Hi there, the usage instructions for Tor on Android at https://www.torproject.org/docs/android.html.en are unsafe for Firefox users.
Firefox on Android downloads favicons without respecting proxy preferences. See here: https://bugzilla.mozilla.org/show_bug.cgi?id=507641#c12 Hence, manual proxy configuration of Firefox (via about:config or add-ons such as Proxy Mobile) fails to tunnel browser traffic through Tor: The bulk of the traffic goes through Tor but Android issues GET requests for favicons with the real IP address. (I tried different configurations of Orbot and Firefox. Also “Tor Everything” fails, both with HTTP proxy at port 8118 and SOCKS proxy at 9050.) As a side remark: The favicon code seems to cache the image. So, if you aim to reproduce this issue and try to capture unanonymized GET requests on the wire, be sure to visit web pages from previously unseen domains. E.g., different languages of wikipedia.org such as http://als.wikipedia.org/ might be suitable. My current attempt for Firefox with Orbot is to configure localhost, port 8118 as system HTTP proxy (long press Wi-Fi connection -> Modify network -> Show advances options). Then, in Firefox verify via about:config that network.proxy.type is set to 5, which should be the default and lets Firefox use the system proxy, which is also used to fetch favicons. Probably, there are more pitfalls. Any suggestions? Best wishes Jens -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
