anonym:
irykoon:
Currently, the Tor Launcher is shipped with the Tor Browser Bundle and heavily relies on the Tor Browser for its implementation. These facts cause using Tor Launcher without having the Tor Browser impossible. I agree with the whonix core developer Patrick Schleizer that "the Tor Browser Bundle has its kind of users. system Tor (refers to Tor from packages.debian.org or deb.torproject.org) users, where Tor runs as daemon, is used in different ways for different purposes. These users cannot use Tor Launcher, because it only works with Tor Browser".
I might be misunderstanding what you and Patrick mean with "impossible" (or rather, which use cases are impossible) w.r.t. using Tor Launcher outside of the Tor Browser; Tails uses the Tor Launcher shipped in Tor Browser, but it's run as a stand-alone XUL application (`firefox --app ...`), so the *web* browser isn't started as part of it. [1] One could even run it using Iceweasel/Firefox, i.e. completely without Tor Browser.
Right. I might have used the word "impossible" as a short cut to say the following:
tor-launcher will never be a great solution for system Tor users on Debian. Since Tor Browser is not packaged as in Debian unfortunately as it looks like will not be anytime soon, getting tor-launcher working nicely as a package available from packages.debian.org is very hard and unrealistic. A python rewrite (anon anon-connection-wizard) seems the way to go.
That said, this approach will not be viable any more some time next year when the Firefox ESR branch drops XUL support and Tor Launcher is deprecated upstream. It remains to see how the replacement of Tor Launcher will look, it might still work for Tails. However, if anon-connection-wizard would be a (more or less) drop-in replacement for Tor Launcher in Tails, that would be immensely helpful since we'd have a solution that will be guaranteed to work for us without much work. And I guess as long as the UX is more or less identical to the new Tor Launcher and rapidly adapts to changes, and there are good translations, we'd probably prefer it over the new Tor Launcher, since it probably will be even harder to decouple from the web browser.
That's great to know! Let's hope tor-launcher will work great everywhere, Debian, Whonix, Tails and whoever else may be interested in using it.
Any way, I also see potential for future collaboration between Whonix and Tails for extending the usefulness of anon-connection-wizard beyond what Tor Launcher (and its replacement) offers [2]; anon-connection-wizard targets the OS, not just a single application, so it could integrate the choices of network configuration (wired? which wireless network? MAC spoofing?) and Tor configuration (proxy? pluggable transport?) in a single place which probably makes more sense for users and also allows us to more easily (optionally) save these settings so they are restored the next time you visit the same network. This could potentially even be used to help giving users control over entry node selection to avoid persistent Entry Guards from leaking information about you geographical movement. [3]
Tor proxy configuration yes. Tor pluggable configuration, by all means yes, that will is the core feature of anon-connection-wizard.
Other Tor settings, perhaps. Depends on the settings. We'd need to discuss them.
My current impression of iry is that anon-connection-wizard development will go on after this gsoc.
anonym, did you have in mind combining anon-connection-wizard with the revamped Tails greeter? (Some links, you might have better ones. [1] [2])
Perhaps that could be done by leaving some "holes" in anon-connection-wizard? I mean, perhaps it's gui wizard pages could allow having additional pages before and after the actual Tor connection wizard pages? That way you could flexibly integrate it in Tails somehow?
(Definition of "page" in anon-connection-wizard context: This is a page [1]. This is another page [2].)
Let's leave all of that post gsoc future work. I am concerned to overextend this the anon-connection-wizard project. A tor-launcher python clone ending up in packages.debian.org would be an awesome improvement, even if it does not solve all issues such as mac changing.
For mac changing a lot more work would be required. For start, a working cli implementation (covering all that Tails does) that get be installed on a regular Debian system from packages.debian.org.) Then perhaps anon-connection-wizard could morph into a bigger project and provide a gui for that as well.
At the moment the anon-connection-wizard gsoc proposal is well defined in scope. A Tor connection wizard that creates the proper /etc/tor/torrc configuration and reloads Tor that implements the most recent usability research suggestions.
Initially it won't be solving all the anonymity usability issues. It won't feature a handy permanently Tor controller systray that always communicates the state of Tor. Perhaps that could be covered in future work.
Cheers, Patrick
[1] https://tails.boum.org/news/test_redesigned_Tails_Greeter/index.en.html [2] https://tails.boum.org/blueprint/greeter_revamp_UI/design_rationale_phase1/
[3] https://phabricator.whonix.org/file/data/pc42disjlcwt5di63jfw/PHID-FILE-2xp6... [4] https://www.whonix.org/blog/wp-content/uploads/2015/12/bridges-conf1-450x335...