18:59:28 #startmeeting TorVPN Core Android Components 1 March 2022 18:59:28 Meeting started Tue Mar 1 18:59:28 2022 UTC. The chair is sysrqb. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:59:28 Useful Commands: #action #agreed #help #info #idea #link #topic. 18:59:51 Hello! o/ anyone here? 18:59:58 o/ 19:00:12 Pad: https://pad.riseup.net/p/sponsor101-android-components 19:00:48 Please add any additional agenda items 19:01:38 o/ 19:03:52 Let's start, and others can catch up 19:04:22 The goal of today's meeting is evaluating the core components used in Orbot 19:04:55 as I said at the end of last meeting: 19:05:00 > next meeting I'd like to discuss each component that orbot is using currently 19:05:06 > and identity whether we need it in an arti-world 19:05:12 > in theory, Orbot and TorVPN should have almost identitical internals 19:05:20 > and I'd like to begin discussing what those internals are 19:05:28 > and, along with that, whether any components can be shared with other platforms 19:05:42 > i don't know if any of the current components should be used/reused 19:06:02 I don't see any other agenda items 19:06:25 none from here! 19:06:40 I don't have either 19:06:42 does anyone have any thoughts on this topic, before I begin going through the list of components? 19:07:00 noep 19:07:15 go ahead :) 19:07:21 alright 19:07:45 I listed the components on the pad - copied from the google doc 19:08:30 the "Orbot Controller UI" is likely the primary component that will remain different between the TorVPN and Orbot 19:09:01 orbot will have more experiemental UI/UX, and that will be under Guardian Project 19:09:04 's control 19:09:37 OrbotService is interesting because Tor Browser is using a fork of this project 19:10:29 My experience with the fork leads me to believe we should abandon it and support/develop OrbotService instead 19:10:56 sounds reasonable! 19:10:59 the fork we're using has this design: https://github.com/sisbell/tor-android-service/wiki/Architecture 19:11:28 it is signficantly more complicated than OrbotService because OrbotService is more self-contained 19:12:55 I'm under the impression that Guardian Project are willing to let "us" (applications team) take over responsibility for OrbotService 19:12:57 would adopting OrbotService mean elminating the dependency on the "Tor Onion Proxy Library" .aar? 19:13:07 but we need to verify that and have a conversation with them 19:13:14 aguestuser: yes, that's correct 19:14:03 cool. :) (keep going! :)) 19:15:12 I believe we need something like OrbotService in the arti-future 19:16:04 so the real question is about how we adapt OrbotService for arti 19:16:27 OrbotService *is* the interface between "tor" and the app 19:16:46 sound reasonable? 19:16:55 *does that sound reasonable? 19:17:10 yup 19:17:20 great 19:17:26 Do you mean it provides an API on top of the control protocol? 19:18:03 yes 19:19:02 it provides the Android/Java API used by the app 19:19:17 okay, however I'm not sure we have decided something about how the app communication should happen 19:19:42 but I don't remember in which meeting we talked about this topic 19:19:49 but as a first approximation, it makes sense 19:20:11 because we can say we keep the same API/update the existing service for the new communication thing 19:20:21 there was a separate discussion in https://pad.riseup.net/p/ARTI_Interfaces-keep 19:20:26 related to this topic 19:21:05 but OrbotService may simply become the Android wrapper interface that is needed for apps 19:22:18 i see OrbotService as being the single go-to library for integrating tor 19:22:28 yes, that makes sense 19:22:33 and that seems useful with arti, as well 19:24:07 The next component is Tor-Android 19:24:14 https://github.com/guardianproject/tor-android 19:24:48 i'm not certain we need this component in the future with arti 19:25:10 but it could be adapted for arti, instead of c-tor 19:25:38 if OrbotService communicates with arti, what would the purpose of Tor-Android become? 19:26:03 or would it only remain relevant in a scenario in which OrbotService did *not* communicate w/ arti? 19:28:03 that's a good question 19:28:29 the situation is a little complicated because Tor-Android provides part of the Java API for communicating with tor 19:28:34 https://github.com/guardianproject/tor-android/blob/master/tor-android-binary/src/main/java/org/torproject/jni/TorService.java 19:29:14 (communicating/controlling) 19:29:18 ^-- i recognize that class! 