Demi Marie Obenour:
> On Sat, May 13, 2023 at 10:57:00AM +0000, Qubes OS Users Mailing List wrote:
>> Andrew David Wong:
>>> On 5/12/23 4:31 AM, 'taran1s' via qubes-users wrote:
>>>> If anon-whonix AppVM is set to use mullvad-VPN that is connected to sys-whonix it doesn't connect to internet. If one uses Debian or Fedora based AppVM and runs vanilla Firefox, it works like a breeze.
>>>>
>>>> Any ideas how to solve this?
>>>>
>>>
>>> I think that's by design. Whonix does that to protect you from accidentally compromising your own privacy.
>
The answer below was meant to you David. I misidentified Patrick as the
author of the answer.
>
>> Thank you for the answer Patrick. It is possible. The question is how does
>> one use VPN over Tor in this case with Torbrowser that doesn't compromise
>> the privacy (see the use case below please).
>> The use case is to connect to a service like Twitter that is not Tor
>> friendly from a static non-tor IP address (VPN), but at the same time hide
>> my real IP address from the VPN provider by using Tor before I connect to
>> the VPN.
>
>> Some services, like Twitter even if they have onion site keep forcing me to
>> reset password periodically, reminding me that there is a suspicious
>> behavior (just by connecting from Tor, not even posting anything) in an
>> endless loop.
>
>> I would like to use the anon-whonix-twitter AppVM Torbrowser specifically
>> for connection to that particular account only and nothing else, no other
>> apps or even websites ever used in that anon-whonix-twitter AppVM.
>
>> Do you have any advice how to enable Torbrowser in the anon-whonix-twitter
>> to work in the VPN over Tor scenario?
>
> I would use the onion service and deal with the Twitter-side brokenness.
So you would propose to drop the VPN entirely from the equation, use
twitter's onion service and just use normal sys-whonix networking in the
anon-whonix-twitter AppVM.
The issue I face is not much of a laziness to deal with the annoyance
but with the requests for additional, looped identity checks like sms (I
can deal with that from time to time, but not always), continuous
password changes and similar craziness. They want to "protect me", omg.
I have set the 2FA but still the same.
Funny part is that one even doesn't need to have any activity on the
account that could be suspicious, because there is no activity at all.
The issue is purely the fact of connection through their own onion
service. Which would be funny if it wasn't sad.
Are there any significant drawbacks to use Torbrowser in the VPN over
Tor scenario? Just in case they lock me out or something., for my
protection of course.