Dark Web Insight
tools

Tor on Mobile: Limitations and Best Practices

Tor Browser is officially available for Android, and Onion Browser covers iOS. But mobile Tor has real limitations you need to understand before relying on it.

By Dark Web Insight Research Desk5 min readUpdated

Tor Browser is available on Android — the official Tor Browser for Android app, published by the Tor Project on Google Play and F-Droid since 2019. iOS does not have an official Tor Browser; Apple's platform restrictions prevent running a full Tor daemon as a background process. The Tor Project recommends Onion Browser (open-source, maintained by Mike Tigas) as the best available iOS option. Mobile Tor has genuine limitations compared to desktop, and those limitations matter in any high-risk context.

Tor Browser on Android

The official Tor Browser for Android is functionally comparable to the desktop version. It includes:

  • The Tor daemon (not a proxy — the full circuit-building system)
  • The same three security levels: Standard, Safer, Safest
  • HTTPS-Only mode
  • NoScript for JavaScript control
  • Letterboxing for screen-resolution protection

Download it from Google Play or from F-Droid, the open-source Android app store. F-Droid is preferred by users who avoid Google services for privacy reasons — the Tor Project maintains its own F-Droid repository at https://guardianproject.info/fdroid/.

Performance on Android is constrained by mobile hardware and network conditions. Heavy .onion sites — particularly those with JavaScript-intensive interfaces — load slowly or incompletely at the Safest security level.

What doesn't carry over from desktop: desktop Tor Browser allows you to examine circuit paths (which relays are in use) via the site identity button. The Android app provides this information but with a slightly simplified interface. The core circuit behavior is identical.

iOS: Onion Browser

Apple's iOS restricts background processes and VPN-style network extensions in ways that prevent running a full Tor daemon. The Tor Browser architecture — where a daemon handles circuit building while Firefox ESR handles the UI — cannot be replicated under iOS constraints.

Onion Browser (by Mike Tigas, available on the App Store) uses a Tor library integrated differently from the daemon model. The Tor Project's official documentation recommends it as "the best way to browse the internet using Tor on iOS." It's open-source and has been maintained since 2012.

Functional limitations compared to the official Android or desktop Tor Browser:

  • Some WebRTC-based features may not route through Tor correctly
  • JavaScript blocking and security settings are less granular
  • The Tor circuit model is approximated, not an exact match to the daemon-based desktop implementation

For any sensitive use — journalism, research involving personal safety risk — treating iOS Onion Browser as a "good enough" alternative to desktop Tor Browser is not advisable. The platform constraints are real.

What Mobile Tor Cannot Protect

This is the most important section for users who assume mobile Tor provides system-wide protection.

Tor Browser on Android only protects browser traffic. All other apps on your phone — mail clients, messaging apps, social media apps, system services — continue using your real IP address. Tor Browser is not a VPN. It does not route your entire device's traffic through Tor.

Your phone continues to leak:

  • IMSI (International Mobile Subscriber Identity) — transmitted to cell towers regardless of what apps are running
  • Carrier metadata — your carrier sees which cell towers you connect to, and when
  • Location services — GPS and network location are available to any app with permission
  • Device identifiers — advertising ID, IMEI, and Wi-Fi MAC address are visible at the network layer

If you open a file downloaded through Tor Browser in a different app — a PDF in a document viewer, a media file in a player — that app makes network requests using your real IP. The Tor Project's guidance applies equally on mobile: don't open downloaded files outside Tor Browser.

For contexts where these metadata leaks are unacceptable — high-risk journalism, sensitive communications, situations where device confiscation is a real possibility — Tails OS on a live USB drive with dedicated hardware is the appropriate tool. Mobile Tor doesn't approach that level of isolation.

When Mobile Tor Is Appropriate

Mobile Tor is well-suited for:

  • Reading .onion news sites — BBC Tor mirror, NYT, ProPublica — without giving your ISP or carrier visibility into what you're reading
  • Avoiding basic tracking — ad networks, session tracking, standard web analytics
  • Accessing blocked sites — circumventing ISP-level or national-level content filtering
  • Low-stakes research — browsing .onion directories or accessing publicly accessible .onion services

It's not appropriate for:

  • Situations where your device could be seized — the apps outside Tor Browser remain on the device and in logs
  • Communications involving significant personal risk — use Signal (or Briar for a Tor-routed option) rather than a browser
  • Anything requiring Tails-level isolation from the device's own operating system

See Tails vs Whonix for a comparison of OS-level isolation tools that route all traffic — not just browser traffic — through Tor.

Frequently Asked Questions

Is there an official Tor Browser for iPhone?

No. Apple's platform restrictions prevent the Tor Project from shipping an official Tor Browser for iOS. The Tor Project officially recommends Onion Browser by Mike Tigas as the best available alternative. It's open-source and listed on the Tor Project's download page.

Is Tor Browser safe on Android?

The official Tor Browser for Android provides the same circuit-level protections as the desktop version. It is a legitimate and reasonably secure implementation. The limitations are: (a) it only covers browser traffic, not other apps, and (b) mobile hardware and network conditions affect circuit performance. For the threat model that Tor Browser addresses — hiding browsing activity from ISPs and destination sites — the Android app is effective.

Does Tor Browser cover all mobile app traffic?

No. Tor Browser is a browser application. It routes only its own traffic through the Tor network. Other apps on your device connect directly to the internet using your real IP. This is fundamentally different from Tails OS or Whonix, which route all outgoing traffic through Tor at the operating system level.

What is Onion Browser?

Onion Browser is an open-source iOS application maintained by Mike Tigas that provides Tor-based browsing on iPhones and iPads. It uses a Tor library integrated differently from the daemon model used in official Tor Browser — a necessary adaptation to Apple's platform constraints. The Tor Project recommends it as the best option for iOS users. It is available free on the App Store.