Jacob Appelbaum: > adrelanos: >>> >>> We already fail this test, no? >> >> Not necessarily. This is a difficult question. >> > > Tor does not hide that you are using Tor
Yes, but... While making this point up, I saw pluggable transports as a tool which can be thrown into the mix and make this a non-issue. (In theory obfsproxy and alike tools can hide the fact that someone is using Tor, which will be required against trying-hard-censurers so or so. This assumes, that pluggable transports will win the arms race against censors.) > and using Tails or Whonix is an > example of a system only emitting Tor traffic. The plan is... Whonix: When using VMs (as most people do), there is still a host operating system people start first - so there is not only Tor traffic. Tor usage can be hidden by using pluggable transports. Tails: When this becomes an issue, there are two workarounds: - running Tails in a VM (naturally requires starting a non-Tails os beforehand) using pluggable transports to hide Tor usage - booting a second computer with a non-Tails operating system behind the same router, wait a bit, run Tails using pluggable transports to hide Tor usage And one possible fix: boot the amnesic system, simulate "this is Debian" (or other mainstream distro) by running it untorified in chroot or in a VM; fire up Tor using pluggable transports to hide Tor usage. The point I wanted to make is, I can very well imagine, not to fail this test, i.e. pretending to be a mainstream distribution, having non-Tor traffic and obfuscating Tor traffic using pluggable transports. Perhaps it can be prevented, that tlsdate introduces new operating system fingerprinting possibilities for ISPs. > It depends on your threat > model but generally, we'd just making up "someone could" as a network > distinguisher. Yes. > I assert that someone could watch - see no traffic except > encrypted traffic, decide it is Tor and then decide you're running Tails > or Whonix. I tried to picture solutions to that above. <snipped the rest, where I can't answer> _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev