The Tor Project's upcoming VPN Android app has been moved to beta. Here is how it looks on #GrapheneOS:
This version uses Arti, Tor's Rust implementation, it is more modern and secure. Each app will get their own Tor circuit and exit IP. Unlike Orbot which is an on-device Tor proxy with a VPN feature, it appears app is designed to be a VPN first and foremost.
How can I get beta?
Oh good. More teaser apps for the Android.
Isn't the general VPN trade off basically pick your poison on who to trust? Anything better here than any other reputable, FOSS VPN?
Running out of bookmarks here. ๐
Great news, thanks for sharing.
Any advantages of using this over for example nostr:nprofile1qqsxkj3fh02r68gwa6knsn639ka4j88fgp7j0kay3t25kqxe6tsew2cpz9mhxue69uhkummnw3ezuamfdejj7qgkwaehxw309ajkgetw9ehx7um5wghxcctwvshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme07aksjz?
We did a small comparison in our FAQ!
Nice, look forward to using it. Would be cool if its added to accrescent.
What is the practical difference between being Proxy+VPN feature versus VPN first?
Very cool. My dream is that we'll have inner app split circuits. I eventually want something to prevent profiling, each unique thing (e.g. sub to several RSS feeds) all sent through separate circuits. Something similar uses for gpg refresh back in the day.
damn I love it
Is there a way to configure this so that all traffic flows thru this tor vpn hops nto your mullvad vpn before leaving the device?
Great: now the fedVPN is directly embedded inside the fedAndroid. ๐
Doesn't get much better than this.
Is it proven that TOR is infiltrated?
Tor was proven has created by federal government officials: 
Difficult to define "infiltrated" when the overwhelming majority of "free" servers running Tor are government owned. To be fair, there is kind of a competition about which government hosts the largest number of Tor servers and some of them don't like each other (e.g. US vs CN).
I guess any poor nostr volunteers hosting a tor server on their basements are the ones infiltrating that fedVPN.
If that fedAndroid distribution would really be worried about privacy, they'd be implementing I2P since the beginning.
Which they haven't and now pretend it doesn't exist. So there's that.
btw. Don't ask them about their source of funding, they quickly jibber to be "donation-based" without ever going into actual details nor publishing any numbers. Quite the mistery.
>If that fedAndroid distribution would really be worried about privacy, they'd be implementing I2P since the beginning.
GrapheneOS will not bundle third party apps or network services. Download InviZible if you want I2P. The licenses for it makes it incompatible to be bundled anyways.
>Which they haven't and now pretend it doesn't exist. So there's that.
Type 'site:discuss.grapheneos.org i2p' on your favourite search engine.
Can you expand on the license issue? Are they not open soruce?
It is open source but it is GPLv3. GrapheneOS software is MIT licensed, upstream code is Apache 2.0. For an app to be bundled it would need to be licensed like such.
I see. Their license page is a huge mess.
I was talking about the InviZible app rather than I2P itself. I assume that it could be possible to make a new app doing it with the licenses, but again we wouldn't bundle other services or apps.
Our only interest in third-party apps is if they can replace an OS component and we can reliably maintain our own changes to it. The keyboard and gallery apps are ones we are targeting for this atm.
The beauty of bundling something like Tor or I2P is that you can control the deamon's lifecycle at the OS level, allowing it to stay running forever.
Android operating systems do provide an always on and leak blocking VPN functionality per-profile. We close out many more VPN leaks than the stock OS does too. Providing the app is well designed it should continue to stay running. Orbot was known to be terrible with this (tons of bugs) and had crashes on our exploit mitigations. If it ever got a recommendation then it only would have been because there was little other options.
The per-profile VPN helps segregate networks like this easily. You could run a VPN on a standard user and an anonymity network in the profile's Private Space and you can switch to both with ease.
Is the always-on policy just for VPNs or are there other exceptions?
