Advanced Privacy - know all about it

When will /e/ team stop shipping an end of life version of Tor? build.gradle · e1cc6aef65eb646f347d28174a6b00840c1cb94d · e / os / orbotservice · GitLab

We use Mapbox […] It will be detected as a tracker by the Tracker

Why glance over the fact that it is proprietary?

1 Like

How about:

3 Likes

Why you glance over the fact “We are looking for an alternative.”? ;- )

Checked with the team reg Tor …the response was that the latest version does not work with /e/OS. The team will work on it and then release it as part of the future releases of Advanced Privacy. No ETA as yet.

7 Likes

Un autre effet indésirable (pardon, “de bord”) c’est le risque réputationnel associé en cas d’IP masquée. En effet l’usager final n’a aucun contrôle sur le comportement des autres personnes utilisant le VPN ni sur la politique éventuellement drastique de ses autres fournisseurs de services, qui peuvent aussi choisir de bloquer préventivement tout usager connecté via un VPN. Deux exemples : l’application SNCF Connect est en mode bloqué avec le VPN d’advanced privacy ; le fournisseur d’accès internet Free Telecom lui désactive carrément les comptes de courrier électronique qui se connectent à travers ce VPN.

3 Likes

@Manoj I think if you do videos on the “deep dive” / “know all about it” posts you’ll have a wider reach.

For another thread where a person with dyslexia sought concise answers I looked for one on Advanced Privacy, but it is to new to find presentations on it.

We are looking into creating videos explaining basic concepts. Will share details once there is some positive to report.

1 Like

I can try voiceovers in american english if theres interest…

Hello, I confirm that free.fr email addresses are instantly blocked as soon as it is reached through e os “tor” VPN.
This might not appear as a big issue but it is, especially knowing the user friendly view of /e/ OS development.
A warning or a default deactivation of the VPN for the email app should be set up as soon as possible to avoid normal users loosing access to their main email address which is a HUGE problem because it will happen at the first use of advanced privacy (maybe it is even set on by default on /e/ OS !).

free.fr says that the IPs used by this VPN are used for attacks against their client’s email addresses.

Anyway, thanks for those amazing tools, especially trackers blocker (helpful for work apps) and geolocation spoofing that works well.

this is a grave problem, can you raise it on the gitlab backlog? if you haven’t got an account yet, write to helpdesk@e.email (explained at Report an issue)

A solution would be to allow for selective disabling the Tor Route for Apps - Mail in this case. Runs counter to some “no-leakage” network guarantees though.

Hello, I have raised an issue on the gitlab backlog.
TOR VPN is a verypowerful tool, it is well implemented though in the state of development it is contradictory to /e/ OS easy-to-use and all-users view. I think that is should be kept be rendered harder to activate with more warnings.

2 Likes

Hello,

I recently installed a few PWA (Twitter lite no to mention it) with Advanced Privacy on and Hide my IP activated. I connected to my Twitter account through the PWA and was very surprised to get an email from Twitter giving me my exact location obtained with my IP address.

Aren’t PWA supposed to be shortcuts using the default browser? If that’s the case the IP should be hidden. I checked that the Hide my IP feature works well on a random website with my default browser (Bromite), so no problem regarding AP.

In Settings, PWA do not even appear on the app list where you can select/unselect apps from using the Hide my IP feature.

In a nutshell, AP and PWA do not seem to work together well…

Thanks for your insights.

Just to be clear, the Twitter email showed the IP address provided by your carrier or the one from Hide My IP?
If the former: That’s a problem.
If the latter: Not a problem.

The Twitter email showed a location based on my IP address without showing the IP address. The location was correct, even though Hide My IP is supposed to modify it (if I understand this feature correctly).

Hmm, I don’t use Advanced Privacy. Only tested it a time or two as I use other tools. But how is your “Manage my location” set up. Is that being used also?

It’s been awhile since I’ve routed traffic through Tor but I do remember that my location would be wherever the exit node was. I’m in the U.S. but my location would be shown half a world away. So yeah, your location should(?) be tied to wherever the assigned IP is located.

In the “Manage my IP address” settings you can tell it which country you want to appear from. Even if it’s set to your current country your actual location (city, state, prefecture) still shouldn’t be known I’d think.

I think I’ll try and reproduce your situation and see what happens.

I’m not using Manage my location, but it’s a different matter to me. Like you said, location based on my IP should be the one that’s passing through Tor with Hide my IP, whatever the Manage my location settings.

Instead of PWA, if I use direct shortcuts from Bromite it seems to work correctly. For instance the Twitter shortcut shows me German ads, and I’m in France (Hide my IP is set with a random country). This is the expected behavior. If I use PWA I get only French ads, in addition to this email with the exact location.

Thanks for trying to reproduce my problem, if confirmed I should probably file a gitlab issue.

I couldn’t test the PWA. Keeps churning and gives errors when I try to login.

So I have AP active with hide my IP. The IP assigned was in Kansas, U.S. (I live in Los Angeles area, California). In Browser I went to Google Maps. It initially put me in Kansas but a few seconds later, wait for it… I wasn’t in Kansas anymore (sorry, couldn’t resist). It switched to my real location. Went to OpenStreetMap and it took me to Kansas and stayed there. In Iceraven (Firefox fork) OpenStreetMap immediately went to my real location.

Hiding an IP essentially does only one thing, hides your carrier-assigned IP. Actual location is determined by other means. GPS, location backends (of which I have several), location settings, and whether an app or browser can make use of those.

In a repeated round of testing with location changed to random (in Manage my location), my IP address is a Calyx server in New York. Google Maps and OpenStreetMap in both browsers puts me in Abu Dhabi with no changing to my real location.

So I’d say that one should not assume that hiding the IP would also hide one’s location.

6 Likes

I think there is room in AP to adjust the warnings/settings.

For example, I use an always-on, block-all-traffic-if-not-working VPN at all times on my phone, so the warning that my real IP address is visible, while technically correct (in that the VPN provider knows it), in practical terms is overstating the risk. Switching to use anonymous IP sends traffic out via Tor, which might not play nice with a VPN, but I’ve not tested this systematically.

For Location, I always turn it OFF unless I actually need it during actual navigation, and deny access to all apps that I can deny it to, except Maps (and then only while using it). As a failsafe (in case of nosy browser queries) I set it to a fake location somewhere else in my city, which is also the city I choose for the VPN’s public-facing IP address. The reason is that Location can be determined from GPS or other network-based means, independent of IP-address based geolocation. I like to ensure these match up. I set Weather manually, including when travelling, so as to not require device-based geolocation, which is a potential leak.

Where I think AP really shines is in the tracker detection & blocking. By default, I deny all trackers. Since I only load apps that have no trackers found by Exodus Privacy, this provides a first line of defence. But even these apps can do call-outs using code not known to EP. For example, F-Droid has no known trackers according to EP, but AP shows three (have a look). Even DuckDuckGo, which shows none for EP, shows 33 according to AP (at least some of which will probably be due to the call-outs from web sites that are trying to be creepy). Lesson: use multiple levels of privacy, and be aware that there may be aspects of tracking that may elude the efforts of Exodus.

4 Likes

Thanks a lot for all you did.

But I insist, location based on IP address should be hidden with AP regardless of GPS location settings. In other words, Twitter (when used as a PWA) should not have found my real location based on IP address if I connect through Tor with AP.

A little bit like @JJR, I have a VPN ans everything pass through it.
But in AP, it says that my real IP is not protected… In fact IP of my VPN can be seen by everybody but mine, no.
So it would be good to improve AP to avoid message saying IP is not protected when a VPN is used…

2 Likes