Re: [Tails-dev] keeping up with pluggable transports by usin…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [Tails-dev] keeping up with pluggable transports by using TBB's Tor and tor-launcher
hi,

Patrick Schleizer wrote (26 Nov 2014 14:16:05 GMT) :
> intrigeri wrote:
>> Patrick Schleizer wrote (21 Nov 2014 15:17:08 GMT) :
>>> intrigeri wrote:
>>> - Just start Tor with current configuration (missing feature?) -> For
>>> users who choose "no network obstacles", Tails would just run TBB's Tor
>>> as the new "system Tor".
>>
>> We already have this behaviour, so why would we need Tor Launcher to
>> do that?


> For non-bridge users the advantage would be arguable: using the version
> of Tor that comes with TBB rather than the version of Tor that comes
> with Debian.


We ship Tor from deb.tpo.

> If I remember right, there was a time where TBB's version
> of Tor (and deb.torproject.org's version) included a new feature that
> helped to cope up with the issues causes by that huge botnet that abused
> Tor.


Indeed. We're anyway going to build our own Tor to get seccomp
(#8174), so we can cherry-pick some patches the TB applies to its Tor
if needed.

>>> - Configure Tor (using tor-launcher), but don't
>>> start Tor or Tor Browser (missing feature?). -> For users who choose
>>> "got obstacles", Tails would start the tor-launcher add-on to let them
>>> configure Tor. Then Tails would use the "just start Tor with current
>>> configuration" feature. And if the user notices it doesn't work, go back
>>> to this one.
>>
>> I don't understand what problem this solution is trying to solve.


> Glad you're asking! Thanks so much for not just quickly dismissing this!
> Somehow I failed to explain the general idea well. Need to work on that.


> Tails current implementation differs from what I am having in mind here.


> - Currently: You are using /usr/bin/tor-launcher and ~/.tor-launcher.
> Somehow extract tor-launcher from TBB or its repo during build time?


We're documenting such things so that everyone can find the answer to
this kind of questions themselves:

https://tails.boum.org/contribute/design/Tor_network_configuration/

:)

> - Alternative: Simpler implementation (from Tails side - probably
> requires tor-launcher patches) + patching tor-launcher. Using a regular
> Tor Browser Bundle tarball, extracted to /home/user/tor-browser_en-US/
> or saner location.


Not sure why that implementation would be simpler.

In any case, it seems harder to keep track of patches we'll want apply
on top of Tor Launcher, compared to our current pure-Git approach.
The good news is that hopefuly we can drop our remaining patches if we
ship TB's Tor, iirc.

> - Currently: You are using the Debian "tor" package. The "real" system Tor.
> - Alternative: Use /home/user/tor-browser_en-US/Browser/TorBrowser/Tor/
> as "fake system Tor". Advantage... When you use that folder, you ship
> the same pluggable transports as TBB.


Already discussed in another part of this thread.
Surely has advantages.

> - Currently: When choosing "no extra settings" in Tails Greeter, the
> user cannot change its mind and try different settings. At least as far
> as I know. I haven't found tor-launcher / Tor settings start menu / on
> desktop. And if the user types (/usr/bin/)tor-launcher in terminal, it
> will show an error message.
> - Alternative: The user could run a start menu entry that configures
> Tor. Using tor-launcher from /home/user/tor-browser_en-US.


OK. That's an entirely new user story, then. I can think of actual
cases when it would be useful, e.g. "I try to connect with regular
relays and get blocked, let's try with a bridge". The thing is, given
one notices if their connection to the Tor network is blocked very
early in a Tails session, the advantage of allowing post-login Tor
reconfiguration seems marginal, compared to the added complexity we
would have to deal with. Any other actual use cases that require being
able to do that?

> In other words, if you used an original TBB folder
> /home/user/tor-browser_en-US as "fake system Tor" + implementation magic
> (above or otherwise), Debian/Tails/Whonix users could choose pluggable
> transports from the same tor-launcher menu as TBB users.


Yep.

> [...]
> Before working on this, it would be helpful if you would approve the
> general idea. Knowing it's not a totally insane approach. :) While we're
> at it, writing the patches in a way that also other (anonymity centric)
> distributions, Debian, Tails could profit from them would result in a
> synergy effect, I think. You might or might not wish copy/adapt that
> solution for Tails later and thereby solve the "keeping up with
> pluggable transports" issue.


As said earlier, I quite like the "ship TB's Tor binary as our system
Tor" idea, for the "keeping up with PTs" reason. Making Tor Launcher
more easily usable outside of TB sounds good too (even if I'm
unconvinced we should let users reconfigure Tor post-login, this would
likely make our life easier). Now, I wouldn't hold my breathe waiting
for us to integrate this all into Tails, unless patches flow in.

Cheers,
--
intrigeri