Dear Tails Team!
First of all I would like to thank you very much for the effort you have
put to create this amazing distribution. I am sure you know how valuable
it is nowadays.
I would like to request something that was already reported two years ago,
that is OpenVPN support for Tails (
https://labs.riseup.net/code/issues/5858).
* More important thing is to be able to run VPN on Tails, before entering
TOR. This moves trust from ISP to VPN provider. In many cases it is very
undesirable to bright attention just by using TOR directly.
* Less important thing is to be able to run VPN after TOR, to make sure
that sites are not blocked when you use TOR. I mean all of those very
difficult to solve captchas (which are often also connected with Google by
the way).
Of course that would require using two different VPN accounts, so those
are not correlated. Also, VPN account should be bought with mixed
bitcoins. And finally there would be need for kill switch to make sure
that when OpenVPN fails, internet connection goes down as well (Adrelano's
kill switch for Linux is the best I have found so far).
Can you suggest any workarounds for now? I mean I cannot install OpenVPN
on router because it is shared router. I can buy the second router but
that would be first of all weird and suspicious (and also can take some
time to configure properly).
I can also install OpenVPN on smartphone and enable hotspot mode, then
connect from Tails to smartphone hotspot, rather than directly to the
network. But then I'm not sure if I can trust smartphone (CyanogenMod)
because of temporary files and things like this (after all data would be
sent from computer to smartphone unencrypted, so smartphone would have
access to unencrypted data and could save it in some temp locations. Not
every site uses https or things like this so I expect that at least some
of the traffic would go unencrypted).
Also, I would like to be sure that I download trustworthy version of
Tails. That would be advantageous to have on several different highly
trusted websites control sums to verify integrity of Tails (to be able to
download it from several different sources and make sure that they all are
identical for the same version of Tails).
For now I am not going to use Tails, which is sad because it's such
amazing distribution (you have so many useful features). But without being
able to hide TOR activity from ISP, I cannot use it.
I also wanted to double check it. Are there any additional dangers
connected with using TOR after connecting to VPN? Can VPN provider mess
with TOR nodes to make it easier to become deanonymised?
What are the main technical challenges you have with supporting VPN for
Tails?
Summing up, how could I hide my TOR activity on Tails from ISP (and
provide additional encryption in traffic) with use of OpenVPN?
I wish you best luck with your development!
