4

I want to set my phone up in such a way that it won't connect to the internet before Tor (Orbot) has established a connection. How do I do that?

Morphior
  • 41
  • 1
  • 2

5 Answers5

3

Stopping android from connecting to the internet/disabling wifi/disabling wifi module/disabling auto connect unless Orbot is up isn't trivial. It would probably need modifications to the ROM/kernel itself. You can use firewall rules and set them to block every connection besides TOR. It would still try to connect to the internet when Orbot is off but it wont succeed. Its much easier and works no matter what your internet source is (carrier or wifi), plus you can turn firewall rules off if you want.
EDIT: You can also use androids built in VPN option to route everything trough TOR. In that case if Orbot is off it will still try to connect to the VPN and fail therefore you want have internet.

Mark
  • 71
  • 1
  • 6
2

There is some prior art in this field, however there is always an implicit Caveat Emptor when doing novel things.

The "OrWall" android application is intended to create a 'fail-closed' scenario, however it doesn't appear to be actively developed anymore.

It installs an init script that blocks outbound traffic with the intent that it stops applications making outbound connections before OrWall can start and set their profiles for what kind of connections are permitted for the app: https://github.com/EthACKdotOrg/orWall/blob/dd381cbfa5b3cea046dc1e00948a0cf8e0afbc26/app/src/main/res/raw/userinit.sh

It requires root, it will conflict with other apps that manage iptables settings (e.g. OrBot's own "TransProxy" mode) and it may be possible for traffic to leak before the init script is executed.

cacahuatl
  • 11,047
  • 2
  • 17
  • 39
1

Impossible unless Tor is fully incorporated into AOSP firmware when compiled by hand. How to check: use wireshark or just a tcpdump on a wlan0 interface of your hostapd software AP. During bootup some apps are able to make a quirk before Orbot is started, see for yourself.

Alexey Vesnin
  • 6,385
  • 3
  • 15
  • 36
0

It seems that tor automatically do that when you check
Request root ☑ Transparent proxying ☑ Tor everything ☑

(requires root)

Eng Fares
  • 101
0

Thats not entirely possible but you could turn on the option to start tor automatically on boot. That will start tor automatically when you boot your device.

Dark Droid
  • 11
  • 2