Can someone explain me why you shouldn't use TOR on mobile

I personally don’t use tor, but am subscribed to this sub. And I see a lot of posts about tor mobile, and that you shouldn’t use it. But why? Take for example an Android phone, it’s build upon Linux and just like every device that connects to the internet it has a MAC and IP address. So why would it be any better than connecting to tor on Windows? Windows is also an OS just like Android or IOS right?

I mean, I understand that Linux is definitely the way to go for safety. But why is an phone different from a standard desktop or laptop with Windows?

Let’s have a discussion about it.

I use tor mobile, but I’m using it more for the anti censorship feature, not for privacy, so in my scenario i don’t really care if google “snoops” on my tor.

What not to do in Tor.
It is best to avoid visiting personal sites that have real names or aliases attached, especially if they have ever been accessed through something other than Tor/with a real IP address. There are probably very few people visiting your personal website through Tor. This means that the user can be the only unique Tor client to do this.
This behavior leads to anonymity leakage because once a website is visited, the entire Tor circuit becomes dirty. If a site is not very popular and does not receive much traffic, then Tor exit nodes can be almost certain that the visitor to that site is the site owner. From this point on, it is reasonable to assume that subsequent connections from this Tor exit node also come from this user’s computer.
Do not log into your personal Facebook or other social network account through Tor. Even if you use a nickname instead of your real name, the account is probably associated with friends who know you. As a result, the social network can make a reasonable guess as to who the user actually is.
No anonymity system is perfect. Online anonymity software can hide IP addresses and locations, but Facebook and similar corporations do not need this information. Social networks already know the user, his friends, the contents of “private” messages between them, and so on. This data is stored at least on the servers of the social network, and no software can delete it. They can only be removed by the social media platforms themselves or by hacker groups.
Users who log into their Facebook and other accounts only get location protection, but not anonymity.
Never log into accounts you used without Tor.
Always assume that on each visit the server log saves the following:
Client IP address/location.
Date and time of the request.
Specific addresses of the requested pages.
HTTP code.
The number of bytes transferred to the user.
The user’s browser agent.
Referring site (referrer).
Also assume that the Internet Service Provider (ISP) will record at a minimum the customer’s online time and IP address/location. The ISP may also record the IP addresses/locations of sites visited, how much traffic (data) was transferred, and what exactly was sent and received. As long as the traffic is not encrypted, the ISP will be able to see what specific actions were taken, the information received and sent.
It is clear that the same type of logging by websites and ISP makes it easy to determine user actions.
The account is compromised and tied to the user even in the case of a one-time authorization through a connection not protected by Tor, from a real IP address. Single errors are often fatal and lead to the exposure of many “anonymous” users.

Do not log into online banking or payment systems unless you understand the risks.
Authorization in online banking, PayPal, eBay and other important financial accounts registered in the user’s name is not recommended. In financial systems, any use of Tor risks account freeze due to “suspicious activity”, which is registered by the fraud prevention system. The reason is that hackers sometimes use Tor to commit fraudulent activities.
Using Tor with online banking and financial accounts is not anonymous for the reasons given above. This is pseudonymity, which only provides hiding of the IP address, or a trick to access a site blocked by the ISP. The difference between anonymity and pseudonymity is described in the corresponding chapter.
If a user is blocked, in many cases you can contact support to unblock the account. Some services even allow relaxation of fraud detection rules for user accounts.

Whonix developer Patrick Schleiser is not against using Tor to bypass website blocking or hide an IP address. But the user must understand that a bank or other payment account may be (temporarily) frozen. In addition, other outcomes are possible (permanent blocking of the service, account deletion, etc.), as stated in the warnings on this page and in the Whonix documentation. If users are aware of the risks and feel it is appropriate to use Tor in specific personal circumstances, they can of course ignore this advice.
Don’t alternate between Tor and Open Wi-Fi
Some users mistakenly think that public Wi-Fi is a faster and more secure “alternative to Tor” because the IP address cannot be tied to a real name.
Below we will explain the reasons why it is better to use open Wi-Fi and Tor, but not open Wi-Fi or Tor.
The approximate location of any IP address can be calculated to a city, district or even street. Even if the user is far from his home, open Wi-Fi still gives the city and approximate location, since most people do not travel across continents.

The identity of the owner with open Wi-Fi and the router settings are also unknown variables. There may be a log of users’ MAC addresses with the corresponding Internet activity of those users, which is open to the owner of the router.
While logging does not necessarily violate the user’s anonymity, it narrows the pool of suspects from the entire global population of the Earth, or continent, or country, to a specific area. This effect greatly reduces anonymity. Users should always retain as much information as possible.
Avoid “Tor over Tor” scenarios
Note: This is a problem specifically with the Whonix service.
When a transparent proxy (such as Whonix) is used, it is possible to run Tor sessions simultaneously on the client side and on the transparent proxy, creating a “Tor over Tor” scenario.

