Thread - Nostr Hypermedia

Leo Wandersleb leo@nostr.info 1 year ago

I'm not an expert on Orbot but in which case and how could an IP leak using Orbot, assuming Orbot routs all the activated app's communication only over TOR? And how can an app developer fix this reliably? And how can the user know the client dev fixed it reliably 100% all the time with every update? I'm talking out of the experience where an app used an installed Orbot to talk to some servers then a new dev team introduced other servers but did not care about using Orbot when the still available TOR option was activated, misleading the user to assume to be private where they are not.

↑ Parent

Replies (4)

calle calle@cashu.me 1 year ago

Not necessarily. Orbot runs with and without VPN mode.

calle calle@cashu.me 1 year ago

You shouldn't give privacy advice if you don't know what you're talking about.

daniele _@dtonon.com 1 year ago

It depends on whether Orbot is used as a VPN or as a proxy. In the former case, the application cannot escape Tor, in the latter case it can of course, avoiding using the proxy. So Orbot as VPN is safer than current Amethyst's implementation, while the new built-in support has the same robustness, but avoid a dependency and all the troubles related to the configuration, offering a better experience to the user.

1 replies ↓

Alex 1 year ago

On the other side you have to monitor that Orbot is indeed running on the system, and not closed or crashed. Sometimes, rarely, Orbot just closes.