Orbot with Netguard

Hi ,so im using orbot (vpn not on ) with netguard on . , ive done Settings → Advanced →
SOCKS5 address input: 127.0.0.1
SOCKS5 port input: 9050 and did
uncheck “Apply rules and conditions” for Orbot. And
enabled “Manage system apps” in Netguard. I checked whats my ip address and it revealed nothing about my ip address so that was good . I checked it on browserleaks.Com it didnt reveal my real ip address , but it did reveal my public isp network provider ip address . Is that normal ? Is there anyway to not reveal this ? It didnt show anything on whats my ip address. If u can help id appreciate it ,thanks .

In what category? Webrtc?

When using Tor… you need to be careful to use apps that don’t leak your real IP by other means.

Eg. For browsing, use Tor Browser directly and not RandomBrowser+Netguard+Orbot.

2 Likes

Hi there, at the top of"browserleaks, whats my ip address " page, it shows a completly different ip address in another country ,so that seems good yes ? As i scroll down, under webrtc leak test , next to public ip address, it shows my isp address ! . I was unsure what to use tor for . Is it ok with emailing ,banking ,ect,. I noticed when using orbot + netguard i got emails alerting security leaks so they stopped access to inbox until you go in and varify your details again , lot of hassle really. Should i use tor browser for banking ,emailing , purchasing ,normal everything stuff.
Really looking for simplest way to stay private n secure, without issues.
Thanks for your help.

Depends on your threat model… it’s a problem if the bank/email provider/shop knows your IP?

I think i understand they may already have it . Thanks

browserleaks dot com

Isn’t it great when a site like this includes google analytics. :frowning:

I’m not the only one who copy/pasta’s such links to stop Discourse from counting my “click” and stop them from getting a referrer (if not already blocked). :smiley:

I begin to dislike the “threat” model term, because “threat” implies doing harm, causing pain, punishment, danger, probably illegal, and the term is forumulated by computer “service” provider companies, who have a different point of view than individuals. Built into this concept is the idea these companies are not a “threat” when they violate individuals’ privacy to protect against “threats”. “Threat” model may apply to individuals, yes, but:

"Privacy" model could be another term? Under a privacy model, individuals have a right to keep all details of their activities private, unless they choose to share them, or unless necessary to prove an action is valid. The concept is similar, except it acknowleges a right to privacy, whether or not there is a “threat” of some kind.

A bank, online, needs to know you are a person who is authorized to access an account. They do not need to know where you are (your IP) whenever you access the account (or whenever your bank app sends data), although knowing it can make their job of filtering and rejecting unauthorized accesses easier.

An email provider is similar, except they have zero need to know where you are at any time. My email provider is OK with accessing email over Tor.

Sure, a physical shop already knows where you are when you are in the shop, but do they need an internet log trail confirming it? Do they need to scan and record your bluetooth, wifi etc., in addition to recording you on cameras?

1 Like

I fully agree with u . Privacy should be a given across the board. Ill try tor browser and see how it goes i guess , ive not tryed banking thru Tor yet , ill have to give it go.

Don’t do that, please, is not a good idea.

Loss of privacy is not a thing that you can touch, hence the normies saying “I don’t care, I didn’t lose anything”, it only becomes tangible when it ends in actual harm.

The thing is that you don’t know if it ends in a threat or not, that’s the point, also you don’t know when in the future it would matter or not.

2 Likes

Ok, i wont be using it thanks for the tip great help :+1:

ive not tryed banking thru Tor yet

@Morgoth

Don’t do that, please, is not a good idea.

While they warn about possibly getting locked out, they don’t say never login to a bank account. Are there reasons to conclude differently, or for using orbot Tor? Assuming you follow other guidance.

Personal guidance, it seems to me imprudent to log into a bank account through Tor, among other things for the reason you mention about the possibility of getting locked out.
It is taking an unnecessary risk, and as your bank account de-anonymizes you, it makes no sense.

Wherever you use a proxy, even Tor, you can get an man-in-the-middle attack by malicious exit node.
I don’t want to spread FUD, Tor is secure, but to risk something as critical as your bank account is crazy.

The correct use of Tor, IMO, is to take it as an alter ego, you create accounts that you only use in Tor, no personal accounts that you used before are used. Avoid anything that can identify you personally.
If you use different hardware, even better.

1 Like

I agree it is one use, but not the only “correct” use. Privacy is a personal thing with several aspects. IMO, one bit of privacy is not sharing your IP (approximate location), even with groups who know your identity (e.g. email). I agree doing banking online is a risk, with or without Tor, and I would minimize it.

You can and should “reset identity”, clear cookies, disallow javascript frequently, and not do too many things at one time over Tor.

I agree, my point was with Tor it is even more risky.

I guess the thing here is, you don’t want your bank to not know your current location. Not your home city, which it already knows.

There will be better ways to avoid this? other than relying on proxies and the risks that come with them.

Doesnt https keep your data safe?

I can not use Aurora Store app work with nerguard&orbot setup. It keeps stuck in requesting new session and never moves further. Any ideas why and how to fix this?

It only works if i turn off rules for it in netguard.

Yeah, don’t connect to Google via Tor. Use APKMirror | F-Droid - Free and Open Source Android App Repository via Tor instead

I do connect to google only through TOR. Or you mean it shouldn’t be done for some reasons? If so could you pleaseshed some light on them?

IIUC @Licaon_Kter is suggesting that almost any other source for apks is better than using G66gle (or being used by them).

Thx for clarification. I agree 100%. But unfortunately some apps are only available on google appstore. For example a video editor i was only able to find on google and blocked its network access.

And right now i need a converter mp4 to gif. Searched f-droid in first place got 0 results.

Have any suggestions by the way?