proton-bridge icon indicating copy to clipboard operation
proton-bridge copied to clipboard
verified publisher icon ProtonMail

[feature request] ProtonMail Bridge via Tor

Open andreas1107 opened this issue 4 years ago • 2 comments

There is now a Tor address to access ProtonMail's web interface: https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion

The Bridge does not support connecting via Tor. (Neither do the mobile apps to my knowledge but this is a separate issue.)

So the feature that makes Tor useful (hiding the user's IP) is only really enabled if the user is only using ProtonMail via web.

I saw this feature was asked about on Reddit (link) but I didn't see an open feature request for it here.

Thanks!

andreas1107 avatar Nov 21 '21 08:11 andreas1107

@andreasmjg regarding routing traffic through Tor, that is something you can do on the systems level and would force all applications, Bridge included, to use the Tor network.

Regarding the mobile apps, on Android at least you can use Orbot as a VPN to route all your traffic through the Tor network, ProtonMail included.

servusdei2018 avatar Dec 26 '21 02:12 servusdei2018

Transparent Proxying is not a good idea a a general way. It breaks many of Tor's traffic-isolating features and you end up with potentially very serious(As in anonymity-threatening) problems we give colorful names like "Dirty Circuit." Doing it properly is worth the effort, and not difficult. Bine is a tremendously useful library for accomplishing it in Go using a Tor-specific implementation of net.Conn and net.Listener. I think there's a smarter way to do transparent proxying, and I'm pretty sure some people in the Tor community do too, but to my knowledge nobody is doing it yet, especially not with a VPN mode on Android.

There's also another case where a user may want to obfuscate the nature of their connection from a network observer between their device and the bridge, but maybe they aren't that concerned about the connection from the bridge to Protonmail. For instance, a bridge operated for the benefit of journalists by a press organization when they may need to correspond with eachother while reporting on an oppressive regime. Such an organization would have an interest in hosting the ProtonMail bridge as an .onion service for the benefit of it's users, and not simply being a client. The transparent proxy would not enable this capability either. You can be self-configuring with anonymous overlay networks, but transparent proxies are not the way. Bine is though.

I've done the I2P equivalent of this to a third-party bridge, Hydroxide already, but received no response from the dev. If this (official?) bridge wants overlay network integration I'd be happy to help out, it would be a good opportunity for us to expand our use cases.

eyedeekay avatar Feb 19 '22 17:02 eyedeekay