Closed
Bug 1358039
Opened 7 years ago
Closed 7 years ago
Add an option in Fennec's Setting/Advanced/Experiment Features to connect to Orbot
Categories
(Firefox for Android Graveyard :: Settings and Preferences, enhancement, P1)
Firefox for Android Graveyard
Settings and Preferences
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jhao, Assigned: jhao)
References
Details
(Whiteboard: [tor-mobile])
We need an option in Fennec's setting for the users to connect to Orbot. We'll use the NetCipher library [1] to detect whether Orbot is installed and show the option at Advanced > Experiment Features. When the option is turned on, we should set all the relevant prefs, as in bug 1337647. [1]: https://github.com/guardianproject/NetCipher
|
||
Updated•7 years ago
|
Priority: -- → P1
|
Assignee | |
Comment 1•7 years ago
|
||
In my prototype in bug 1337647, I just copied the two files I need in NetCipher into the patch for convenience. Hi Tim, What do we do in Fennec code when we need to call an external library like this?
|
|
Assignee | |
Updated•7 years ago
|
Flags: needinfo?(timdream)
|
|
||
Updated•7 years ago
|
Assignee: nobody → jhao
Component: General → Settings and Preferences
|
|
||
Updated•7 years ago
|
Whiteboard: [tor-mobile]
|
||
Updated•7 years ago
|
Flags: needinfo?(timdream) → needinfo?(max)
|
|
Assignee | |
Comment 2•7 years ago
|
||
I've talked with Max. To detect if Orbot is installed, we don't have to import the NetCipher library yet. We can call getPackageInfo and catch the exception if the package name doesn't exist. That's actually what NetCipher does now. Moreover, Max suggested us to check the package's public key because there might be malicious apps pretending to be Orbot.
Flags: needinfo?(max)
|
|
Assignee | |
Comment 3•7 years ago
|
||
Max also pointed out that we can't be sure whether we're giving our network traffic to Orbot or other malicious apps if we blindly set the proxy port to 8118 like Orfox does. We could be sending our traffic to some malicious app pretending to be Orbot. We should do something to ensure that the proxy is indeed Orbot.
|
||
Comment 4•7 years ago
|
||
Hi Jonathan, Just a few notes, * Check the signkey of target app: Orbot. http://stackoverflow.com/questions/5578871/how-to-get-apk-signing-signature * ActivityStreamPreference https://dxr.mozilla.org/mozilla-central/source/mobile/android/base/java/org/mozilla/gecko/activitystream/ActivityStreamPreference.java * Android Security Tips #IPC https://developer.android.com/training/articles/security-tips.html#IPC Feel free to ask any question. :)
|
|
||
Comment 5•7 years ago
|
||
We don't need to do this bug due to design change.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
|
||
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•