App developers constantly run into issues to keep things running. For instance, in Nostr, we would like to keep an always on connection with the user's chosen Inbox relays at all times, replacing the Push Notification stack (FCM/UnifiedPush) altogether. Though I am not sure if we were successful in keeping that service running at all times, from a regular app, yet.
I've read your posts with difficulties from past days, but find it strange because quite a few apps are permanently running OK.
Oddly enough, 0xChat always pings me about likes and replies without fail, even thought it isn't my often used NOSTR client.
Would suggest to look at their implementation, somehow it works really rock solid.
I wouldn't know details without knowing more from your app.
Check out the documentation on background tasks, or if you discussed it elsewhere with a different team member then what they said should be helpful to you.
https://developer.android.com/develop/background-work/background-tasks
but this always-on feature is designed for VPNs, yes. you can background apps using the method I sent above.
On one hand you mention refusing to bundle third party apps, but on this same initial post you celebrate the bundling of that third party TOR client. ๐ค
License isn't an obstacle, GPL copyleft only applies on this context when your app directly depends on the library without an alternative. Furthermore, you could request a written statement from the development team that your project is not impacted by the license, or at the very least request an exception to be stated (GPL permits all these things).
I prefer GPL than MIT for security, but do you know why? That is the default license for everything Linux on the kernel and embedded level.
On that same domain you have chosen MIT. Do you know who else picks MIT for their open source? Answer: Microsoft.
Do you know why? Because even though it is "open", in reality it doesn't protect users from patent litigations by you against them in the future. Basically a gun pointed at their heads whenever you decide one day to sell the company to Radio Free Asia or In-Q-Tel.
>On one hand you mention refusing to bundle third party apps, but on this same initial post you celebrate the bundling of that third party TOR client. ๐ค
It's not bundled. It isn't going to be bundled. This is a post showing a work in progress beta app that most users have not seen before. This app is developed officially by Tor to hopefully replace Orbot, it is informational content.
>License isn't an obstacle [...].
Not relevant to our use case. We want GrapheneOS as a whole to have permissive licensing. Vanadium browser patch is GPLv2-only with exception for Apache2.
>I prefer GPL than MIT for security, but do you know why? That is the default license for everything Linux on the kernel and embedded level.
There isn't a security benefit to use one or the other. It's an agreement on what a user can do with source code when they change it. One of the most used and targeted platforms for attacks using it means nothing. GrapheneOS regrettably uses the Linux kernel too. There are countless hardening features distros are free to add.
Feel free to perform any security assurance you want.
>On that same domain you have chosen MIT. Do you know who else picks MIT for their open source? Answer: Microsoft.
No idea what this has to do with it. It's one of the most used licenses. Not relevant to us what some big company decides their favourite license is. Should I not drink water because Hitler did too?
>Do you know why? Because even though it is "open", in reality it doesn't protect users from patent litigations by you against them in the future.
GrapheneOS work isnt patented. What's to patent? It is free and open source. We see many bad actors make forks with our software all the time, we can't do anything about it except call it out as untrustworthy. All we have is a trademark for the name and branding to stop malicious sellers.
>Basically a gun pointed at their heads whenever you decide one day to sell the company to Radio Free Asia or In-Q-Tel.
...who? This is an open source software project, it isn't a company. If someone wanted to sell GrapheneOS then just fork it yourself and start a business.
We don't sell anything. There is zero plans to make the work a for-profit engagement and there was an incident in 2018 where we nuked signing keys (prevents OS from ever updating) to prevent a failed corporate takeover back at a time when the then lead developer worked at said company. That's a strong commitment to not be corporate.
Amazing LFG
What's the difference between this and Orbot?
Never use GrapheneOS, never use Tor.
Graphene openly endorses a government sponsored VPN which persecutes whoever is not yet under their control. Read this and never forget: https://www.reddit.com/r/TOR/comments/1ni5drm/the_fbi_couldnt_get_my_husband_to_decrypt_his_tor/
