On Thu, 1 Sep 2022 17:35:57 +0000 Gottfried wrote: > Hi Denis, Hi, > The best would be to run Guix System and to use Tor browser in it, if > needed. It probably can be done somehow, as there are external repositories for installing nonfree software on top of Guix, and so there are already known methods for installing software without modifying it much. So maybe it could be adapted to the tor-browser, and somehow generate an FSDG compliant version of the tor-browser out of it by removing or changing the text that refers to the nonfree addons repository ("Get extensions and themes on addons.mozilla.org"). Before it was harder as the addons repository was more tightly integrated into the tor-browser so the risk of removing the anonymity was bigger. In the past, I've looked for tor-browser unofficial packages for Guix but I didn't find people who did the work, but maybe I missed it. Sadly I don't have nor the time nor the knowledge to do a work like that. > So in my case: > to use the Tor browser itself, as far as I understand it right now > would be to use a virtual machine software and in it to install Tails. > Is that possible? Yes, that might be the easiest way to get it working on your computer. > Because then Tails has already safety measures and hopefully Guix is > going to develope in future something to use the Tor browser somehow. In the case of either Tails or the tor-browser, people typically use the latest version, and there are 3 security levels in the Tor-browser so we end up with about 6 identifiable configurations. This is because Tails adds some add blocker to their version of the Tor Browser, and add-blockers can be distinguished. So you've got 2 possibility, multiplied by the 3 security levels. And with many users, a lot of people are in each of these 6 identifiable configurations, so it's not possible to easily identify people. The issue is that Guix requires the Guix official packages to be built from Guix. That would require the tor-browser to be built within Guix, and if for some reason there is a way to differentiate the Guix tor-browser and that not enough people use it, then the anonymity it is supposed to provide is gone. And the fact that Guix has updates all the time could potentially make that even worse as users could be scattered around a lot of different build versions. So it might actually be safer to not try to add a tor-browser package directly in Guix but either to do it outside of Guix (like in an external repository/channel) or package in Guix something like a tor-browser installer/launcher that downloads and patches the tor-browser for FSDG compliance, and does some setup to be able to run that in Guix. Another option would be to somehow convince the tor-project to package the tor-browser in Guix and use a specific Guix revision to do the official releases. But that would probably require someone with a lot of time and/or funding to do that work, and that would also require the tor-project to have more funding to be able to spend time to actually review that work. Denis.