bancfc@openmailbox.org transcribed 1.7K bytes:
On 2016-10-17 03:04, teor wrote:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
Good idea. We are waiting for snowflake bridge transport to be ready and we plan to enable it by default on Whonix Gateway. Its optimal because no port forwarding is needed or changes to firewall settings (because VMs connect from behind virtual NATs).
You're planning to enable "ServerTransportPlugin snowflake" on Whonix Gateways by default? And then "ClientTransportPluging snowflake" on workstations behind the gateway?