{{Header}} {{#seo: |description=Development considerations on using {{project_name_long}} to provide a Torified Wi-Fi Hotspot or Torified VPN server. }} {{intro| Development considerations on using {{project_name_long}} to provide a Torified Wi-Fi Hotspot or Torified VPN server. }} = Reputational Considerations = * For now {{project_name_short}} has a simple design and great reputation. At time of writing, no clearnet IP leak found ever. See [[Whonix against Real Attacks|{{project_name_short}} Protection against Real World Attacks]]. * If that gets mixed with android-anyting, the quality if leak protection could be lower due to issues causes on the Android, not {{project_name_short}} side. = Torified WiFi Hotspot = Even if a WiFi USB stick was added to {{project_name_workstation_long}}... Possible causes for clearnet leaks on the Android side: * The WiFi could go off / out of range. Then the device might jump to an untorified open WiFi. * Users might turn off WiFi off while forgetting to keep mobile network (clearnet) turned off. * madaidan:
The mobile device wouldn't be isolated from local networks though. Nothing stops it from bruteforcing your neighbour's WiFi and deanonymizing you that way. Unlike in a {{project_name_short}} workstation VM, where it can't access those.
* Adding all the security challenges of WiFi. ** A 1) insecure WiFi + TLS is less of a problem than 2) insecure WiFi connection to Whonix-Gateway which would be even more of an issue. 1) could still be OK because TLS secures the contents of the connection. But 2) could be used to de-anonymize the user. * Using a stock android device once non-anonymously, then routing all traffic over Tor would not be as anonymous as expected due to [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxyLeaks TransparentProxyLeaks]. ** TransparentProxyLeaks are not an issue in the usual {{project_name_short}}, {{project_name_gateway_long}} + {{project_name_workstation_short}} design. Mixing {{project_name_gateway_long}} with stock android gives the developers of {{project_name_short}} a lot less design abilities. Similar to [[Other Operating Systems|using {{project_name_short}} with other operating systems, {{project_name_customworkstation_long}}]], see [[Other_Operating_Systems#Security_Comparison:_Whonix-Download-Workstation_vs._Whonix-Custom-Workstation|security comparison]]. forum discussion: https://forums.whonix.org/t/whonix-gateway-whonix-workstation-torified-wi-fi-hotspot/4751 = Using VPN = A VPN tunnel from Android to {{project_name_gateway_short}} or {{project_name_workstation_short}}. Many Android phones do not have a fail closed mechanism. When the VPN connection gets interrupted, device continues to connect without VPN. = Related = * [[Dev/DHCP]] {{Footer}} [[Category:Design]]