[tor-dev] GSOC 2017: Proposal for anon-connection-wizard

[anonym]

irykoon:
> Currently, the Tor Launcher is shipped with the Tor Browser Bundle and
> heavily relies on the Tor Browser for its implementation. These facts
> cause using Tor Launcher without having the Tor Browser impossible. I
> agree with the whonix core developer Patrick Schleizer that "the Tor
> Browser Bundle has its kind of users. system Tor (refers to Tor from
> packages.debian.org or deb.torproject.org) users, where Tor runs as
> daemon, is used in different ways for different purposes. These users
> cannot use Tor Launcher, because it only works with Tor Browser".

I might be misunderstanding what you and Patrick mean with "impossible" (or rather, which use cases are impossible) w.r.t. using Tor Launcher outside of the Tor Browser; Tails uses the Tor Launcher shipped in Tor Browser, but it's run as a stand-alone XUL application (`firefox --app ...`), so the *web* browser isn't started as part of it. [1] One could even run it using Iceweasel/Firefox, i.e. completely without Tor Browser.

That said, this approach will not be viable any more some time next year when the Firefox ESR branch drops XUL support and Tor Launcher is deprecated upstream. It remains to see how the replacement of Tor Launcher will look, it might still work for Tails. However, if anon-connection-wizard would be a (more or less) drop-in replacement for Tor Launcher in Tails, that would be immensely helpful since we'd have a solution that will be guaranteed to work for us without much work. And I guess as long as the UX is more or less identical to the new Tor Launcher and rapidly adapts to changes, and there are good translations, we'd probably prefer it over the new Tor Launcher, since it probably will be even harder to decouple from the web browser.

Any way, I also see potential for future collaboration between Whonix and Tails for extending the usefulness of anon-connection-wizard beyond what Tor Launcher (and its replacement) offers [2]; anon-connection-wizard targets the OS, not just a single application, so it could integrate the choices of network configuration (wired? which wireless network? MAC spoofing?) and Tor configuration (proxy? pluggable transport?) in a single place which probably makes more sense for users and also allows us to more easily (optionally) save these settings so they are restored the next time you visit the same network. This could potentially even be used to help giving users control over entry node selection to avoid persistent Entry Guards from leaking information about you geographical movement. [3]

Cheers!

[1] The first two scripts are parts of the build process, the two latter ones are for starting it:
* https://git-tails.immerda.ch/tails/tree/config/chroot_local-hooks/06-adduser_tor-launcher?h=devel
* https://git-tails.immerda.ch/tails/tree/config/chroot_local-hooks/10-tbb?h=devel
* https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/usr/local/sbin/tails-tor-launcher?h=devel
* https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/usr/local/bin/tor-launcher?h=devel
[2] https://tails.boum.org/blueprint/network_connection/
[3] We discuss the issue of  https://tails.boum.org/blueprint/persistent_Tor_state/