this post was submitted on 04 Feb 2026
9 points (84.6% liked)

Linux

4243 readers
19 users here now

founded 3 years ago
MODERATORS
Niemand@sopuli.xyz
Moxvallix@sopuli.xyz
MentalEdge@sopuli.xyz
Zelaf@sopuli.xyz
9
Does there exist a clearnet-incapable OS? (infosec.pub)
submitted 1 day ago by daveyOsborn@infosec.pub to c/linux@sopuli.xyz
4 comments fedilink hide all child comments
 

cross-posted from: https://infosec.pub/post/41531898

I need this for political/activist purposes. When a public service blocks Tor, I want to be able to say that the public service marginalises/disservices ppl on some platforms.

My first thought was Qubes OS, because it can be setup as a Tor-only platform. The flaw of course is that users can configure it either way. So the public service would argue that it was the user’s choice to configure it to not use clearnet. If an OS were to operate purely on anonymous networks with no direct clearnet access, this would have some niche applications for activism.

you are viewing a single comment's thread
view the rest of the comments
[–] daveyOsborn@infosec.pub 1 points 1 day ago* (last edited 1 day ago)

I like where your head is at but this feels like an impossible stretch. If you have the technical knowledge to run Tails, you aren’t being blocked.

It’s perhaps more complex than you realise. There are several facets to this with a broad range of effects, which is not necessarily just a Tor-acceptance problem.

Tor-blocking sites do not have the decency to so much as state /why/ they have blocked you. They either send a generic “403 forbidden”, or they drop packets and it times out, or you get a broken CAPTCHA. In the latter two cases you can’t even be sure Tor is the issue. They do not treat visitors with dignity. So playing dumb when facing them is a good policy. E.g. “I could not pay my taxes on time because I get this screen:…” then go boomer on them and send a camera pic of a timed out connection. If they take some time to investigate and chase their tails a bit, that’s already a win to some extent, in some situations. We want to penalise them for not even having the decency of transparency.

It’d be like shutting off your water, locking the mechanical room, and suing your landlord

Hence why Qubes is not ideal. But if there is an OS that simply excludes clearnet, I might say (when pressed): “my friend gave me this laptop.. said it was safer than Windows”¹. But the conversation never goes that far.

The baby step micro-goal is just to get a bit of due transparency and dignity. Not “403 Forbidden” but rather “We’re sorry, we detect you are using Tor and we do not have the competency to secure against Tor users”, or “we need to track you, thus cannot accept traffic from Tor or VPNs”.

¹ Note that this scenario is becoming increasingly realistic. A local group of volunteers offers gratis advice and support for digital self-defense. Some people walk away with Tails and only a superficial idea of what they have.