19:30:04 as we go through this process we should consider merging Tor-Android's functionality with OrbotService 19:30:33 there may be an argument for keeping them separate 19:31:10 okay. so that seems like a useful "open question" to flag? 19:31:18 yes 19:31:23 (i'm taking notes on the pad) 19:31:25 like we'd prefer to migrate the full Java API for talking to Tor (via arti) into OrbotService 19:31:37 but we'd like to perk up our eyes for reasons not to 19:31:42 as we explore the code bases more 19:32:21 what might "good reasons not to merge into OrbotService" look like? 19:33:00 some apps only want to inegrate arti without OrbotService's additional bloat? 19:33:05 *integrate 19:33:32 in, more simply, an app only wants to integrate arti with a minimal controller API 19:33:32 but then why would they reimplement only part of the wheel? 19:34:19 i don't know, but these things happen 19:34:31 we could say we don't support that 19:34:54 or... there is some unforseen architectural reason why it is not simple to move the subset of functionality from Tor-Android into OrbotService (unforseen coupling/cohesion issues... something like that?) 19:35:00 but we should understand if there are existing reasons for it 19:35:21 yes, that seems wise! why did GP have these as 2 separate packages in the first place? 19:36:10 i believe ther isn't a good reason now, but I'm not certain 19:36:21 fortunately we know them! ;) 19:36:49 indeed 19:37:01 (i hear they make gr8 coffee? ;)) 19:37:12 and gifts 19:37:17 :) 19:37:17 anyway. 19:37:25 19:37:49 Tun2Socks/Leaf. the network team's experimenting with a different/better solution 19:38:04 oh last thing on Tor-Android -- might be worth some hunt for "first things we'd liek to move"? 19:38:29 working through an example class or two (even as a thought experiment) might help us estimate scope of moving whole thing? 19:39:08 hm. yes, we could do that 19:39:21 (you might not need to. i might find it helpful.) 19:39:31 (as a terrain-learning exercise.) 19:39:35 there are three main components. 1) embed tor, 2) configure tor, 3) control tor 19:39:44 but one reason not to move it might be "too much work!" 19:39:55 we need experience with (1) for arti 19:40:01 if we poked at a few classes, we could validate the assumption "not too much work" without doing all the work yet 19:40:15 and (2) and (3) are works in progress in terms of defining that interface 19:40:35 so the "thought experiment" would be highly conjectural? 19:40:42 thinking about lots of things that don't exist yet? 19:41:06 yeah 19:41:15 at this moment 19:41:31 could we produce useful requirements for people working on (2) and (3) by thinking about what we need to migrate? 19:41:32 we should begin understanding how to accomplish (1) 19:41:40 +1 19:41:45 and i believe LEAP may be looking at that, already 19:41:57 by "that" you mean 1? 19:42:00 (1)? 19:42:17 for (2) and (3), yes, we should be in the meetings where that is being discussed :) 19:42:32 and by "looking at that" you mean the onionmasq project cyberta and ahf are working on? 19:42:34 (1) is building and embedding arti in a library 19:42:42 yes 19:42:49 kk 19:43:05 plus some other additional testing apps they're working on 19:44:04 good? 19:44:14 yup. just trying to capture that in pad 19:44:29 i see, okay 19:46:33 I believe we can consider Tun2Socks/Leaf as obsolete 19:46:50 and arti will provide most of that capability 19:47:24 Next: NetCipher 19:48:05 This is an interestinf component because it relates to how multiple apps may control (start/stop) tor 19:49:13 when TorVPN/Orbot is installed, we may want to give tor-aware apps an ability to communicate/interact/control tor 19:50:08 we should investigate which functionality should be available and whether that should be a separate component 19:51:45 does that sound reasonable? 19:53:46 yes 19:54:11 okay, let's stop here and pick up at the next meeting 19:54:13 noting that the netcipher lib also does lots of network hardening 19:54:22 * sysrqb has another meeting in ~5 minutes 19:54:33 cool1 19:54:37 okay, thanks! 19:54:39 yep 19:54:44 o/ 19:54:48 o/ 19:54:49 okay, thanks PieroV aguestuser ! 19:54:57 have a good night 19:54:58 o/ 19:55:03 #endmeeting