mfc via Whonix Forum:
i find this quite lazy, a 6-year-old quote from Appelbaum is your proof that pluggable transports are useless
Other reasons where states here too.
obviously there exists a wide spectrum of adversaries and adversary capacities, some can block some pluggable transports, some canât. the idea is to make that work as difficult as possible for them. a nice overview of the different pluggable transport approaches is here:
Blocking vs non-blocking is besides the point since that is
circumvention. âcircumventionâ meaning âjust make it work, itâs ok if
someone finds out I used Tor laterâ. That use case is much easier to
keep supporting.
This is about hiding Tor, i.e. âmake it work and make sure no one will
ever find out I used Torâ. Due to very realistic assumptions such as
extended logging of traffic, progress in pluggable transport detection
and retroactive policing it is a very bad idea to try to circumvent Tor
which may even be possible at the time when later (lets say weeks,
months or years) detection is still a personal risk.
in addition, from the perspective of hiding Whonix use (as currently distinct from Debian, Tails, etc), as has been mentioned in this thread, you could continue to decompose Whonix into Debian-based packages,
All of Whonix is available as Debian packages for years.
List of packages: Whonix ¡ GitHub
âsudo apt install whonixâ is possible and done so by third parties in
the wild. References:
having all Whonix packages be maintained within Debian repos.
That would be very nice for other reasons but unfortunately very
unrealistic. Few reasons given here before:
A Debian Maintainer who stepped down explaining the challenges /
impossibilities changing Debian in human life spawns:
But even if we had that, when even readers of linuxjournal are already
called extremists in the West with relatively many Linux usersâŚ
âŚyou can imagine how much users of Linux stand out in countries where
use of Tor is not only blocked but deemed dangerous.
Solution? [1] Debian or any Linux going mainstream on the desktop and
[2] producing lots of Tor traffic by default. I see neither [1] nor [2]
coming.
also helpful towards reducing network fingerprinting of Whonix users were the previous efforts to have a shared Tor Browser user profile across Whonix, Tails, Tor Browser.
Whonix uses the same Tor Browser profile as Tor Browser, in other words
unmodified. What Tails is doing is up to Tails. Theyâve been criticized
for their custom profile by others. Arguments were made. I donât think I
could talk them out of it.
However, Tor Browser fingerprint matters at the end of the connection,
i.e. at the destination server. ISPs wonât be able to differentiate
Whonix, Tails, Tor Browser at the ISP level (unless something is very
wrong).