Hi,
I believe that one of the drawbacks of Tails, when compared to other
privacy focused distributions, is that the entry nodes change each boot
when using a DVD. This is fine if the IP address that someone is
connecting to Tor from also changes but in some scenarios this may not be
the case. As the Tor Blog outlines in a recent post, changing entry nodes
each boot can become a security risk over time [1].
I have been thinking about how to improve this situation while also
preserving the non-persistent nature of booting Tails from a DVD where
keeping /var/lib/tor across boots is difficult.
Would it be possible to choose entry guards on the first boot and then use
the IP of the guard as a seed for a 4 word passphrase, maybe XOR'd with a
PIN to increase the search space? Given the small number of entry guards
it would be trivial to later match the supplied four word passphrase with
the correct bridge/PIN on the next boot. This way you would be able to
choose the same entry guard each boot until it goes down. When the entry
guard goes down, a new 4 word passphrase is generated and recorded by the
user. If three entry guards are used then a 12 word phrase would be output
where each four words would represent a bridge.
[1]: Improving Tor's anonymity by changing guard parameters,
https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters