Make your phone anonymous with Orbot
HIDE YOUR ONLINE IDENTITY WHILE ON THE GO WITH YOUR ANDROID DEVICE.
GIVEN THE SUBJECT of this column, it’s no surprise that we’ve talked extensively about Tor, the anonymising network that’s used by the security conscious to hide their online identity from both inquisitive governments and prying websites. What you may not know is that Tor is also available for Android in the form of Orbot, and this month, we’re talking about getting it up and running.
You don’t need to have a rooted phone for Orbot to work (and we’re going to assume here that you don’t), but if you do have a rooted phone, then Orbot does become more powerful, and somewhat easier to use since you can just enable universal mode and have all your internet traffic routed through Tor. On a non-rooted phone, however, you do have to set up apps to use it.
We should also note here that Orbot is not available at all for iOS. There is an app (for $1.49) called Onion Browser that uses Tor and has ported over some of Orbot’s libraries, but it’s not open-source and we can’t confirm its security.
HOW ORBOT WORKS
In terms of its network access, Orbot simply implements the Tor protocol, the same one used in desktop version of Tor. It’s fully interoperable with the Tor network, routing data through several other Tor users to anonymise it before it gets to its destination. That way not even your ISP knows what sites you visit, and sites have no way to identify you.
Locally, it’s more complicated. On a non-rooted phone, Android won’t allow an app to take over internet routing for other apps. So Orbot can’t normally route data from, say, your Twitter app. One way it gets around this is by creating a local proxy — a kind of web service that routes data through it. You have to configure your apps to point at the Orbot proxy, after which, they will route data through it.
More recently, it has also added an ‘Apps VPN proxy’ mode, which uses your phone’s VPN tool. Instead of an actual VPN, it sets up Tor as a VPN, potentially letting any app use it.
SETTING UP ORBOT
The first thing to do is grab Orbot from Google Play and install it. Orbot is designed to run in the background and appears as a widget in the notifications bar. Launching it simply
shows you a screen with the logo and a Stop and Browse button (the latter launches your browser). It’s configured by default to start when your phone starts; you can turn that off by tapping on the vertical ellipsis and going into settings.
Unusually for a Tor client, you can also change your apparent location — kind of like the way many VPN services do. Swipe from the left and tap on World (Location) to set a location. You can actually see full routing information in the notifications bar.
APPS VPN MODE
Orbot’s ‘Apps VPN’ mode is still classified as experimental and still has a number of issues (like dropouts and DNS leaks) that prevent it from being really secure. But it is much easier to set up than the proxy method, and works for more apps.
Simply swipe in from the left to see the control bar. Then tap on the button next to ‘Apps VPN Mode’ to turn it on. You’ll see a list of all the internet apps you have on the device (including system apps), you can check individual apps, or select them all using the select all button.
Tap on back — Orbot will give you a notification that this mode is not fully secure — and click on ‘Activate’. Android will then pop up a warning that Orbot is trying to set up a VPN (you should allow it).
Now, if you head into your Android network settings, you’ll see a new VPN — Orbot has used Android’s built-in VPN tool to create one. That VPN will route data through the Tor network for all the apps you’ve selected. It’s not a real VPN — it’s just a bit of Orbot fakery to get Android to cooperate.
As we mentioned, this is not the most effective way to use Orbot, but if your app does not have proxy settings, it may be the only way with what you have available.
SETTING UP THE PROXY
Now for the proper, truly secure way to use Orbot. You have to configure your apps (at least those that support using a Proxy) to use this address as a proxy: 127.0.0.1:8118 That’s an IP address, 127.0.0.1, also known as ‘localhost’ since it points back at the device it’s on (you can actually just type “localhost” into the address field), and port 8118.
Let’s walk through setting it up for your browser. For browsers, we use the Android proxy settings. The same method is used on stock Android, as well as TouchWiz (though they look different, the process is the same). Go to your Wi-Fi settings. Find your current Wi-Fi network and perform a long press to bring up the options for that network. Then tap on ‘Modify network config’. * Next, tap on Show advanced options. * Scroll the window down to find the Proxy setting. Tap on it, and change it to ‘Manual’. Scroll down a bit more to see the Proxy fields. * Under Proxy host name, enter “localhost”. Under Proxy port enter 8118 * Save the settings. * Open your browser and go to check.
torproject.org. Hopefully it should tell you that you’re using Tor.
Most likely, this method will only work for your web browser. For other apps, you’ll probably have to configure their proxy settings individually.
In Twitter, for instance, on the login page, you can tap on the vertical ellipsis and select ‘Proxy’. Enable the HTTP proxy and enter the Proxy Host (localhost) and Proxy Port (8118). Then you should be good to go.