Changes

sajolida · 441d5fc8
--- a/VPN-support.md
+++ b/VPN-support.md
-
 [[_TOC_]]

+# Technical solutions that we envisioned

-# What we don't want
-
-Some users have requested support for VPNs in Tails to "improve" Tor's
-anonymity. You know, more hops must be better, right?. That's just
-incorrect -- if anything VPNs make the situation worse since they
-basically introduce either a permanent entry guard (if the VPN is set
-up before Tor) or a permanent exit node (if the VPN is accessed
-through Tor).
-
-Similarly, we don't want to support VPNs as a replacement for Tor
-since that provides terrible anonymity and hence isn't compatible with
-Tails' goal.
+## VPN before Tor (tails#17843)

-# What we might want
+Connecting to Tor using a VPN. The whole Tails system would output to the
+Internet from Tor.

-## Tails → Tor → VPN
+## Tor before VPN (tails#5858)

-Issue: tails/tails#5858
+Connecting to a VPN using Tor. The whole Tails system would output to the
+Internet from the VPN.

-### Use cases
+## VPN Browser (tails#19465)

-1. Access services that block Tor.
-2. Reach a local resource on a VPN that is not accessible in any other
-   way.
-3. Reach a VPN non-anonymously (e.g. your account is tied to you IRL)
-   while only hiding your geo-location, which may be the only thing
-   you need in some situations. (Maybe invalid since this is not part
-   of the PELD spec (yet?) AFAIK.)
+Having a browser in Tails that uses a VPN instead of Tor. The rest of Tails
+would keep using Tor only.

-### Solution
+## System VPN + Tor Browser (tails#19901)

-The easiest way to solve use case 1 (which we feel is the most
-important one for this Tor/VPN setup) is to use a SSH connection with
-the `DynamicForward` option. The newly created SOCKS port can be used to
-have a fixed outgoing IP address. We could write on how to use that in
-an "unsupported, advanced users only, may kill kittens" part of the
-documentation.
+Having an option to use a VPN instead of Tor for the whole system and keep Tor
+Browser to use Tor only.

-Note that this setup isn't relevant for I2P for the same reason that
-it's irrelevant for Tor hidden services.
+# Technical solutions that we didn't envision

-## Tails → VPN → Tor/I2P
+Some users have requested support for VPNs in Tails to improve Tor's anonymity,
+thinking that the more hops the stronger anonymity.

-Issue: tails/tails#17843
+Actually, using VPNs would make the situation worse since they introduce either
+a permanent entry guard (if the VPN is before Tor) or a permanent exit node (if
+the VPN is after Tor).

-### Use cases
+# User benefits depending on the technical solution

-1. Make it possible to use Tails at airports and other pay-for-use
-   ISPs via iodine (IP-over-DNS).
-2. Access Tor on networks where it's censored.
-3. Some ISPs require their customers to connect to them through VPNs,
-   especially PPTP. Tails is currently unusable for them out of the
-   box.
+Table of user benefits depending on the technical solution:

-### Solution
+| User benefit                   | VPN before Tor  | Tor before VPN        | VPN browser                | System VPN + Tor Browser  |
+|--------------------------------|-----------------|-----------------------|----------------------------|---------------------------|
+| Access services that block Tor | No              | Depends on VPN        | Depends on VPN             | Depends on VPN            |
+| Access private VPN services    | No              | Yes                   | Web only                   | Yes                       |
+| Use WebRTC services            | No              | ???                   | Yes                        | Yes                       |
+| Circumvent censorship          | Another PT      | Depends on VPN        | Depends on VPN             | Depends on VPN            |
+| Have strong anonymity          | Yes             | Yes, if anonymous VPN | Yes, except in VPN Browser | No, except in Tor Browser |
+| Have higher speed              | No              | No                    | Yes                        | Yes                       |
+| Can pay for quality of service | No              | No                    | Optional                   | Optional                  |
+| Hide location from VPN service | No              | Yes                   | No                         | No                        |

-Use cases 1 and 3 are worthwhile to support, and should be rather easy
-to implement.
+# Temporary conclusions from April 2023

-For all other uses of this setup (e.g. 2) we already promote bridges
-instead. Now that obfsproxy is included, it should cover all
-our needs.
+Historically, we only considered VPNs combined with Tor not to loose the strong
+anonymity of Tor by default, either "tails#17843+" or "tails#5858+".

+Over the years, we realized that the benefits of VPNs over Tor are really
+important for our users in some situations. We're now ready to consider
+providing some option to use a VPN *instead of* Tor in some cases, either as a
+"tails#19465+" or "tails#19901+".
\ No newline at end of file