* * How is Orfox different than Tor Browser for desktop?
* The Orfox code repository is at https://github.com/guardianproject/tor-browser and the Tor Browser repository is here:https://gitweb.torproject.org/tor-browser.git/. The Orfox repository is a fork of the Tor Browser repository with the necessary modification and Android-specific code as patches on top of the Tor Browser work. We will keep our repository in sync with updates and release of Tor Browser.
* Orfox is built from the Tor Browser repo based on ESR38 (https://dev.guardianproject.info/issues/5146https://dev.guardianproject.info/news/221) and has only two modified patches that were not relevant or necessary for Android
* Orfox does not currently include the mobile versions of the Tor Browser * Button, but this we will be added shortly, now that we have discovered how to properly support automatic installation of extensions on Android (https://dev.guardianproject.info/issues/5360)
* Orfox currently allows for users to bookmark sites, and may have additional data written to disk beyond what the core gecko browser component does. We are still auditing all disk write code, and determining how to appropriately disable or harden it. (https://dev.guardianproject.info/issues/5437)
* * How is Orfox different than Orweb?
Orweb is our current default browser for Orbot/Tor mobile users (https://guardianproject.info/apps/orweb) that has been downloaded over 2 million times. It is VERY VERY SIMPLE, as it only has one tab, no bookmark capability, and an extremely minimal user experience.
Orweb is built upon the bundled WebView (Webkit) browser component inside of the Android operating system.
This has proven to be problematic because we cannot control the version of that component, and cannot upgrade it directly when bugs are found. In addition, Google has made it very difficult to effectively control the network proxy settings of all aspects of this component, making it difficult to guarantee that traffic will not leak on all devices and OS versions.
Orweb also only provides a very limited amount of capability of Tor Browser, primarily related to reducing browser fingerprinting, minimizing disk writes, and cookie and history management. It trys to mimic some of the settings of Tor Browser, but doesn’t actually use any of the actual code written for Tor Browser security hardening.