Mobile: Encrypting All Internet Traffic

This is one of many articles in a series I’m writing to cover end-to-end encryption for everything…

Encrypt All The Things! [A Guide]

you do in your digital life.  I’ll cover encrypting specific types of …internet traffic (like E-Mail, Web sites, etc…) in other articles.

For a primer on encryption, please read my article “Understanding Encryption”…

Understanding Encryption

…as it teaches VERY IMPORTANT concepts that you need to know before moving forward here.

This works for rooted AND unrooted phones.

Big Disclaimer

Before going any further, let’s make one thing perfectly clear on THIS particular encryption.  This does NOT make all your internet traffic encrypted from your phone all the way to the final destination!

So… What does it do then?

This will encrypt your connection from your phone through and past your ISP.  It protects you from your ISP and anyone snooping on  your local end of the network.  This is great for when you need to use public wifi.  Scammers running a free wifi node will NOT be able to see your data NOR will they know where on the internet you’re going.

So… What does it NOT do?

Excellent question!  Let’s say you’re browsing a website that’s NOT encrypted (like this page you’re on right now)… Under normal circumstances, anyone snooping your network traffic ANYWHERE on the internet… from your local connection all the way to the connection on my end at my website, can see:

  • Your IP address.
  • The URL you’re wanting to visit.
  • Anything you type on my search page.
  • The contents of the pages my website sends back to you.
  • In short, everything is visible and in the clear.

Using the techniques in this article, you’ll be on an encrypted connection from your phone, through and past your ISP to some random computer on the TOR network, to a couple MORE computers on the TOR network, till your connection finally exits the TOR network and gets back on the regular internet, possibly in another country.  From THERE, your connection from THAT computer to my website is entirely unencrypted.

So… Why use TOR then?

To hide your network activity from your ISP, your cell phone provider network, your employer’s wifi, your local government(s) (including the NSA and GCHQ (the British NSA)), and anyone else snooping on the network near your end of the connection.  It will also hide your IP address from the websites you’re visiting.  You can make yourself appear to be in just about any country you choose.

Will this guarantee no one can see what I’m doing online?

LOL!  You’re cute when you’re innocent.  Of course not.  NOTHING is 100% safe on the internet, but it’s pretty darn strong protection and causes even the NSA headaches.  Someone with lots of resources would have to be specifically targeting you and it would be very difficult for them, even then.  You’re reasonably safe even against the NSA, but not totally.

What does it encrypt?

Note that this is a method to obfuscate ALL your internet traffic from your Android device, not just web browsing, but everything, including traffic to and from the Google Play Store, Google searches, game communication.  Again, it will NOT encrypt an unencypted connection.  It will encrypt all steps of the connection up to the exit node (see “How does it work?” below).

How does it work?

There are thousands of computers all around the world volunteering to be part of the TOR (The Onion Router) network.  When you connect to the TOR network, you’re randomly choosing an entry node computer somewhere in the world.  That computer then forwards your traffic to another, randomly chosen computer somewhere else in the world, which then forwards you to yet another computer on TOR somewhere else in the world, which then forwards you to a randomly selected TOR “exit node” computer… a computer on TOR whose purpose is to act as a fake YOU to the sites you visit.  It’s THAT computer’s IP address that your sites will see.

All traffic between you and all the TOR computers that your traffic passes through is encrypted.  The TOR computers do not know of your entire connection path through all the TOR computers you’re connecting through.  ONLY your own device knows that.  This is to prevent malicious adversaries from trying to reverse trace where you are.

Doesn’t this slow my connection down?

You betcha!  Yes.  Yes it does.  You do NOT want to do this for a first person shooter game.  YOU WILL LOSE!

Step by step instructions (FINALLY!)

If you’re device is NOT rooted, you’re going to change your Proxy address to “localhost” and your port to 8118 after you download and install Orbot. Below the installation steps are steps on doing that below:

  1. Download the app “Orbot” from the Google Play store.Screenshot_20160404-165041
  2. Optionally, you may want to ALSO install “Orfox”, a browser made to work on the TOR network.  It’s a modified version of the FireFox browser.  It works in tandem with Orbot.  But any browser will work.
    1. Screenshot_20160404-165051
  3. Launch the Orbot app.
    1. Screenshot_20160404-165126
  4. Long press on the screen to start Orbot.
    1. Screenshot_20160404-165118
  5. If you want to appear to be from a specific country, tap the drop down control in the bottom right of the screen and choose your desired country.
    1. Screenshot_20160404-165145
  6. If your device is rooted, skip the following steps about configuring your wifi connection and go directly to step #11.
  7. If your device is NOT rooted, it requires a little more work.  Steps 7-9 will need to be completed every time you connect to TOR.  Go to Settings->Wifi and long press on your wifi connection that you’re connected to and select “Manage network settings”.Screenshot_20160404-165310 BLURRED
  8. Now check the box “Show advanced options”
    1. Screenshot_20160404-165317 BLURRED
  9. Change your Proxy to “Manual”.
    1. Screenshot_20160404-165332 BLURRED
  10. Change your Proxy Host Name to localhost and your Proxy port to 8118 and tap “SAVE”.
    1. Screenshot_20160404-165404 BLURRED
  11. If everything worked (and it doesn’t always), you should have a secure connection on the TOR network now.  Open OrBot and click the “Browser” button on the lower left.Screenshot_20160404-165118
  12. If you have OrFox installed, it should open OrFox and load a page that tests.  It will tell you if you’re on a safe Tor connection.  If you don’t have OrFox installed, it’ll launch your default browser and do the same thing.  Here are 2 screenshots, one of OrFox and one of Chrome:

Screenshot_20160404-165205Screenshot_20160404-165422

If it didn’t work, you’ll see a page like this:

Screenshot_20160404-165246 BLURRED

If you see the “sorry” page, launch Orbot, then open its menu and choose “Exit”, then go to step #3 and try again.  There’s no guarantee that this will work all the time.  Some days it works.  Some days it doesn’t.

image

How to end TOR and go back to NORMAL networking

  1. Open the Orbot app, long press, and Orbot will end the TOR connection.  The onion icon will become gray.
  2. Open the menu in the Orbot app and choose “Exit”.
  3. Fix your wifi proxy back… Settings->Wifi.
  4. Long press your wifi network and choose “Manage network settings.
  5. Click the check box “Show advanced options”.
  6. Change “Proxy” back to “None”.
  7. Tap save.

You should now have a normal network connection again.  As a last resort, simply reboot your device if networking fails to restore to normal.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.