Tor Project Merges With Tails

The Tor Project: Today the Tor Project, a global non-profit developing tools for online privacy and anonymity, and Tails, a portable operating system that uses Tor to protect users from digital surveillance, have joined forces and merged operations. Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats. In short, coming together will strengthen both organizations' ability to protect people worldwide from surveillance and censorship.

Countering the threat of global mass surveillance and censorship to a free Internet, Tor and Tails provide essential tools to help people around the world stay safe online. By joining forces, these two privacy advocates will pool their resources to focus on what matters most: ensuring that activists, journalists, other at-risk and everyday users will have access to improved digital security tools.

In late 2023, Tails approached the Tor Project with the idea of merging operations. Tails had outgrown its existing structure. Rather than expanding Tails's operational capacity on their own and putting more stress on Tails workers, merging with the Tor Project, with its larger and established operational framework, offered a solution. By joining forces, the Tails team can now focus on their core mission of maintaining and improving Tails OS, exploring more and complementary use cases while benefiting from the larger organizational structure of The Tor Project.

This solution is a natural outcome of the Tor Project and Tails' shared history of collaboration and solidarity. 15 years ago, Tails' first release was announced on a Tor mailing list, Tor and Tails developers have been collaborating closely since 2015, and more recently Tails has been a sub-grantee of Tor. For Tails, it felt obvious that if they were to approach a bigger organization with the possibility of merging, it would be the Tor Project.

So what does

[Chris Mattern]

Sonic have to say about this?

Re:

[omnichad]

I'm sure Sonic is fairly neutral about this unless they get a DMCA notice from someone running the software.

Whatever he wants.

[geekmux]

Sonic have to say about this?

Last I heard he was chillin’ on his own island near Jamaica having three-ways with Laura Croft and The Princess.

(Hey, dude collected gold rings for a fucking job. The hell did you think he was gonna do.)

Everyone should send them a few bucks

[0xG]

They save lives, and may be our last hope for real online privacy.

Re:

[gweihir]

Yes, pretty much. Also much cheaper than a VPN, that will then keep logs anyways.

Re:

[Kernel Kurtz]

Yes, pretty much. Also much cheaper than a VPN, that will then keep logs anyways.

Using Tor over a VPN together provides an extra layer of security.

https://helpdesk.privateintern... [privateint...access.com]

Re:

[gweihir]

That depends. For example, getting data for a timing-attack from a large VPN provider would be far more beneficial than trying the same thing with a mass of small ISPs. Of course, the same thing is true the other way round. In the end, you have to look at your personal situation and do appropriate risk management.

Re:

[Kernel Kurtz]

I was just suggesting using Tor to mitigate potential logging by your VPN provider if that concerns you. Whether that is better or not than just using Tor is indeed a value judgement.

Re:

[NagrothAgain]

Yes, pretty much. Also much cheaper than a VPN, that will then keep logs anyways.

Using Tor over a VPN together provides an extra layer of security. (Advertisement redacted)

All you're doing is shifting your "trust" from your ISP to the VPN provider. So if you're trying to hide from your ISP then sure, it can help out but calling it an extra layer is a somewhat misleading claim as all you're really doing is moving the point where someone can easily monitor all your traffic.

Re:Everyone should send them a few bucks

[Kernel Kurtz]

In either case your ISP will know if you are using Tor or a VPN, even if they can't read the traffic. If you don't trust your ISP encryption only solves part of your problem.

Your VPN provider can of course see all your source/destination flows, but it hides your source address from whatever endpoints you are connecting to. This is typically good enough for most people, but you do have to trust the VPN provider not to log that traffic. Using both means all your traffic to the Tor network comes from your VPN public address, and all your traffic through the VPN goes to a Tor entry node. Not much useful for anyone to log. Yeah, timing analysis is a thing if you are worried about nation states, and diminishing returns certainly do apply.

Re:

[ctilsie242]

Using a VPN provider splits data up. Normally, your ISP knows your IP address and knows who it belongs to. They also know (and have the ability to sell) the traffic logs from your IP to wherever you go. Using a VPN splits this up, where the VPN knows where you are going with traffic, but doesn't know who you are, as they only know the source IP. The ISP knows who is using an IP address, but can't tell anything about the traffic. Of course, if you get the VPN and the ISP colluding, all bets are off, but

"Edge-casing--your kids may be doing it."

[Pseudonymous Powers]

As a user who runs Tor exclusively on SurveillanceOS, a joint project of Google, Microsoft, and Amazon, I object to this unwarranted mingling of concerns.

Re:

[Pseudonymous Powers]

"...a joint project of Google, Microsoft, and Amazon"

Oh, also, the NSA, though legally I could get twenty years for mentioning that part.