The raw bandwidth on the other hand is usually pretty good (not great, but it's not intended for large downloads anyway as they tax the network...).
TOR is meant for the cases when anonymity trumps convenience.
Let me know if that's not the case and I’ll double-check my settings in iTunes Connect.
they require a backdoor?
According to the FAQ on iTunes Connect you need French export forms only if the app contains:
- any encryption algorithm that is yet to be standardized by
international standard bodies such as IEEE, IETF, ISO, ITU,
ETSI, 3GPP, TIA, etc. or not otherwise published; or
- standard (e.g., AES, DES, 3DES, RSA) encryption algorithm(s)
instead of or in addition to accessing or using the encryption
in Apple OSI had to install ccache before libssl would compile. Make sure you build libssl before libevent. In the icons folder is a install script to download the icons.
Otherwise compiles well. The anonymity of the .onion sites scares me. I have a very strong suspicion that one day SSL (i.e. symmetric encryption with no backdoor) will be illegal in many countries.
[1]: https://github.com/mtigas/iOS-OnionBrowser/blob/master/build... [2]: https://github.com/mtigas/iOS-OnionBrowser/commit/68a92f488b...
The content of a lot of .onion sites scares me. Definitely a higher concentration of crazy than I'm used to on the internet.
These corners of the internet aren't pretty but they play an important role within our society.
Edit: Also, the app in question is under MIT and the used libraries under various permissive licences (https://github.com/mtigas/iOS-OnionBrowser/blob/master/LICEN...).
Generally I don’t think this is (on the face) any worse than a regular third-party browser app: Other apps (games are a great example) are free to implement custom communication protocols and there are plenty of unsavory / underground / illicit websites on the regular internet. Tor has a lot of legitimate and illegitimate uses, but that can pretty much be said of web-based communication in general.
tar: Code/iOS-OnionBrowser/build/src: Not found in archive
I might have some dependencies that I’ve neglected to mention (since I use homebrew a ton) and I’m trying to nail down the build scripts to be a bit more portable.
I’m trying to nail this down, but it’ll likely take me some time to find a real fix.
One confusing thing I found is that, when I typed in "onion browser" into my iPhone's App Store Search field, three results came back. I found myself not really know which one was truly yours (yours was actually #2 search result). It would have been helpful if, in the screenshots on this page, you showed the logo. The logo is shown in the App Store so that would've made it a slam dunk, easy decision.
Getting around this entirely would require obfsproxy[1] which wouldn’t work on iOS the way I have it set up due to the inability to spawn sub processes. (Tor client, when configured to use obfsproxy bridges, has to spawn an obfsproxy process to handle the obfusctaed traffic.)
1) DNS query to YouTube cache server 2) GET request to Google's servers for /videoplayback
This seems isolated to the QuickTime player only. No other DNS queries or traffic appears to be visible. I suggest you warn users that video playback does not go through the tunnel.
https://opusmagnus.wordpress.com/2012/04/21/tormail-net-has-...
It supports bridges, and it will even let you run a relay and/or hidden service directly from your phone.
I've had this idea for a while now of building an SMS-like app that runs entirely over hidden services for users with Orbot installed. If I send you a message this way, nobody knows that you received one, that I sent one, or what the message contained, and it wouldn't require me to set up any server infrastructure as it would be entirely peer to peer over Tor.