#tor is not working in #amethyst now. It's worst than that: amethyst is bypassing it.
I asked amethyst to use Orbot and even though my orbot is off, amethyst is still reading and writing into relays.
That's a wanting for all users thinking Tor is working!
My OS is GrapeneOS
nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z nostr:npub18nw7u79dx7gnrnmr8h557m9ryhv36ulqmrmelwgd0py5slf7ttzssyxtdv
It seems to be working here. Do you know which connections the app is bypassing? I can try to find the leak.
How can I know which connection the all is bypassing? I don't quite understand your question.
I'm using orbot on port 9050, amethyst 0.83.5 play Version
How do you know the app was bypassing it?
Because I can read posts and write them even with Orbot off.
I told amethyst to use Orbot proxy, ans usually if I do this and Orbot is off, all relays will show read and I cannot read or write.
And now I told amethyst to use Orbot, Orbot is off, and all servers are Green and I am even sending you this message
Orbot being off doesn't block any connections. It just goes back to the regular channel.
I tested this just now and when turning the proxy off it disconnected from all relays, only the cached data loaded and when i posted something it was not sent to any relay
By turning the proxy off, do you mean turning Orbot itself off? I am trying to test this, but airport network is giving me a hard time. :(
Yes, turning orbot off
Great! I am starting to think there is a way for wifi networks to pretend to have Orbot connected to Tor. Using at the airport, Orbot connects but I can't connect with any relay. 🤔
Some 1 or 2 months ago Orbot off had the consequence of not reading or writing into any really.
Die someone that's hiding for governments surveillance and can pay with his life, it's very important that off means no communication
Not sure if I am understanding what you are saying but what I hope amethyst does when I set it to connect via tor / orbot is that if orbot is switched off or unable to connect to the onion network for whatever reason, then I want amethyst to not connect to anything anywhere - I want to see a blank screen in amethyst in that case which will let me know that something is wrong with my connection.
IOW if I say connect via tor / orbot, then don't connect (of fail back) in the case of tor / orbot not being connected.
otherwise i will never know if I am actually reading and posting via Tor or not unless i am constantly checking whether orbot is connected.
There is another TOR app, InviZible Pro, which you could use that would allow you to force the app through Tor, whether it supports it or not. You can use it as an Orbot alternative or as a Tor Vpn.
This would allow you to apply it system wide or on a per app basis. It also includes DNScrypt, I2P, and a firewall.
I've been using it for over a year now.
https://apt.izzysoft.de/fdroid/index/apk/pan.alexander.tordnscrypt
Cool - thanks for the heads up.
nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z the problem is now solved. I got an update in #GrapheneOS and Orbot and it now blocks when Orbot is off.
Lesson: I'd your life depends on Tor, don't trust your smartphone! Use some desktop OS famous for this, or somehow a router with a kill switch
Very interesting.
Note: GrapheneOS never made any changes to VPNs recently, you can see the OS change logs. We've been using Tor with Amethyst with no problems for a long time, and turning it off also stops on Amethyst. There's a difference between the Orbot Tor VPN mode and Tor proxy modes and many users mix them up. This has nothing to do with GrapheneOS.
I am replying to this Nostr note on with Orbot mode on even when I don't have the Orbot app installed. Just tried it.
I use Amethyst but not looked into the source that much, but it's definitely not a GrapheneOS thing. Hope I could try and help sort this issue out for you regardless.
Wow, interesting, just like I had!
nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z
I was using #Orbot in socks mode.
Then that's the issue.
Orbot only runs the SOCKS proxy service and that's it, it's up to the apps that use the proxy to enforce blocking connections outside the SOCKS Proxy if an app uses it. Very different to the VPN mode...
I've found enabling Tor mode even without the proxy lets me use Amethyst, but, when the app restarts itself after being in the background, then it forces Tor connections. Maybe Amethyst could force a restart after this setting is enabled?
I tried:
- socks proxy
- socks proxy+vpn Mode (for the app only)
- vpn Mode (for the app only)
And in all of them, even though Orbot was not connected, I could read and write nostr event. That's what's I was complaining.
Now misteryously it went back to work as intended: no Tor connection, amethyst stops working.
I Attribute it to a GrapheneOS update
GrapheneOS doesn't change anything with Orbot or VPNs, they aren't bundled in the OS. Most likely Amethyst's Tor implementation is leaky and it needs to prevent falling back to non-Tor if the setting is active. A split tunnelling VPN mode also won't make a difference if it isn't taking your OS VPN slot. The app needs to make an effort to reject it.
Go to Amethyst and generate a new npub, turn off Tor in Orbot and enable Tor in Amethyst. It will still let you post even when it should refuse to connect. This is on the latest build of GrapheneOS. I also have recordings of me turning on Tor when I don't have Orbot installed and it allowing users to post.
nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z anyway someone can help? Would be open to trying to figure it out.
Does the post have relay icons when you post without Tor?
If your post has no icons is because you have no connection. Amethyst doesn't warn you when there's no connection.
Yes, there was multiple on each video. You can see them under the profile picture if that's what you mean.
Ok, I found 1 issue and I'll make a pull request to fix it
It wasn't recreating the http client when you turned the proxy on or off in amethyst so if you turned it on it was using the http client without the proxy until the app was killed
That's great! I haven't had time to check the issue so thank you for finding the root cause. When I am not busy I'll make sure to check it out.
Don't use GrapheneOS. Install DivestOS and allow Amethyst to use only VPN Data only.
Use Orbot Full VPN Mode.
GrapheneOS doesn't care about privacy. They force to use their servers to fingerprint users. It's walled garden, probably honeypot.
The cat-in-the-box theory, whether full or empty, depends on you. The goal is 5 million, but the choice between the full or empty box is yours.
Solana.....
5uiAkvrEBRP71snvPsQC9AV1qrTGkJGyEqrPeJ3mrmNt
