daveyOsborn

What I am after may not exist. Tails without a clearnet browser would be close. It would be ideal if the platform were clearnet-free out of the box. Even better: clearnet incapable.

If I would uninstall the clearnet browser, that would be a deliberate act on my part to have a broken clearnet. It would be indefensible. The idea is to most faithfully play dumb when fighting public administrations who block tor.

I like where your head is at but this feels like an impossible stretch. If you have the technical knowledge to run Tails, you aren’t being blocked.

It’s perhaps more complex than you realise. There are several facets to this with a broad range of effects, which is not necessarily just a Tor-acceptance problem.

Tor-blocking sites do not have the decency to so much as state /why/ they have blocked you. They either send a generic “403 forbidden”, or they drop packets and it times out, or you get a broken CAPTCHA. In the latter two cases you can’t even be sure Tor is the issue. They do not treat visitors with dignity. So playing dumb when facing them is a good policy. E.g. “I could not pay my taxes on time because I get this screen:…” then go boomer on them and send a camera pic of a timed out connection. If they take some time to investigate and chase their tails a bit, that’s already a win to some extent, in some situations. We want to penalise them for not even having the decency of transparency.

It’d be like shutting off your water, locking the mechanical room, and suing your landlord

Hence why Qubes is not ideal. But if there is an OS that simply excludes clearnet, I might say (when pressed): “my friend gave me this laptop.. said it was safer than Windows”¹. But the conversation never goes that far.

The baby step micro-goal is just to get a bit of due transparency and dignity. Not “403 Forbidden” but rather “We’re sorry, we detect you are using Tor and we do not have the competency to secure against Tor users”, or “we need to track you, thus cannot accept traffic from Tor or VPNs”.

¹ Note that this scenario is becoming increasingly realistic. A local group of volunteers offers gratis advice and support for digital self-defense. Some people walk away with Tails and only a superficial idea of what they have.

thanks for pointing that out. I’ll have take look at their most recent version then.

Tails worked on clearnet, last time I used it. It gave a choice between tor browser or a clearnet browser.

So the question is, does Russia really have a hard time getting spies in? Or is it more of a matter of saving money on the travel effort and letting a couple local kids be the fall guys? Because the recruitment itself has some risk. Netherlands probably needs some counter spies posing as kids looking to be recruited.

I’ve been using JSignPDF for this by running:

java -jar jsignpdf-1.6.1/JSignPdf.jar

The tool you link looks quite a bit more comprehensive and user friendly. I think w/JSignPDF it just does the task of signing. You still need to generate SSL certs. I’ve not tried docuseal but looks like it tries to be foolproof.