I stumbled upon the wiki entry for Lantern and did some digging. The wiki recommends it as a censorship circumvention tool but there should be a huge warning for using Lantern. This is so dodgy.
There is no documentation at all. The only stuff I could find is them saying it unblocks websites which doesn’t document how at all. They link to a Developer FAQ which is empty. There is an old version but the commits say this is extremely outdated.
Their github repo has thousands of stars and forks (even though it seems to be a small project) from what seems to be bot accounts as a lot have no activity whatsoever.
Their github account has hundreds of repos completely irrelevant to lantern.
Their privacy policy basically admits it is spyware. They log your IP, websites you visit, device IDs, files you have on your computer and much more.
They also link to a forum which doesn’t even exist.
So, let’s break this down. First off, I work on Lantern. You think that because Lantern’s web sites have lots of Chinese text, that means its dodgy right? Quick question: what’s the biggest censoring country in the world? Which country is the most sophisticated at censoring? The answer to both questions is China. People in China speak Chinese. If you see a “censorship circumvention” tool that does not have lots of Chinese text that means either:
It’s not big enough to have reached China – aka its likely irrelevant
It doesn’t work in China
Both are common and quite likely. TLDR, a censorship circumvention tool having lots of Chinese text should be a prerequisite for you thinking that it might actually work.
You must be getting that from this section of the privacy policy that says the exact opposite:
“We also never store connection logs, meaning no logs of your IP address, your
outgoing Lantern server IP address associated with the connection timestamp, or session
duration.”
Apologise if this is too out of hand for this topic but I am faintly aware of Lantern. Could perhaps read more some-day and respond with better questions.
Understood if you do not want to discuss specifics but how well does it work as a transport behind GFW as of recent?
The Whonix docs on this are quite outdated…as the updated Wiki page also states (and I’ve verified this in their current privacy policy) they say they’re not collecting those various personal data. Also, the developer FAQ isn’t empty, but is only available in Chinese, which is understandable, as this seems to be a project by Chinese people and primarily used by Chinese people due to the massive censorship in China. The lack of documentation (besides the very broad descriptions in its FAQ) is likely to make it harder to censor, though I agree that this makes it less trustworthy.
The numerous stars and forks are likely from Chinese people, of which there’s ~1.5 billion, all of whom are either under massive censorship or aware of it, so that’s not surprising, either.
In short, I think the Whonix wiki should at least reflect the more recent info regarding its privacy policy and better yet clean up that section more thoroughly, because it really doesn’t seem adequate.
Edit: I’ve submitted an updated version to the Whonix Wiki now.