2022-06-27, 16:00–16:30 (UTC), Team 9
Within one week we want to draft a mechanism that allows users to route their app traffic on Android either over tor or over openvpn.
Bitmask is VPN client based on OpenVPN and Pluggable Transports to route traffic. It currently integrates Tor and Snowflake to circumvent blocking attempts of the bootstrapping phase, when a VPN tunnel cannot be established yet.
We want to extend the existing tor functionality in Bitmask by allowing users to choose to either route traffic of a specific app over tor or over openvpn.
This brings several adavantages:
- users can choose between a high degree of anonymity or a faster connection
- users can always use tor and Snowflake as a backup, if circumventing censorship with openvpn + obfs4 fails
- users that use tor to protect their traffic against ISP's, Big Data companies or are connected to public wifis have a backup solution for apps using udp traffic like audio- and video-conferencing apps
We foresee different tasks and and related skill-sets:
- wireframing for the UI on Bitmask: we need a way to let the user choose which app should be routed over which transport (UX expertise)
- the implementation of that UI in Android (Java, Android SDK)
- the integration of go2tun or a similar lib to forward packets from an file descriptor (the tun interface) to the socks port of tor-android (golang, gomobile, Java)
- the integration of our existing packet parsing Java code used in onionmasq which checks the origin of a packet and maps it to an application ID (Java, Android SDK)
- extending the packet parsing Java code to either forward packets to the socks interface or to the file descriptor handled by openvpn
- in parallel: a rewrite for 4. and 5. in golang, which we can use in the future. This task requires some more work but shouldn't stop us from creating a prototype within a week (golang, preferred some network-level programming skills)
Let's do it!
- UX design
- Android app programming with Java
- porting go libraries to mobile architectures