Silk Road forums

Discussion => Security => Topic started by: VersacePandaEgg on August 16, 2013, 12:35 am

Title: Running Tails/Tor Browser on an Android Tablet
Post by: VersacePandaEgg on August 16, 2013, 12:35 am
Has anyone successfully been able to run Tails on an Android tablet? I recently obtained one and have been trying to figure out how to browse securely on it.
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: awhiteknight on August 16, 2013, 02:04 am
First root your tablet so you have real access to the network stack. Now install Orbot and grant it root access. The Tor browser is shit so grab a copy of Firefox and turn the secuirty settings up to 11 (always start in private browsing mode, don't remember anything etc etc). Set Firefox home page to check.torproject.org. In Orbot settings choose applications and select Firefox for transparent proxying. Reboot tablet, start Orbot, start Firefox.
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: ECC_ROT13 on August 16, 2013, 02:19 am
Mobile operating systems are the opposite of "amnesic", and it's damned near impossible to use them without leaving a trace.  Tails only boots on PC hardware (non UEFI PC hardware, from my experience).

On Android, Orbot is your best bet, but I wouldn't stake my life on my activities not being forensically recoverable on Android (or IOS, or...).

I have no clue how much data from an Android device gets sent back to Google, but it's at least some traffic.

I headed quite a ways down the anonymous Android path, and finally gave up.     Probably you could get close with something like a Nexus 7, paying cash for it, installing a self-built version of Cyanogenmod/etc, and never using Google Play or giving Google an idea who you were, using Orbot for all traffic.  And reimaging it nightly or the like.

But the show-stopper is Android's full disk encryption.  It's using dmcrypt (like most Linux FDE solutions), but by default it uses the lock PIN code as the key to the encryption.  That's a big problem.   At least on an IOS device (which I'm NOT recommending for anonymity, mind you), you have hardware encryption and the PIN is just protecting the keys to the storage encryption.

I'd love to hear about better ideas somebody has, because tablets are handy as hell. 
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: Hungry ghost on August 16, 2013, 07:11 am
First root your tablet so you have real access to the network stack. Now install Orbot and grant it root access. The Tor browser is shit so grab a copy of Firefox and turn the secuirty settings up to 11 (always start in private browsing mode, don't remember anything etc etc). Set Firefox home page to check.torproject.org. In Orbot settings choose applications and select Firefox for transparent proxying. Reboot tablet, start Orbot, start Firefox.

Do you mean orweb is shit for security or just not as featureful as Firefox?. I use it because I assumed a purpose built tor browser would be more secure. My tablet is rooted etc but I haven't really played around with transparent proxying.
       Orweb and orbot are both part of the guardian project to build a secure ROM for android devices. Last I heard the dev was making it UNrooted for security reasons (I'm thinking more exploits might be available on a rooted device)
       Using a modification called Multirom, (only available for a couple of devices) you can have a multi boot android device that can be booted into several different ROMs. You can also install some Linux distros, and boot from USB. I have Bodhi Linux alongside some android ROMs; can't get it to do much, I don't know if this is because the installation doesn't work properly with multirom, or more probably, because I know nearly fuck all about Linux. Got command line gpg working but that's about it. It doesn't seem to be able to 'see' any of the other files on my storage. When I had a dual boot Linux/windows xp box, you could browse the windows files from the Linux side. Anyway.....
       What I'm saying is it seems like in theory someone with the skills (not me) could get tails or liberte working on android devices. Its worth keeping an eye on the guardian project and multirom, to see if anything more useful develops
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: Psyche on August 16, 2013, 07:33 am

But the show-stopper is Android's full disk encryption.  It's using dmcrypt (like most Linux FDE solutions), but by default it uses the lock PIN code as the key to the encryption.  That's a big problem.   At least on an IOS device (which I'm NOT recommending for anonymity, mind you), you have hardware encryption and the PIN is just protecting the keys to the storage encryption.

I'd love to hear about better ideas somebody has, because tablets are handy as hell.
You can actually "fix" this design flaw if you're rooted.

First you set a simple pin, the one which you will be unlocking the phone with(unfortunately pattern or face unlocks don't work). Then you encrypt the phone normally, then you download EncPassChanger from the play store. Then give it root priviledge and change your encryption password to something more complex. Only use up to a 16 digit passcode for your encryption or it will fuck up big time and you'll have to factory reset(another design flaw). The EncPassChanger doesn't even try and stop you from using a passphrase larger than 16 characters either.
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: awhiteknight on August 16, 2013, 04:53 pm
Do you mean orweb is shit for security or just not as featureful as Firefox?. I use it because I assumed a purpose built tor browser would be more secure. My tablet is rooted etc but I haven't really played around with transparent proxying.

It may have changed recently but when I was messing with it I found it cumbersome, it didn't integrate into the OS well, navigation was clunky, multiple tabs were unsupported and so on. It was like someone just stuck WebKit in a window and left it at that.

Firefox is less secure, but it was actually useable when I tried it.
Title: Re: Running Tails/Tor Browser on an Android Tablet
Post by: mejulie2 on August 16, 2013, 05:58 pm
Mobile operating systems are the opposite of "amnesic", and it's damned near impossible to use them without leaving a trace.  Tails only boots on PC hardware (non UEFI PC hardware, from my experience).

On Android, Orbot is your best bet, but I wouldn't stake my life on my activities not being forensically recoverable on Android (or IOS, or...).

I have no clue how much data from an Android device gets sent back to Google, but it's at least some traffic.

I headed quite a ways down the anonymous Android path, and finally gave up.     Probably you could get close with something like a Nexus 7, paying cash for it, installing a self-built version of Cyanogenmod/etc, and never using Google Play or giving Google an idea who you were, using Orbot for all traffic.  And reimaging it nightly or the like.

But the show-stopper is Android's full disk encryption.  It's using dmcrypt (like most Linux FDE solutions), but by default it uses the lock PIN code as the key to the encryption.  That's a big problem.   At least on an IOS device (which I'm NOT recommending for anonymity, mind you), you have hardware encryption and the PIN is just protecting the keys to the storage encryption.

I'd love to hear about better ideas somebody has, because tablets are handy as hell.

android has its own implementation of dmcrypt which works kind of like iOS - the pin itself isnt the key but its used to encrypt the key which is used on the data itself
thats why you can root your tablet and change the password (which will actually take all alphanumerics and symbols except \ for some reason...) without reencrypting independently to your lock screen pin