Sunday, 8 March 2015

Scatterbox - build an Android Tor Socks Proxy Server

Cloak your location and create a firewall bypass device with a smartphone. Uses the Tor network. Does not require root.

1 - from Google Play, download and install:

 2 - Setup and Test Orbot

  • Launch Orbot.
  • Complete the wizard (or change in settings):
    • Disallow root.
    • Disallow Transparent Proxy. [Aside: Transparent Proxy and tethering is broken, but the method in this post is more flexible, and given that using Tor indiscriminately is self-defeating, I can see why this feature is low-priority.]
  • [New & Improved] in the Settings Screen, under 'Debug':
    • Check that Tor SOCKS port is 9050
    • In 'Torrc Custom Config, enter 'SocksListenAddress'
    • By default, Tor only listens for local traffic, which is why we need another proxy server downstream. This sets Tor to listen on all interfaces, on PORT 9050.
      • Pros: you can skip the next step - installing Socks Server Ultimate. This also allows .onion addresses to work, as Socks Server Ultimate does not pass them to Orbot.
      • Cons: not a great idea for constant use on a phone, which has a public IP address, SocksListenAddress is deprecated and may disappear with later versions, but the 'correct' method of prefixing the Socks Port with IP address doesn't seem to work.
  • Start Orbot.
  • Click on the 'globe' icon to test Orbot. if the Orweb page says you are successful, move on.

3 - Setup and Test Socks Server Ultimate [Optional]

  • Launch Socks Server Ultimate
  • Add a server.
  • Set and Note the listening 'Run on port'. This is your PORT.
  • Enable 'Use proxies for the socks server'
  • A 'Proxies' tab will appear. Add a proxy.
    • Proxy host name: localhost
    • Proxy port: 9050
    • Leave username/password blank.
  • Start the server
  • Press 'info'
  • Note the IPv4 address. This is your SERVER
  • If your PC is tethered to your smartphone's internet, another way to find your smartphone's Server address relative to your PC is by using the same address as its 'default gateway'.

4 - Setup PC (or other device)

The clever part is not running Tor on the smartphone, but using the smartphone as a server.
I assume that your smartphone and PC are on the same wireless LAN, but this method will also work if your PC is tethered to your smartphone's internet.

Setup and test web browsing through Tor

  • In your web browser's connection settings, blank out all proxy servers, and set socks proxy and port to SERVER and PORT. [My example uses Firefox/Thunderbird].
  • [New] If you are not using Socks Server Ultimate, your PORT will by default be 9050. Your SERVER IP address can be found in Andoid 'Settings' - 'About Device' - 'Status
  • Allow 'Remote DNS' to ensure your DNS requests get proxied.
  • Enter '' in the address bar and activate it.
  • The page should report similar to Orweb's that your browser is configured to use Tor, although it may also note that it is not a fully anonymised browser.
  • Do use a specialised anonymised browser with Tor. Standard browsers exchange cookies and other identifying information that will help reveal your location, even through tor.

Setup and test email through Tor

  • In your email client's connection settings, blank out all proxy servers, and set socks proxy and port to SERVER and PORT. [My example uses Firefox/Thunderbird]
  • If you have two email accounts, send test emails between them. You may see some email headers contain strange IP addresses which may even match the output. This means that it's working.
[Aside: Hotmail freaked out and suspended my account while testing. I appeared to be accessing it from Romania and Argentina at the same time, making it look like my account may have been hacked. Hotmail's well-meaning protection thus becomes a barrier, deftly illustrating the tension between anonymity and security.]

5 - Use it wisely

As with web browsing, a standard email client will also leak information on your whereabouts, such as your timezone. Although Tor will mask the location from where you sent and received your email, it will not protect the contents of your mailbox from legal or illegal intrusion.

This highlights what Tor does and does not do. Tor obscures the source and destination of your internet activity at a low level. It can be used to traverse firewalls and hide your location. It does not encrypt or anonymise communications. It does not stop you from giving away your identity. Using tor to anonymise Google Maps is like thinking no one can hear you in a fog.

Background: Server and Port

A computer or smartphone is like an office building (with 65536 floors) which hosts many different companies on different floors. Getting through to a particular company requires you to know its building address (server/service) and the floor (port) it's on.

Why Socks?

Because it works with both web and email. You could use Proxy Server Ultimate and forward all browser requests to port 8118, but that would only work for web browsing.

Does the ease of tracing smartphones compromise Orbot/Tor?

Not really. This method makes us deliberate in what we transmit through the proxy, which limits inadvertent location leaks more than transparently proxying all data through Tor.


  1. Nice blog...Very useful information is providing by ur is a way to find.

    123 HP Setup 6968

  2. Nice post, impressive. It’s quite different from other posts. Thanks to share valuable post. 6968