[graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion

iry:

The first released tor version with %include feature is
0.3.1.1-alpha. When adding a %include line to /etc/tor/torrc but
the Tor version is below it, Tor will stop working, which is a severe
issue.

I have no idea when 0.3.1.1-alpha will become stable (and did not
find any document on Tor life cycles) . Therefore, if
0.3.1.1-alpha still not become stable when Whonix14 is released,
there are two ways to prevent anon-connection-wizard to add
%include line to /etc/tor/torrc:

  1. Just do not include anon-connection-wizard into Whonix14 until
    the feature is included into stable Tor; 2. merge this commit:

temporarily disable &include line feature in /etc/tor/torrc · irykoon/anon-connection-wizard@cf30fb1 · GitHub

What do you think, @Patrick ?

It’s not a single line change.

It needs all of this probably.

When we get close to Whonix 14 release, I think it would be better to
forward port what Tor 0.3.1.1-alpha does.

Since there is a lot work left until Whonix 14, I guess chances are we
are in time for 0.3.1.1 getting stable (or we’ll add the beta or even
alpha if that isn’t too crazy).

Btw, is “what is the Tor life cycles” a question worth asking on
tor-talk@ ? Or it has been documented?

Good question. Worth asking.

2 Likes

Patrick Schleizer:

iry:

The first released tor version with %include feature is
0.3.1.1-alpha. When adding a %include line to /etc/tor/torrc but
the Tor version is below it, Tor will stop working, which is a severe
issue.

I have no idea when 0.3.1.1-alpha will become stable (and did not
find any document on Tor life cycles) . Therefore, if
0.3.1.1-alpha still not become stable when Whonix14 is released,
there are two ways to prevent anon-connection-wizard to add
%include line to /etc/tor/torrc:

  1. Just do not include anon-connection-wizard into Whonix14 until
    the feature is included into stable Tor; 2. merge this commit:

temporarily disable &include line feature in /etc/tor/torrc · irykoon/anon-connection-wizard@cf30fb1 · GitHub

What do you think, @Patrick ?

It’s not a single line change.

It needs all of this probably.

Adds torrc.d directory support · Jigsaw52/debian-tor@da6af2d · GitHub

When we get close to Whonix 14 release, I think it would be better to
forward port what Tor 0.3.1.1-alpha does.

Since there is a lot work left until Whonix 14, I guess chances are we
are in time for 0.3.1.1 getting stable (or we’ll add the beta or even
alpha if that isn’t too crazy)
Hi @Patrick !

Thank you for your answer!

I have found the core Tor
release

wiki page, which indicates that Tor 0.3.1 stable will be released Sep
5th. I guess there is no need to worry about this problem anymore.

Lesson I learned: If there is no document of a project available on a
search engine, always check documents on the official site carefully
before assuming it is not documented. :slight_smile:

2 Likes

isis said in the tickets:

This API won’t be publicly accessible though, it’ll be reachable through the API for #22871, and even then it’s only reachable through a special meek reflector as part of #16650.

Is anon-connection-wizard what Tails uses now? I’d be happy to support Tails as well (but I’d strongly prefer the connection to go through the meek reflector).

anon-connection-wizard has not been used by Tails now. But some quick and dirty test on integrating anon-connection-wizard has been done by anonym from Tails. Some details can be found here:

https://mailman.boum.org/pipermail/tails-dev/2017-September/011638.html

meek has not been supported neither by Whonix nor by Tails so far. I will do some status report work in this post: censorship circumvention / Tor pluggable transports

I will also ask Tails about why meek is not supported by Tails, given that Tails does ship a Tor Browser.

The Moat API for BridgeDB document can be found here:

1 Like

My reply: Implement backend for moat (#22871) · Issues · Legacy / Trac · GitLab

2 Likes

https://mailman.boum.org/pipermail/tails-dev/2017-September/011660.html

2 Likes
  • Support meek_lite in anon-connection-wizard. meek_lite is a meek-like pluggable transport implemented in obfs4proxy. Although it does not normalize TLS signatures, it is still effective to circumvention the Tor censorship in heavily censored area, like China. This feature will greatly increase the accessibility to Tor network in China, along with the incresement of usability of Whonix. See here fore more details: censorship circumvention / Tor pluggable transports - #3 by iry

  • Support custom bridges input validation check. The implementation does not strictly match all the invalid input. However, hopefully, this is effective enough to prevent inexperienced user from configuring it with obvious mistake.

https://github.com/Whonix/Whonix/commit/41680a74746d2a69b9ed25bc150ec09a961ff13a

1 Like

Shall I rename anon-connection-wizard git repository to tor-connection-wizard? If we are going for it, we should do it now so we don’t have any name migration work in future.

1 Like

tor-connection-wizard will be a more descriptive name!

I thought the reason why we did not do it earlier was because Tor trade mark concern? Is it resolved? If so, I am more than happy to see it being renamed!

1 Like

That’s the question. So you don’t remember having that permission? Hm. Could you create a torproject ticket for that please and cc arma (Roger) asking for that permission?

1 Like

Done!

1 Like

TODO:

  1. Getting anon-connection-wizard into menu so that user can start it through the menu. Currently, it can be start using sudo anon-connection-wizard, but it is not good in terms of usability.

  2. Document anon-connection-wizard in Whonix Wiki.

iry:

TODO:

  1. Getting anon-connection-wizard into menu so that user can start it through the menu. Currently, it can be start using sudo anon-connection-wizard, but it is not good in terms of usability.

I guess you can copy/learn from whonix-setup-wizard.

  1. Document anon-connection-wizard in Whonix Wiki.

Yeah.

And somehow sorting out whonix-setup-wizard vs anon-connection-wizard as
discussed earlier.

1 Like

UX related Tor ticket:

1 Like

Thank you very much for your instructions, @Patrick !

Done:

I am not sure if I can do this myself. If not, could you please help me to create an empty anon-connection-wizard Wiki page, @Patrick?

Thank you very much for your help!

1 Like

Yes, new page creation is restricted to block spam (most spam bots use new page creation).

Page created:

1 Like

Thank you very much, Patrick!

Could you please help to create a template called “Anon_Connection_Wizard” please?

Or is it possible/okay to grant me some privilege to create templates? (I can definitely do a request every time I would like to create a page, but I do not want to consume your time too much. )

1 Like

https://www.whonix.org/wiki/Template:Anon_Connection_Wizard

Sure. You’re wiki admin now. Can create any page / template. However, edits go live instantly. I wouldn’t know quickly how to combine both.

1 Like

Thank you very much, @Patrick!

I did not notice that it will not be reviewed by you if I became the admin. I will keep a record of every change I made to the wiki. And please let me know if there is anything I write that is misleading. I am more than happy to correct it!