Don’t reveal personally identifiable information online
Deanonymization is possible not only with connections and IP addresses, but also in social ways. Here are some anti-deanonymization recommendations from Anonymous:
Do not include personal information or personal interests in nicknames.
Do not discuss personal information such as location, age, marital status, etc. Over time, silly conversations like discussing the weather can lead to an accurate calculation of the user’s location.
Do not mention gender, tattoos, piercings, physical abilities or disabilities.
Do not mention profession, hobbies, or involvement in activist groups.
Don’t use special characters on your keyboard that only exist in your language.
Do not publish information on the regular Internet (Clearnet) while being anonymous.
Do not use Twitter, Facebook and other social networks. It will be easy to link you to the profile.

Do not use Twitter, Facebook and other social networks. It will be easy to link you to the profile.
Don’t post links to Facebook images. The file name contains your personal ID.
Don’t visit the same website at the same time of day or night. Try to vary your session times.
Remember that IRC, other chat rooms, forums, and mailing lists are public places.
Do not discuss anything personal at all, even when connecting securely and anonymously to a group of strangers. Recipients in a group represent a potential risk (“known unknowns”) and can be forced to work against the user. It only takes one informant to break up the group.
Heroes only exist in comic books - and they are actively hunted. There are only young or dead heroes.

Because Android is made by Google and Google’s business model is collecting and selling data, Altrogh Android is open source the version that comes installed on phones contains Google’s closed source components and phone manufacturers also install their own closed source components so it is not recommended to use Tor on s phone if your threat model includes Google collecting data about you.

Nsa has backdoored on phones on the baseband level. Also very likely they have backdoor with mobile carriers, mobile hardware, and operating systems.

Also, can’t run whonix or tails on a phone.

Ironically, your phone is likely much more secure than your desktop. Android phones are the only mass-market with advanced isolation technologies like memory-tagging, a feature otherwise limited to niche servers.

If you think Google would be in cahoots with those that would be going after you, and you specifically, then smart phones are dangerous to you. Otherwise, it is one of the safest places to use Tor.

True, some phones have been found to ship with malware installed. Unfortunately, the same thing happens with desktop PCs and laptops. Best you can do is pick a reputable brand.

Mobile OS and Desktop OS generally function in very different ways. Mobile phones also come with a lot of additional components that are integral part of the most android or IOS systems, that are hard to get rid off and turn off etc.

Using tor on mobile is fine if you are not doing anything serious, just protecting your privacy.

Its just that if you are doing anything suspicious, if you are person of interest etc, its simply risky. Mobile phones today contain a lot of private data on them, unique identifiers, contacts, photos and various apps that are practically spying on you and you dont always know what they are doing in the background and how their activity could deanonymize you.

A bank vault is useless if you can unscrew a vent from the corner store on the other side, crawl in, and steal the gold.

A moat is useless if it only covers 270 degrees.

Scaffolding load-bearing collapses under its own weight on wet sand.

This is why, historically, things that need to be secure have always been built inside of or on top of other things that were already audited and declared at least “pretty trustworthy”.

You could but with a few precautions. Sorry for my English. First, root terminal, install a custom recovery, prepare a custom ROM. Install it on partition B (in my android phone I can boot up in partition A OS, switch off, then switch on and you are now on partition B OS. You can also use a dedicated smartphone for this and forget about all before. Then use a VPN app, I won’t give you any options bc I don’t want to make this and advertisement. After all of that you can use TOR. Don’t forget to connect to other WiFi than yours. Advanced level spoof mac and tons of tech savvy measures.
This is a raw and speed list don’t take it seriously. The real deal is: Study XDA and other reliable sources. If you cannot handle then you are a regular domestic user and deep web isn’t for you I advice then to quit and forget

If your using the tor onion app then you can route any data you wish through the tor network. It comes back to what data can finger print you or your device.

Tor anonymous ability relies on you not using personal data, is your on a mobile device which is logging into your email, phone number, GPS, and other account info linked to you. Then you null the point of tor, your setting up patterns where you can be tracked.

Sure you can use it on mobile; to circumvent censorship!

I use orbot to access my home server remotely.

Due to Reddit deciding to sell access to the user generated content on their platform to monetized AI companies, killing of 3rd party apps by introducing API changes, and their track history of cooperating with the oppressive regime of the CCP, I have decided to withdraw all my submissions.
I am truly sorry if anyone needs an answer I provided, you can reach out to me at [email protected] and I will try my best to help you

The operating system can’t be trusted.

I once worked for a mobile phone operator, even if your phone modifies the IMEI code and changes the SIM card, it will be recognized, because the phone has a hardware that is physically limited and cannot be rewritten, there is no memory permission, Tor can only be effective for ordinary software platforms, and it is not effective for national monitoring

well if you have graphine os phone or pinecone phone or some linux disc phone np on ubuntu touch its not a problem but still you should not log into yr apps with your regular email like yt fb etc

because its slow?.. I wouldn’t want my experience on my phone. I use my vpn on mobile (only because the carriers have been known to sell your data but that is the only reason).

Use a stick and load tails. Problem solved but you won’t be able to boot it from phone without serious modifications.

That’s a fair point indeed.