{{Header}}
{{#seo:
|description=Development considerations on using {{project_name_long}} to provide a Torified Wi-Fi Hotspot or Torified VPN server.
}}
{{intro|
Development considerations on using {{project_name_long}} to provide a Torified Wi-Fi Hotspot or Torified VPN server.
}}
= Reputational Considerations =

* For now {{project_name_short}} has a simple design and great reputation. At time of writing, no clearnet IP leak found ever. See [[Whonix against Real Attacks|{{project_name_short}} Protection against Real World Attacks]].
* If that gets mixed with android-anyting, the quality if leak protection could be lower due to issues causes on the Android, not {{project_name_short}} side.

= Torified WiFi Hotspot =
Even if a WiFi USB stick was added to {{project_name_workstation_long}}... Possible causes for clearnet leaks on the Android side:

* The WiFi could go off / out of range. Then the device might jump to an untorified open WiFi.
* Users might turn off WiFi off while forgetting to keep mobile network (clearnet) turned off.
* madaidan: <blockquote>The mobile device wouldn't be isolated from local networks though. Nothing stops it from bruteforcing your neighbour's WiFi and deanonymizing you that way. Unlike in a {{project_name_short}} workstation VM, where it can't access those.</blockquote>
* Adding all the security challenges of WiFi.
** A 1) insecure WiFi + TLS is less of a problem than 2) insecure WiFi connection to Whonix-Gateway which would be even more of an issue. 1) could still be OK because TLS secures the contents of the connection. But 2) could be used to de-anonymize the user.
* Using a stock android device once non-anonymously, then routing all traffic over Tor would not be as anonymous as expected due to [https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxyLeaks TransparentProxyLeaks].
** TransparentProxyLeaks are not an issue in the usual {{project_name_short}}, {{project_name_gateway_long}} + {{project_name_workstation_short}} design. Mixing {{project_name_gateway_long}} with stock android gives the developers of {{project_name_short}} a lot less design abilities. Similar to [[Other Operating Systems|using {{project_name_short}} with other operating systems, {{project_name_customworkstation_long}}]], see [[Other_Operating_Systems#Security_Comparison:_Whonix-Download-Workstation_vs._Whonix-Custom-Workstation|security comparison]].

forum discussion:
https://forums.whonix.org/t/whonix-gateway-whonix-workstation-torified-wi-fi-hotspot/4751

= Using VPN =
A VPN tunnel from Android to {{project_name_gateway_short}} or {{project_name_workstation_short}}.

Many Android phones do not have a fail closed mechanism. When the VPN connection gets interrupted, device continues to connect without VPN.

= Related =
* [[Dev/DHCP]]

{{Footer}}

[[Category:Design]]