Persistence preset: Tor state
See the blueprint.
Team: kurono and?
Only the part about Entry Guards is a candidate for our roadmap at the moment.
|Feature #11732: Make entry guard persistent across reboot||Confirmed||
|Related to Tails - Feature #5461: Persistence preset: Tor configuration||Confirmed|
|Related to Tails - Feature #10553: Add "Don't ask me again" option to notifications where appropriate||Confirmed||2015-11-16|
Related to Tails -
|Blocked by Tails - Feature #5774: Robust time syncing||In Progress||2015-05-17|
#28 Updated by intrigeri 2015-12-15 09:24:00
NetworkManager folks are designing something similar to solve a similar problem: https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-the-ipv6-internet/
#33 Updated by cypherpunks 2016-11-26 19:02:40
> > Wouldn’t a temporary solution be to let users have a persistent Tor state if they have Persistence enabled?
> What do you mean exactly with “persistent Tor state”? Which files do you have in mind?
As a temporary solution, there could be an option in “Configure persistent volume” to “save” Tor “settings”. Upon reboot Tails could take note of the guards in use and save them in Peristent. At the next boot, Tor would pull the guards from Persistent and use them instead whatever it was going to use.
This is roughly what I had in mind. I don’t know how viable this would be as I’m only a Tails user.
#36 Updated by cypherpunks 2017-09-11 11:46:01
I consider Tails picking a new set of guards each time it boots to be a feature. This is not the same as saying “UseGuards 0”, which picks a new first hop for each circuit - that would be crazy!
But using the same guards on different tails sessions is not actually something I want to do. If I’m at home, and then at work, and then at a cafe, I don’t want to be connecting to the same guards in each place. This makes it easy for a passive adversary at the local ISP to link all of my sessions together!
There is a years old Tor Trac ticket about this problem which I just re-opened: https://trac.torproject.org/projects/tor/ticket/10969
It links to two different projects meant to mitigate this issue by having different state files for different locations. But the easiest way to avoid this linkability problem today is to simply use tails - unless this ticket is implemented! So, please reconsider. Thanks!