I get this feature request once in a while: adding TOR support to Raccoon. I totally understand the motivation. Privacy, after all, is one of Raccoon’s main goals. However, when it comes to supporting TOR, I think, I would not only be wasting my time, but actually doing more harm than good.You need to understand what TOR is and how it works in order to use it properly. That’s already requires a level of technical knowledge which, in my experience, is beyond the average user. The average user just wants to start Raccoon, download an app and install it on his phone. Setting up a Google Account and binding a device to it is already inconvenient enough to make a lot of users think twice about using the application. Adding more complexity to the setup wizard won’t really help and I will most certainly not add some “secret handshakes” that will make the setup wizard go into “advanced” mode.
So, why not use TOR by default then (or rather: why not use TOR at all)?
- TOR makes it impossible to identify a person, but rather easy to identify an application. If you happen to connect to Play from a TOR exit node, then Play will know that you are not using the real client.
- TOR is slow by design. If it was the default transport mode of Raccoon, then people would not just complain about it, but also make it a talking point when comparing Raccoon to other means of obtaining APKs, discouraging new users from even trying the application.
- There are funny things that can go wrong when using TOR (the kind of funny that floods my inbox with support requests). For example, the TOR network might (partially) collapse and route everything (or at least the Raccoon traffic) through just one exit node (yes, that would be very odd, but “very odd” things are the definition of support hell). Play has a download quota. Consider what will happen if hundreds of devices connect from the same IP address within a short time span.
- Things get real funky when considering exit nodes. Most of the Raccoon support tickets are about not being able to find certain apps. Most of those can be resolved by pointing out that the app in question is region locked or carrier locked. It doesn’t really help, if downloading an app randomly fails or succeeds just because an exit node happens to be in the right network (or not).
- There are more important things than hiding from Google! TOR is a necessity for political activists living in police states. We should reserve the already scarce bandwidth for people who really depend on it, rather than blasting it on downloading apps (mind: modern Android games easily exceed 1GB in size).
- TOR is the wrong tool for the job anyway. Most of us are on dial up plans, using dynamic IP addresses. Just reset your modem, if you want a new IP address. The thing to worry about really is not the network address, but the Google Account. If privacy is your main concern, register a dozen Google accounts exclusively for Raccoon and rotate them regularly (occasionally retire them as well).
