connect to public Tor network by default / avoid Anon Connection Wizard (ACW) popup at first boot

ACW = anon-connection-wizard

Issue:
Once there is component_whonix-host there would be two ACW popups. Once on Whonix-Host to configure Tor on the host and yet another one, fully independent in Whonix-Gateway doing the same.

Reasoning:

Quote lunar:

My reasoning is that users who need to bridges or configure a proxy are likely to know. Or if they don’t know, they will know by trying to a direct connection and see it fails.

This is consistent with research Tor’s Usability for Censorship Circumvention.


For users who don’t want to connect to Tor public network the advice by Whonix documentation will be:

  • don’t enter WiFi password before setting up bridges and/or unplug LAN cable
  • use ACW to disable Tor
  • establish host internet connection
  • test host internet connection
  • start ACW to setup bridges

Ticket from Apr 15 2020 migrated from Phabricator to Discourse Forums Migration - Phabricator Tickets - Whonix Forum.

1 Like

Additional reasoning…

Also quote Hide Tor use from the Internet Service Provider

It is impossible to Hide Tor use from the internet service provider (ISP). It has been concluded this goal is difficult beyond practicality.

Our current implementation is flawed since forever anyhow:

Tor will make still certain network-related calls (like DNS lookups) even if DisableNetwork is set. Quote Tor man pagearchive.org (underline added):

DisableNetwork 0|1 When this option is set, we don’t listen for or accept any connections other than controller connections, and we close (and don’t reattempt) any outbound connections. Controllers sometimes use this option to avoid using the network until Tor is fully configured. Tor will make still certain network-related calls (like DNS lookups) as a part of its configuration process, even if DisableNetwork is set.

Removing the “Tor disabled by default” would allow to simplify Whonix source code.

https://twitter.com/Whonix/status/1732331349741289856

This has been implemented in the development version and will be part of the next point release.

2 Likes