Was this post AI generated?
Yes.
Indeed.
Super helpful.
How’s that supposed to work? I don’t know what the suggestion to The Tor Project (TPO) would be.
TPO’s primary project seems to be TBB (Tor Browser Bundle). It’s supposed to be extracted in the user’s $HOME folder and run from there.
Add --capabilities where specifically?
I am not sure that’s the main issue. Does TPO even ship AppArmor profiles for either Tor Browser or Lyrebird?
If there was a “something” that would output --capabilities, yeah, that would be useful.
I am not sure if the transport lines such as Bridge meek_lite are so difficult and fit into a --capabilities framework. These Bridge something lines are quite simple.
The primary issue is software sources and stable maintenance. There needs a mechanism to easily, securely get stable versions of (Tor and) pluggable transports. As per:
Whonix sources most of it’s software packages from packages.debian.org. Then these can be installed simply using proverbial apt install pkg-name. Debian does a good job of keeping these packages stable and functional within a release. (Stability is a related project goal. [1])
C-Tor is available from deb.torproject.org. [2]
(Arti [3] is not yet last time I checked.)
Pluggable transports such as Lyrebird are available neither from deb.torproject.org nor from packages.debian.org for the release suite Whonix is currently based on at the time of writing (Debian trixie).
So what could be contributed upstream in TPO and/or Debian is pluggable transports packages as Debian packages for trixie. (Debian is long term, unless backports or fasttrack. TPO in theory more short term.)
What could be contributed at Whonix maybe is: make TBB usable as "system Tor", so latest pluggable transports and the tor-launcher graphical user interface can be used in Whonix (as a secondary, non-default mechanism as this might be less stable).
[1]
[2]