news sites to be available via an onion sitepropub3r6espa33w.onion) The app is an independent community project and is supported by Patreon backers and other donors (read more about supporting Onion Browser here), with some key support also coming from the Guardian Project.

    Onion Browser isn’t the prettiest app, lacking features like tabbed browsing, and it is starting to show it’s age a bit. But it still receives regular security updates and a new user interface is actively being developed (discussed in full below).

    Challenges on iOS

    Tor hasn't been well-represented on iOS over the years for a variety of reasons, mostly due to system peculiarities on the iOS platform. And although there’s a version of Firefox for iOS, several challenges prevent the interoperability that Tor developers are accustomed to on other platforms.

    The most glaring restriction on iOS is that you're not allowed to fork subprocesses. Tor must be compiled into the app binary and hacked to run as a thread inside the app process to work on iOS. Among other things, this means that a system-wide Tor app, like Orbot on Android, is simply not possible on the platform. (At least, not yet: read about iCepa below!) And simply relying on another app’s Tor instance — as some tools do with Tor Browser Bundle — also doesn’t work on iOS, since all of an app’s functionality is halted soon after a user switches out of the app.

    Even after solving the problem of just getting Tor to run, several other quirks prevent a lot of the functionality of Tor Browser (or even Orfox) from being easily reimplemented on iOS:

    • You're not allowed to implement your own browser engine and must use the WebKit framework built into the operating system. This separates Onion Browser from Tor Browser and Orfox, which are browsers based on Firefox Gecko. (On the other hand, this inadvertently made Onion Browser immune to the Firefox vulnerability targeting Tor Browser users last week.)
    • Only the older WebKit API (UIWebView) allows control over the SOCKS settings of the browser stack, so that we can configure it to use Tor. The newer framework (WKWebView) always uses your system proxy settings and can’t be reconfigured by an app at runtime. The APIs also contain vastly different functionality so that it's not always possible to convert code relying on one API to use the other. Firefox for iOS uses the newer WKWebView framework, which unfortunately means that much of the work on Firefox for iOS is quite difficult to use in a Tor-supporting iOS browser.
    • The WebKit APIs don’t allow a lot of control over the rendering and execution of web pages, making a Tor Browser-style security slider very difficult to implement. Many multimedia features on iOS also bypass the browser network stack — in particular, the iOS video player doesn’t use the same network stack as WebKit and therefore any browser action that launches the native video player may possibly leak traffic outside of Tor. Onion Browser tries to provide some functionality to block JavaScript and multimedia, but these features aren’t yet as robust as on other platforms.

    iOS developments in the community

    Despite the challenges, there are quite a few positive developments on the horizon — both around Onion Browser and the larger Tor iOS landscape.

    Endless is an open source browser for iOS that uses the older UIWebView API and thus can be modified to support Tor. It adds a lot of important features over the existing Onion Browser, like a nicer user interface with tabbed browsing, HTTPS Everywhere, and HSTS Preloading. There’s a new version of Onion Browser in the works that’s based on Endless that will hopefully enter beta testing this month.

    The NetworkExtension framework introduced in iOS 9 allows writing custom VPN software that the iOS system can use. A small coalition of Tor iOS developers are working on a tool called iCepa to use this framework to provide a Tor VPN to the entire phone — similar to the VPN mode of Orbot on Android. The framework was introduced with a tiny 5MB memory limit — which wasn’t enough to run both Tor and the controller app. But the memory limits have been increased to usable levels in iOS 10 and Conrad Kramer, the lead iCepa developer, has been making a bit of progress in recent months.

    There’s also work ongoing work to make Tor easier to implement in other apps, like Tor.framework and CPAProxy. ChatSecure for iOS uses CPAProxy to power encrypted XMPP instant messaging over Tor, and the next version of Onion Browser uses Tor.framework rather than a custom solution. Onion Browser’s obfs4/meek support comes from another similar reusable framework called iObfs. Reusable pieces like this will hopefully encourage more developers to work on iOS software that supports Tor.

    Continue reading...
survivalmonkey SSL seal warrant canary