Linas Valiukas | 18 Mar 14:42 2012
Picon

Tor for iOS via official channels

Hello, 

I was thinking about a GSoC 2012 project I could propose, and I came to the question of why there's no Tor iOS
(iPhone / iPad / iPod touch) application distributed on the official iTunes App Store?

There's this "test package" of Tor for iOS available [1], but it has to be installed via Cydia and not
everyone's phone is jailbroken. Distributing an application via the App Store has some benefits of its
own too (additional marketing and visibility, easier installation, to name a few).

So, what is the problem?

* Would it comply with the iOS Developer Program License Agreement? I'm no lawyer, but last I read the
document there's nothing in it that would prevent distributing an app which would create a "local" HTTP
proxy to be used by the other applications.

* Since the iPhone 3GS, the applications can retain running in the background, so I guess we're fine on the
purely technical side too.

* There are US Export laws that require a so-called CCATS review and approval to be done with each
application that employs strong encryption. I don't think that's a blocker though.

* Maybe that Tor iOS application wouldn't reach various "interesting" markets such as PRC (for example, a
commercial yet pricy "Covert Browser" [2] is not available in China's App Store) because of the legal
restrictions. Still, I would argue that it is worth having such an application.

Regards,

[1]: http://sid77.slackware.it/ios/
[2]: http://itunes.apple.com/us/app/covert-browser/id477438328?mt=8

(Continue reading)

Fabio Pietrosanti (naif | 18 Mar 14:51 2012
Picon

Re: Tor for iOS via official channels

On 3/18/12 2:42 PM, Linas Valiukas wrote:
> Hello, 
> 
> I was thinking about a GSoC 2012 project I could propose, and I came to the question of why there's no Tor iOS
(iPhone / iPad / iPod touch) application distributed on the official iTunes App Store?
> 
> There's this "test package" of Tor for iOS available [1], but it has to be installed via Cydia and not
everyone's phone is jailbroken. Distributing an application via the App Store has some benefits of its
own too (additional marketing and visibility, easier installation, to name a few).
> 
> So, what is the problem?
> 
> * Would it comply with the iOS Developer Program License Agreement? I'm no lawyer, but last I read the
document there's nothing in it that would prevent distributing an app which would create a "local" HTTP
proxy to be used by the other applications.
> 
> * Since the iPhone 3GS, the applications can retain running in the background, so I guess we're fine on the
purely technical side too.
> 
> * There are US Export laws that require a so-called CCATS review and approval to be done with each
application that employs strong encryption. I don't think that's a blocker though.
> 
> * Maybe that Tor iOS application wouldn't reach various "interesting" markets such as PRC (for example, a
commercial yet pricy "Covert Browser" [2] is not available in China's App Store) because of the legal
restrictions. Still, I would argue that it is worth having such an application.

It would add that it would be interesting to provide Tor integration to
all iPhone iOS applications.

While this could not be done by operating a SOCKS server locally because
(Continue reading)

Nathan Freitas | 18 Mar 15:17 2012
Picon

Re: Tor for iOS via official channels

Afaik, there are no long running background processes available to run a standalone tor process. Covert Browser works because it is integrated in one app/process. Maybe the VPN service model would work though.

Otherwise, I agree something should be done, even if it is only an open-source version of Covert Browser. At Guardian Project, we have plenty of iOS experience but we just loath having to pay Apple $99 a year to have the privilege of developing with their closed source IDE only on MacOS.

One should also look at why VLC is not in the app store - there was a conflict with GPL I believe.

+n

"Fabio Pietrosanti (naif)" <lists-BEJ3GKOyH/EwUp2xcto6ig@public.gmane.org> wrote:
On 3/18/12 2:42 PM, Linas Valiukas wrote:
> Hello,
>
> I was thinking about a GSoC 2012 project I could propose, and I came to the question of why there's no Tor iOS (iPhone / iPad / iPod touch) application distributed on the official iTunes App Store?
>
> There's this "test package" of Tor for iOS available [1], but it has to be installed via Cydia and not everyone's phone is jailbroken. Distributing an application via the App Store has some benefits of its own too (additional marketing and visibility, easier installation, to name a few).
>
> So, what is the problem?
>
> * Would it comply with the iOS Developer Program License Agreement? I'm no lawyer, but last I read the document there's nothing in it that would prevent distributing an app which would create a "local" HTTP proxy to be used by the other applications.>
> * Since the iPhone 3GS, the applications can retain running in the background, so I guess we're fine on the purely technical side too.
>
> * There are US Export laws that require a so-called CCATS review and approval to be done with each application that employs strong encryption. I don't think that's a blocker though.
>
> * Maybe that Tor iOS application wouldn't reach various "interesting" markets such as PRC (for example, a commercial yet pricy "Covert Browser" [2] is not available in China's App Store) because of the legal restrictions. Still, I would argue that it is worth having such an application.

It would add that it would be interesting to provide Tor integration to
all iPhone iOS applications.

