What do you mean exactly?

I would personally use Firefox and route the whole traffic through Tor.
You can either do it on Librem 5 or on your router.

The reason behind is that at the moment getting a well working browser on Librem 5 is not easy in the first place. So taking complicated paths and insisting on a particular browser will only lead to a bad browsing experience like you had with Tor in Anbox.

Apart from that I think that for the Tor project it makes sense to release an official and responsive version for Librem 5, PinePhone and Raspberry Pi.
At the end of the day such devices are used precisely by people interested in Tor.

Looked into this some more in spare time:

Attempt 4: Armhf Tor Browser

I found a fork with armhf support, and after patching a few things I was able to successfully build the browser. I tried adding armhf multiarch support, installed a few libraries from the package repo, but run into package conflicts unfortunately.

Anyone have ideas? It’s unfortunate that I can’t get this working, these phones are excellent for privacy and security with the physical switches, but without Tor Browser the fingerprint when browsing will stand out.

How does for browser get around fingerprinting?

The Tor Browser adds a lot of patches to firefox that make fingerprint across all Tor Browser user look nearly identical. Many browser APIs are blocked (such as API’s attempting to access hardware), the window is letterboxed, fonts are the same, User-Agent and headers are the same, etc. On safest mode, it is extremely difficult to tell one Tor Browser user apart from another. Here is their fingerprint design docs.

https://2019.www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability

Yes. I found: https://forums.whonix.org/t/arm64-tor-browser-maintainer/11786 and that led to https://sourceforge.net/projects/tor-browser-ports/ (unofficial but some good indicators of reliability). It has arm64 [see “files” tab for folders] and it worked like a charm - just like with a normal desktop! I have right now a FF ESR open that shows where I really am AND simultaneously Tor browser showing someplace else

Let me repeat that: Tor Browser is available for L5! Works pretty much like the normal ESR version.

[edit to add: I’ve only tested it a few minutes but seems latest 11.5.1 seems a tad unstable - died on me unexpectedly]

Hmmm. Maybe this should be standard Firefox functionality. I shouldn’t need to use TOR in order to defeat fingerprinting.

very interesting, thanks for sharing! I wonder why ARM support hasn’t been upstreamed yet if armhf and arm64 tor browser 11.5 can be built

Not necessarily disagreeing with you but it’s not a FF thing as unique identifiers are in every browser. Even TOR has some, but it’s much smaller and obfuscated. Take a look at https://panopticlick.eff.org/

OK, I’m wondering what the differences are between

running FF with resistFingerprinting set to true (as I have)

and

the patches that Tor Browser uses.

I don’t think that web site works properly if you have already set resistFingerprinting.

For example: let’s say that that setting generates a random syntactically valid but otherwise bogus UserAgent each time you start the browser (it doesn’t but this is a thought experiment). On the one hand, your browser would always be unique among all browsers sampled by that web site in the last X days (and would be reported as giving 17 bits of fingerprint or so). On the other hand, UserAgent under those circumstances would be somewhat useless for fingerprinting or tracking.

So there are two diametrically opposed approaches.

1. Utterly uniform and standardised results for all browsers of users who care about this - so very limited uniqueness, few bits of fingerprint.
2. Randomised settings for all things that can be sampled for fingerprinting, potentially randomised every X minutes or even between connection requests - so a high degree of uniquness, high number of bits of fingerprint - but useless for fingerprinting or tracking.

Personally, I find it galling, and ironic, that my decision to set DNT contributes 1.15 bits to my fingerprint.

Before anyone goes off tangent on the Tor browser, virtual private networks (VPNs), and I2P, all of these services may require a host as a mask or proxy to cover tracks of ip address. Regardless, one must entrust that host to uphold the value of the proxy role. Since the client might not know which host to connect to (at least for the Tor proxy network), it risks surveillance and sabotage. Wikipedia records state that Tor proxy services had undergone a history of cyber attacks. This fact is something not to be ignored. Then after, you can worry about the risks of visiting .onion sites. Still, I don’t know why PureOS would want to engage with such risks in the first place.

VPNs might allow a preview of manual host selection, but one cannot verify the safety of such proxies. Anti-malware sites like virustotal.com would work in picking up any past records associated with the ip address in question. Still, some services like Tor does not allow manual selection for the matter of safety. That is when things get dicey. I rather prefer a virustotal.com search engine/proxy/vpn, redirecting any site navigation to a scan results page with normal method to site navigation.

I don’t know much about i2p, but I just assume that it is a Tor alternative.

Below are links to arbitrary claims of the Tor proxy network vulnerabilities. Yes, these are just claims without proven facts and evidence. Still, these claims exist as an insight.

This thread could be marked solved (@mako ) and the “Security of Tor” or “Benefits of Tor” whatever could start a new thread in General Security area

Oops…

All networks, by their very nature, are risky, and should be treated as adversarial if you want to maximize your security (hence why firewalls are used). If you’re using wifi, the router and every other hop needed to get packets from source to destination and back could also be used for surveillance and sabotage. Many DNS requests are unencrypted. In these cases the DNS provider could redirect all your queries to malware domains.

A lot of criticisms about Tor are actually just criticisms about networks in general, and aren’t specific to Tor.

I2P is like Tor, but using a different model for routing traffic. At a high level, in Tor you connect to relays that route traffic. In I2P, everyone using the network is also a relay that routes traffic. Some argue that I2P is a better model since it potentially allows for more relays.

Technically there is a difference between whether the DNS request/response is encrypted and whether the DNS response is cryptographically authentic (signed). The latter will solve the issue of malicious directing of your queries, while not providing any privacy (confidentiality) such as you get from the former.

As I understand it, you can get the latter with (what is now) vanilla DNS (via DNSSEC) but in order to get encryption you would need to use, for example, DNS-over-TLS (DoT) or DNS-over-HTTPS (DoH).

Confidentiality of DNS requests is often not considered a high priority because if you immediately follow the DNS request with a (secure or insecure) connection request to the resulting IP address then you are leaking information about that DNS request anyway.

Obviously technologies like TOR muddy the waters in the claim in the previous paragraph.

It doesn’t fit the screen well. Have you found a way to make it fit fit normal use?

For me, it’s usable but you can try Mobile Settings (phoch-mobile-settings), after starting torbrowser first, as there are a couple of additional settings. See/ask: Tutorial: Create Shortcuts to Scale Display Up/Down

Since the unofficial repo for TorBrowser on arm stopped last year, it seems there have been new developments on the official side. I discovered that there are already official nightly builds of TORbrowser and Mulvad for linux aarch/arm64 available .debs by TOR Project - even if they are not made available at the download pages (yet?). Take a look: Index of /nightly-builds/tor-browser-builds

A method you could use is ToR browser through Waydroid

A lot more extra overhead doing that. Carburator would be easier [NOTE: this only affects your IP, not the browser identity/fingerprinting], if you don’t want to use the originals from TOR Browser nightlies. [Btw. tested, the (todays nightly, at least) aach64 .dep works for L5, as expected]