Project

General

Profile

Feature #5462

Persistence preset: Tor state

Added by Tails over 4 years ago. Updated 2 months ago.

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Persistence
Target version:
Start date:
08/26/2016
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
Research

Description

See the blueprint.

Team: segfault, anonym (reviewer), sycamoreone

Only the part about Entry Guards is on our 2018 roadmap.


Subtasks

Feature #11732: Make guard nodes stable across rebootConfirmed


Related issues

Related to Tails - Feature #5461: Persistence preset: Tor configuration Confirmed
Related to Tails - Feature #10553: Add "Don't ask me again" option to notifications where appropriate Confirmed 11/16/2015
Related to Tails - Bug #11070: Easy import/export of state file. Rejected 02/07/2016
Blocked by Tails - Feature #5774: Robust time syncing In Progress 05/17/2015

History

#1 Updated by intrigeri about 4 years ago

  • Category set to Persistence
  • Starter set to No

#2 Updated by Anonymous almost 4 years ago

(removed spam)

#3 Updated by Anonymous almost 4 years ago

(removed spam)

#4 Updated by intrigeri almost 4 years ago

  • Description updated (diff)

#5 Updated by Anonymous almost 4 years ago

(removed spam)

#6 Updated by Anonymous almost 4 years ago

(removed spam)

#7 Updated by Anonymous almost 4 years ago

(removed spam)

#8 Updated by BitingBird over 3 years ago

  • Subject changed from persistence preset - tor to Persistence preset - tor

#9 Updated by intrigeri over 3 years ago

  • Subject changed from Persistence preset - tor to Persistence preset - Tor state

#10 Updated by intrigeri over 3 years ago

  • Description updated (diff)

#11 Updated by sajolida almost 3 years ago

#12 Updated by BitingBird over 2 years ago

  • Subject changed from Persistence preset - Tor state to Persistence preset: Tor state

#13 Updated by intrigeri over 2 years ago

#14 Updated by anonym over 2 years ago

I had a look at the tools solving the "Persistent entry guards vs. mobile users" problem:

Subgraph's torshiftchange

[... moved to the blueprint ...]

tordyguards

[... moved to the blueprint ...]

What to do?

[... moved to the blueprint ...]

#15 Updated by intrigeri over 2 years ago

#16 Updated by intrigeri over 2 years ago

#17 Updated by intrigeri over 2 years ago

#18 Updated by intrigeri over 2 years ago

  • Blueprint set to https://tails.boum.org/blueprint/persistent_Tor_state/

#19 Updated by intrigeri over 2 years ago

  • Type of work changed from Code to Research

#20 Updated by intrigeri over 2 years ago

  • Description updated (diff)

(Moved description to the blueprint.)

#21 Updated by intrigeri over 2 years ago

  • Status changed from Confirmed to In Progress

#22 Updated by intrigeri over 2 years ago

#23 Updated by sajolida over 2 years ago

  • Description updated (diff)
  • Assignee set to intrigeri

#24 Updated by sajolida over 2 years ago

  • Target version changed from Hardening_M1 to 2017

#25 Updated by sajolida about 2 years ago

Blueprint is mentioning "Do not ask me again", so adding a relation with #10553.

#26 Updated by intrigeri almost 2 years ago

  • Related to Feature #10553: Add "Don't ask me again" option to notifications where appropriate added

#27 Updated by intrigeri almost 2 years ago

sajolida wrote:

Blueprint is mentioning "Do not ask me again", so adding a relation with #10553.

I just did it.

#28 Updated by intrigeri almost 2 years ago

NetworkManager folks are designing something similar to solve a similar problem: https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-the-ipv6-internet/

#29 Updated by sajolida almost 2 years ago

  • Related to Bug #11070: Easy import/export of state file. added

#30 Updated by Dr_Whax over 1 year ago

  • Description updated (diff)
  • Status changed from In Progress to Confirmed
  • Assignee changed from intrigeri to segfault

#31 Updated by cypherpunks about 1 year ago

Tails wrote:

See the blueprint.

Team: segfault, anonym, sycamoreone

Wouldn't a temporary solution be to let users have a persistent Tor state if they have Persistence enabled?

#32 Updated by intrigeri about 1 year ago

Wouldn't a temporary solution be to let users have a persistent Tor state if they have Persistence enabled?

What do you mean exactly with "persistent Tor state"? Which files do you have in mind?

#33 Updated by cypherpunks about 1 year ago

intrigeri wrote:

Wouldn't a temporary solution be to let users have a persistent Tor state if they have Persistence enabled?

What do you mean exactly with "persistent Tor state"? Which files do you have in mind?

As a temporary solution, there could be an option in "Configure persistent volume" to "save" Tor "settings". Upon reboot Tails could take note of the guards in use and save them in Peristent. At the next boot, Tor would pull the guards from Persistent and use them instead whatever it was going to use.

This is roughly what I had in mind. I don't know how viable this would be as I'm only a Tails user.

#34 Updated by cypherpunks about 1 year ago

Persistent Tor State (file) keeps users from controlling Tor.

Tails restricts control of the file system, most notably, /tor.

Why are these projects colluding to control the user?

https://cpunks.org

#35 Updated by BitingBird 4 months ago

  • Description updated (diff)
  • Target version changed from 2017 to 2018

#36 Updated by cypherpunks 3 months ago

I consider Tails picking a new set of guards each time it boots to be a feature. This is not the same as saying "UseGuards 0", which picks a new first hop for each circuit - that would be crazy!

But using the same guards on different tails sessions is not actually something I want to do. If I'm at home, and then at work, and then at a cafe, I don't want to be connecting to the same guards in each place. This makes it easy for a passive adversary at the local ISP to link all of my sessions together!

There is a years old Tor Trac ticket about this problem which I just re-opened: https://trac.torproject.org/projects/tor/ticket/10969

It links to two different projects meant to mitigate this issue by having different state files for different locations. But the easiest way to avoid this linkability problem today is to simply use tails - unless this ticket is implemented! So, please reconsider. Thanks!

#37 Updated by intrigeri 2 months ago

  • Description updated (diff)

Also available in: Atom PDF