While this could not be done by operating a SOCKS server locally because
iPhone doesn't support to configure a Socks Server for iOS sockets.

But iPhone let configure VPN using PPTP and L2TP protocol.

Why not running within a Tor for iPhone also a local PPTP or L2TP daemon
that's hooked to "SOCKSIFY" all connections of the Phone via Tor?

A sort of PPTP-to-SOCKS-to-Tor integrated, to provide trasparent secure
browsing for iOS applications.

-naif

tor-dev mailing list
tor-dev-AQ2JdjIqcwQ@public.gmane.orgrproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Fabio Pietrosanti (naif | 18 Mar 16:31 2012
Picon

Re: Tor for iOS via official channels

On 3/18/12 3:17 PM, Nathan Freitas wrote:
> Afaik, there are no long running background processes available to run a
> standalone tor process. Covert Browser works because it is integrated in
> one app/process.

That's also another nice option, that generally would mean more hacking
on Tor to make it suitable/usable as a sort of "library" to let third
party application provider bundle it within their application.

If it would be possible for third party application developer to add
"anonymity" support to their application just by linking trough an
"anonymity library" and taking care of using "anonymous sockets", we
would see a lot of applications adding "anonymity" feature.

> Maybe the VPN service model would work though.
> 
> Otherwise, I agree something should be done, even if it is only an
> open-source version of Covert Browser. At Guardian Project, we have
> plenty of iOS experience but we just loath having to pay Apple $99 a
> year to have the privilege of developing with their closed source IDE
> only on MacOS.
> 
> One should also look at why VLC is not in the app store - there was a
> conflict with GPL I believe.

Yeah, but Cover Browser can use Tor because Tor is BSD-licensed, so as
long as we keep stuff in a BSD-licensed schema everything could work.

As a local PPTP server maybe it's possible to use directly the
BSD-licensed apple support
https://discussions.apple.com/thread/135631?start=0&tstart=0 ?

However between the VPN hack approach and the "tor as a usable library"
approach i think it would be much better the second one.

So working on Tor to make it suitable for use by third party application.

-naif
_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Andrew Lewman | 19 Mar 01:24 2012
Picon

Re: Tor for iOS via official channels

On Sun, 18 Mar 2012 15:42:33 +0200
Linas Valiukas <shirshegsm@...> wrote:
> I was thinking about a GSoC 2012 project I could propose, and I came
> to the question of why there's no Tor iOS (iPhone / iPad / iPod
> touch) application distributed on the official iTunes App Store?

People have tried in the past and been rejected for being a
'proxy/circumvention tool'. 

--

-- 
Andrew
http://tpo.is/contact
pgp 0x6B4D6475
_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Fabio Pietrosanti (naif | 19 Mar 10:00 2012
Picon

Re: Tor for iOS via official channels

On 3/19/12 1:24 AM, Andrew Lewman wrote:
> On Sun, 18 Mar 2012 15:42:33 +0200
> Linas Valiukas <shirshegsm@...> wrote:
>> I was thinking about a GSoC 2012 project I could propose, and I came
>> to the question of why there's no Tor iOS (iPhone / iPad / iPod
>> touch) application distributed on the official iTunes App Store?
> 
> People have tried in the past and been rejected for being a
> 'proxy/circumvention tool'. 

But considering that CovertBrowser got into the apple store, it means
that as long as "Tor" will be provided as "anonymity feature" of a
Mobile application, where the Mobile Application is compliant with Apple
Terms of Service, it should pass.

So while thinking about Tor and iOS we should probably think that Tor
must represent, like for Covert Browser, a "pluggable/linkable" system
to provided anonymity feature to an application.

Are there any chance to convince the Covert Browser developer to release
it's code?

We may arrange a kickstarter project to "open" the result of his
research, so he would earn some thousand USD in exchange for the
opensourcing of the project.

What do you think?

-naif
_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Lee Fisher | 21 Mar 23:06 2012
Picon

Re: Tor for iOS via official channels

 >> I was thinking about a GSoC 2012 project I could propose, and I came
 >> to the question of why there's no Tor iOS (iPhone / iPad / iPod
 >> touch) application distributed on the official iTunes App Store?
 >
 > People have tried in the past and been rejected for being a
 > 'proxy/circumvention tool'.

A Mac game developer friend suggested two indirect methods to use the 
Apple market while avoiding market rejections, that might help:

1) Use Test Flight, with Tor Project as an enterprise, using this tool 
to deliver to their testers.
https://testflightapp.com/tos/

2) Instead of general public market, use enterprise market, with Tor 
Project as an enterprise, with non-employee volunteer users. Supposedly, 
no rejections for enterprise-private apps.
http://www.wired.com/wiredenterprise/2012/03/apple-configurator/

Both solutions would probably have to have Tor Project corp to setup an 
enterprise where mac users would be volunteers or testers, so zero 
anonynimity for obtaining the software. Instead of Tor, maybe EFF or 
another privacy-centered group could be enterprise, esp. if it has 
existing membership infrastructure.

_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev


Gmane