Took some tinkering to get everyone to play together:
Amethyst running internal tor, Citrine local and exposed onion service nostr relay, SimpleX to connect to my self hosted servers via proxy, Bitwarden to connect to Start9 via Orbot running in power user mode with Mullvad as VPN on new Graphene OS Pixel 6a
If you have a VPN why do you use tor with Amethyst?
Because Vitor worked so hard and I wanted to see how the internal tor worked
I always used tor with nostr, just manipulated my setup to see if it would play nice other ways.
It is good to not have to use orbot as VPN, connect for browser but still run orbot because I need it for bitwarden and simplex to connect to stsrt9 onion instances
Tor and VPN are two different things, this question doesn't make sense
It's like asking someone why they use the gas pedal in their car when it also has a brake pedal - why wouldn't you use both to have a useful car instead of a brick?
There are lots of takes on what makes good privacy. Some think tor makes you stand out and orbot has leaks. Many VPN are surely not doing what they say. I like to run onion instances so I use it. But I understand there is no perfect privacy. More interested in learning about how to use things.
If the point is to hide your IP from relays
then running your client through a VPN
and then through tor
(or vice versa)
is redundant and unnecessary.
maybe there are other reasons to do so
but thats the usual idea.
A VPN doesn't hide traffic from your ISP like a brake pedal doesn't make the car go fast
but it does tho.
and also thats really weird inaccurate simile.
I guess there are different ways to set up a VPN to hide traffic like there are with Tor but it seems more straightforward and reliable with Tor and most VPN users don't do it
Not to mention all the other tracking services like Google
the main difference is that a VPN is a trusted 3rd party
TOR Isnt (mostly)
so if you have reason to doubt your VPN
or are doing high risk activity,
definitely use tor.
but many people are betting that the mullvads and ivpns etc are secure.
not sure what you mean about configuration problems.
I just don't know how to configure a VPN to be hidden from the ISP, whereas in Tor browser (not sure about Android apps) it's easy
Why are you using Amethyst's internal tor engine instead of Orbot via SOCKS5 proxy?
Because I wanted to see if it worked. I have always ran Amethyst via Orbot. But this is reducing orbots usage a lot.
I was just curious. My concern with the internal tor engine is similar to my fear of using people's homegrown encryption. There's a lot of room for exploitation if it's not done right, and I'd rather use an established, audited solution. I worry about attack surfaces, and the potential for not getting it exactly right.
Many apps use internal tor engines. In this case it is tor behind a VPN. After reading about Orbot in the Graphene chats it made me want to focus in on better VPN and reducing the permissions in apps to bare minimum.
Tor can be slow & painful to demo to an orange pill prospect. I recommend you look into wireguard/tailscale. You'll get a *direct* encrypted connection between your devices.
"paranoid crypto anarchists" be like...
nostr:nevent1qvzqqqqqqypzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqqsfx9fkj9n8a5e074p23feuq0qx4lx0pzf2y4jxalmxwkd60hxp7qsl5t99d
😜
I now only have Citrine and Bitwarden apps selected in Orbot
Amethyst is internal tor
Amber is proxy
SimpleX is proxy
So that makes it really quite clean.
For Amber, are you talking about using a SOCKS5 proxy to Orbot?
Yeah, part of the setup in Amber
Removed citrine app from selected in orbot.
Only bitwarden appears to need to be selected now. It also seems to need to have orbot as VPN to add to it. Will probably switch to accessing vauktwarden directly over tor then.
That would mean Orbot would only need to be a proxy for Amber, SimpleX and the Citrine tor relay.
Oddbean new post about login | logout