-------- Original Message -------- Subject: [guardian-dev] Orfox is the new Orweb Date: Thu, 05 Dec 2013 12:02:20 -0500 From: Nathan of Guardian <[email protected]> To: Guardian Dev <[email protected]>
Google has broken WebView for us again with Android 4.4, and there is no easy out. We can't enable proxying by reflection, intent, or any of the many other methods I have tried. It may still be possible via JNI to the native libwebviewchromium.so, but I haven't quite got there yet. In the meantime, I am much more excited about Mozilla's new effort to make a reusable Android component out of Gecko, and we have a new project based on that. It solves many other problems that Orweb/Webview/Webkit had as well, and puts us on the path towards a full Tor Browser equiv on Android. There is still a great deal of testing to do, and little bit more UI work, but I hope to have something out in alpha shortly for all the Android 4.4 users without a solution (other than rooting/transproxy) for Tor-based browsing right now. ***** Orfox project **** This project was originally based upon the geckobrowser sample (https://github.com/mfinkle/geckobrowser) and the Orweb browser project from Guardian Project. It is basically feature complete (and MORE) with Orweb, but without any preference screen yet! Project tracker: https://dev.guardianproject.info/projects/orweb Nightly builds: https://guardianproject.info/builds/Orfox/ Here are the privacy-enhancing preferences that are on by default: Match Tor Browser "generic" user-agent: setUserAgent("Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20100101 Firefox/17.0","en-us,en;q=0.5"); Turn on proxying to local Tor / Orbot proxying by default: PrefsHelper.setPref("network.proxy.type",1); //manual proxy settings PrefsHelper.setPref("network.proxy.http","localhost"); //manual proxy settings PrefsHelper.setPref("network.proxy.http_port",8118); //manual proxy settings PrefsHelper.setPref("network.proxy.socks","localhost"); //manual proxy settings PrefsHelper.setPref("network.proxy.socks_port",9050); //manual proxy settings PrefsHelper.setPref("network.proxy.socks_version",5); //manual proxy settings Disable dish cacheing: PrefsHelper.setPref("browser.cache.disk.enable",false); PrefsHelper.setPref("browser.cache.memory.enable",true); PrefsHelper.setPref("browser.cache.disk.capacity",0); Ensure data is cleared on shutdown: PrefsHelper.setPref("privacy.clearOnShutdown.cache",true); PrefsHelper.setPref("privacy.clearOnShutdown.cookies",true); PrefsHelper.setPref("privacy.clearOnShutdown.downloads",true); PrefsHelper.setPref("privacy.clearOnShutdown.formdata",true); PrefsHelper.setPref("privacy.clearOnShutdown.history",true); PrefsHelper.setPref("privacy.clearOnShutdown.offlineApps",true); PrefsHelper.setPref("privacy.clearOnShutdown.passwords",true); PrefsHelper.setPref("privacy.clearOnShutdown.sessions",true); PrefsHelper.setPref("privacy.clearOnShutdown.siteSettings",true); Do Not Track! PrefsHelper.setPref("privacy.donottrackheader.enabled",false); PrefsHelper.setPref("privacy.donottrackheader.value",1); Disable 3rd party cookies: PrefsHelper.setPref("network.cookie.cookieBehavior", 1); Don't send a referrer: PrefsHelper.setPref("network.http.sendRefererHeader", 0); Make sure certificates are up-to-date: PrefsHelper.setPref("security.OCSP.require", true); PrefsHelper.setPref("security.checkloaduri",true); Don't display mixed content (i.e. not secure content on a secure page) PrefsHelper.setPref("security.mixed_content.block_display_content", true); Disable peer-to-peer WebRTC leak: PrefsHelper.setPref("media.peerconnection.enabled",false); //webrtc disabled Disable ciphersuites that are not safe: //disable rc4 PrefsHelper.setPref("security.ssl3.ecdh_ecdsa_rc4_128_sha",false); PrefsHelper.setPref("security.ssl3.ecdh_rsa_rc4_128_sha",false); PrefsHelper.setPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha",false); PrefsHelper.setPref("security.ssl3.ecdhe_rsa_rc4_128_sha",false); PrefsHelper.setPref("security.ssl3.rsa_rc4_128_md5",false); PrefsHelper.setPref("security.ssl3.rsa_rc4_128_sha",false); ****** GeckoView assets and libraries from [here](http://ftp.mozilla.org/pub/mozilla.org/mobile/nightly/latest-mozilla-central-android/). You want the geckoview_library.zip and geckoview_assets.zip files. _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/nathan%40guardianproject.info You are subscribed as: [email protected] -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
