i find this quite lazy, a 6-year-old quote from Appelbaum is your proof that pluggable transports are useless
obviously there exists a wide spectrum of adversaries and adversary capacities, some can block some pluggable transports, some canât. the idea is to make that work as difficult as possible for them. a nice overview of the different pluggable transport approaches is here:
pluggabletransports.info/transports
it continues to be an active field of research and implementation, you can follow along at that website.
in addition, from the perspective of hiding Whonix use (as currently distinct from Debian, Tails, etc), as has been mentioned in this thread, you could continue to decompose Whonix into Debian-based packages, having all Whonix packages be maintained within Debian repos.
also helpful towards reducing network fingerprinting of Whonix users were the previous efforts to have a shared Tor Browser user profile across Whonix, Tails, Tor Browser.
i find this quite lazy, a 6-year-old quote from Appelbaum is your proof that pluggable transports are useless
Other reasons where states here too.
obviously there exists a wide spectrum of adversaries and adversary capacities, some can block some pluggable transports, some canât. the idea is to make that work as difficult as possible for them. a nice overview of the different pluggable transport approaches is here:
Blocking vs non-blocking is besides the point since that is
circumvention. âcircumventionâ meaning âjust make it work, itâs ok if
someone finds out I used Tor laterâ. That use case is much easier to
keep supporting.
This is about hiding Tor, i.e. âmake it work and make sure no one will
ever find out I used Torâ. Due to very realistic assumptions such as
extended logging of traffic, progress in pluggable transport detection
and retroactive policing it is a very bad idea to try to circumvent Tor
which may even be possible at the time when later (lets say weeks,
months or years) detection is still a personal risk.
in addition, from the perspective of hiding Whonix use (as currently distinct from Debian, Tails, etc), as has been mentioned in this thread, you could continue to decompose Whonix into Debian-based packages,
All of Whonix is available as Debian packages for years.
âŚyou can imagine how much users of Linux stand out in countries where
use of Tor is not only blocked but deemed dangerous.
Solution? [1] Debian or any Linux going mainstream on the desktop and
[2] producing lots of Tor traffic by default. I see neither [1] nor [2]
coming.
also helpful towards reducing network fingerprinting of Whonix users were the previous efforts to have a shared Tor Browser user profile across Whonix, Tails, Tor Browser.
Whonix uses the same Tor Browser profile as Tor Browser, in other words
unmodified. What Tails is doing is up to Tails. Theyâve been criticized
for their custom profile by others. Arguments were made. I donât think I
could talk them out of it.
However, Tor Browser fingerprint matters at the end of the connection,
i.e. at the destination server. ISPs wonât be able to differentiate
Whonix, Tails, Tor Browser at the ISP level (unless something is very
wrong).
I have read on this site that âhiding TOR/whonix is difficult beyond practicalityâ, Is that really true? arenât pluggable transports meant to hide the fact that you are using TOR in countries where it is illegal? I even remember something about some pluggable transports that disguises your traffic as a"normal" traffic to some website.
Can the government/ISP see all the TOR users all the time?
Edit: Hi underdog, Welcome to the Whonix Community!
They provide circumvention. Not hiding. Circumvention might work. Hiding is what people like to interpret into it. Social communication issue.
Again, circumvention, not hiding.
Even if they donât - itâs likely that all traffic is being logged permanently. Even if not detectable now, traffic can be reanalyzed again and again and a later more sophisticated analyser might detect it later on. Hiding failed.
Try to find a technical argument, developer of a pluggable transport, or other expert whoâs pressed on the circumvention vs hiding question, who states it is for hiding.
Itâs not about truth or certainty but with the information available this was the conclusion.
