Tor has now been recompiled for iOS9, tested by Dasy (thanks Dasy) and version 2.6.10 has been pushed to BigBoss repo and should appear in your Cydia stores soon. If you are not willing to wait, you can add our own repository to Cydia and install the org.grimore.tor.

We went ahead and made the impossible possible by porting tor to the iOS platform. The deb file has been submitted to Optimo and the gang and is ready to be downloaded in a while from Cydia.

• The package is submitted to BigBoss but you can also install Tor from the Wizardry and Steamworks Cydia repository.

Here is a very rough sketch of the flow of data concerning apps and proxies on iOS:

With the following remarks:

1. Applications can poll the system proxy settings in order to receive proxy information.
2. However, applications can bypass any proxy setting (just not request it from the system) and thereby make the connection directly. The OS does not force the applications to use the system proxy! This is why some applications may bypass tor entirely.
3. The system proxy settings can be queried by applications - whether they respect the settings is up to them.
4. Our tor daemon is launched in the background on iOS.
5. Some applications (for example, Safari) use the system proxy settings and go though tor to the Internet whilst others like Facebook do not use the proxy and connect directly (surprise surprise).

Utilities such as ShadowSocks or ProxyManager allow you to manipulate the operating system settings and provide a convenient way of switching the proxy on or off.

You should not be confident that by installing tor and setting the system proxy that your traffic will be obfuscated - applications can bypass those settings entirely if they so choose.

Thanks to Chris L. for the supplying the information relating to ProxyManager and ShadowSocks.

There are several steps you have to perform in order to set-up tor with your iOS Device:

1. install tor from Cydia.
2. go to the Settings app and turn tor on.
3. go to your wireless settings and select your Wireless network
4. at the bottom you will have three panels: Off, Manual and Auto.
5. you will need to select Auto and punch in:

   file:///etc/tor/proxy.pac

6. test with http://check.torproject.org.

ProxyManager will allow you to manage proxies without having to type in the URL to the proxy.pac file every time.

1. ProxyManager can be downloaded from Cydia (not the BigBoss repo).
2. select Automatic Proxy Configuration.
3. add a proxy with URL:

   file:///etc/tor/proxy.pac

4. select the created proxy.
5. enable Tor in Settings.app->Tor.
6. test with http://check.torproject.org.

ShadowSocks allows you to use a proxy per application.

1. ShadowSocks can be downloaded from Cydia.
2. switch Enable Proxy to On.
3. switch Auto Proxy to On.
4. punch in the PAC File field

   /etc/tor/proxy.pac

In case the auto-configuration fails with ShadowSocks, you can make the settings manually (settings provided and confirmed by Crazybanditt):

Soundtrack: The Lost Vikings - Factory Beat

Soundtrack: Chaos Engine

• When testing, always use Safari to make sure that the tor part of your setup works alright.
• Google Chrome is by default configured to reduce data usage by routing the traffic through Google's servers and compressing it. You will have to disable this feature from Chrome's settings such that Chrome will not ignore the proxy settings on your device.

There are a number of ways to do this, the best would be, if temporary, to just switch the proxy setting to Off in the Wireless Network setting. Otherwise, if a full shutdown is necessary, turning both the proxy setting to Off and turning tor off from the Settings app should do the trick.

In essence, optimizing Tor on iOS would involve launching MobileTerminal (or ssh-ing to the device) and then editing the /etc/tor/torrc file.

The default configuration is a vanilla "what should work for everybody"-dish that is served pretty cold:

SocksPort 9050
SocksListenAddress 127.0.0.1
SocksPolicy accept 127.0.0.1
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
AutomapHostsSuffixes .exit,.onion
RunAsDaemon 1

### Speed Tweaks
HardwareAccel 1
LearnCircuitBuildTimeout 1
NumEntryGuards 8
SafeSocks 1
LongLivedPorts 80,443
NumCPUs 2

We have our own tips on optimizing tor and they are summarized on the tor FUSS page.

The following development steps can be used to reproduce the libevent.deb and tor.deb packages.

Libevent v1.4.3-stable compiles on iOS4 using:

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-static=no --enable-shared=yes

and is required for getting tor to run.

The following patch is applied against tor version 0.2.3.25:

--- ./src/common/compat.c.orig	2012-11-19 23:24:54.000000000 +0200
+++ ./src/common/compat.c	2013-10-05 02:11:14.000000000 +0300
@@ -483,10 +483,6 @@
 tor_memmem(const void *_haystack, size_t hlen,
            const void *_needle, size_t nlen)
 {
-#if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
-  tor_assert(nlen);
-  return memmem(_haystack, hlen, _needle, nlen);
-#else
   /* This isn't as fast as the GLIBC implementation, but it doesn't need to
    * be. */
   const char *p, *end;
@@ -506,7 +502,6 @@
     ++p;
   }
   return NULL;
-#endif
 }
 
 /**
--- ./src/or/rendcommon.c.orig	2012-11-19 23:24:39.000000000 +0200
+++ ./src/or/rendcommon.c	2013-10-05 02:07:04.000000000 +0300
@@ -588,7 +588,7 @@
     else
       protocol_versions_string[0]= '\0';
     /* Assemble complete descriptor. */
-    desc_len = 2000 + smartlist_len(desc->intro_nodes) * 1000; /* far too long,
+    desc_len = smartlist_len(desc->intro_nodes); /* far too long,
                                                                   but okay.*/
     enc->desc_str = desc_str = tor_malloc_zero(desc_len);
     result = tor_snprintf(desc_str, desc_len,

and tor has to be configured with the following flags:

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --disable-transparent --disable-asciidoc --disable-nat-pmp --disable-upnp

• We disable transparent firewall support with --disable-transparent because we do not have that on iOS. Although, it may perhaps be interesting to explore some NAT-ing with ipfw in the future.
• We disable the ASCII documentation because most packages in Cydia repositories aim to be as small as possible - this is due to bandwidth and due to the fact that most users are not really developers and it is easier to look-up the documentation on the web.
• NatPMP and UPnP are technologies that are used to punch holes in router firewalls automatically. The technology seems unnecessary or rather counter-intuitive when it comes to the privacy context of tor - you do not really want your machine to send requests to routers to open up a ports for you: "hello, I'm using tor, open up a port or me!". In any case, iOS does not have the necessary PMP or UPnP libraries, nor can they be found in Cydia.

By default, iOS allows setting only a HTTP proxy, yet tor is by definition a SOCKS proxy. In order to go around that the proxy.pac file that the deb file creates at /etc/tor/proxy.pac contains the following code:

function FindProxyForURL(url, host) {
  return "SOCKS 127.0.0.1:9050";
}

that instructs iOS to use a SOCKS proxy on the loopback address and on port 9050 where tor is listening for connections.