Minimizing Privacy Browser’s Attack Surface

Every piece of software as complex as a browser that receives unsanitized information from the internet will eventually be compromised. How often that happens and how damaging the compromises are can be mitigated through a careful design process. Some information about decreasing the damage that a compromise can inflict is discussed on the Core Privacy […]

Problems with WebView and Proxying Through Orbot

Several recent versions of WebView have had problems with proxying. This has manifested most recently with WebView 74.0.3729.136 on Android Marshmallow (version 6.0, API 23) or newer. When using this version of WebView, either provided by the Android System WebView app or by Chrome as described in the instructions for WebView, the app looks like […]

Cookies and Tabbed Browsing

Anyone who has been following these posts for a while has noticed the running thread of limitations caused by Android’s WebView, which is why the 4.x series is going to include a forked version called Privacy WebView. While developing tabbed browsing I discovered that first-party cookies are enabled/disabled by app, while third-party cookies are enabled/disabled […]