Any help you can offer would be gratefully appreciated.
Lahana nodes don't talk to each other and people should set stronger passwords and secrets (although I think I'll set a more secure default).
Part of the advantage is that this will work with pretty much any VPN client and doesn't need Tor installing locally. It's also incredibly easy for an end user to connect to. The problem at the moment isn't that people are being identified in Turkey, the problem is that some people are seeing things blocked. This has actually gone on for a while with stupid things like Youtube being blocked.
Lahana doesn't give you secrecy, it just (in theory) makes it harder to track back from the far end (by using tor), provides direct access to tor without needing to install anything and (hopefully) lets you bypass filtering.
I would not recommend Lahana for anyone where being identified could cause serious harm. But I do welcome any ideas/help on trying to make Lahana better.
I think browser fingerprinting might be more of a theoretical threat, and don't know if it has ever been successfully used so it may not be worth your concern.
Keep in mind that using Torbutton (and https everywhere as you recommended) is currently possible only on the desktop version of firefox.
I haven't been following Turkey news related to tor but if you look at https://metrics.torproject.org/users.html?graph=direct-users... it doesn't seem like Tor is being blocked
Anyways good luck with this
Lahana doesn't implement secrecy because it wasn't a design requirement. It solves a different problem and uses Tor to do that, albeit in a manner associated with 24 hours and some ductape rather than years of NSA and DARPA funding. If you have any suggestions for implementing secrecy while maintaining the ease of use aspect I'd love to hear them. Heck, even documenting all the risks you see with it at the moment would be useful as it would help people make more informed decisions.
I've seen mixed reports about tor being blocked or possibly not, which is part of the reason for the VPN. Thanks for the feedback though and I agree that for many cases Tor is a better solution while it remains directly accessible, especially if secrecy is a requirement.
Not quite true.
While Tor can't be used for all traffic, there are Tor apps -- OnionBrowser works quite well; I just tried it.
VPN -> TOR = DANGER,
TOR -> VPN = PROBABLY_OK
> The danger here is that the person running the lahana node can read all your traffic after it is decrypted for them.
So if I understand this correctly, if you're in a country with a government that monitors traffic and you connect to a malicious public lahana node that monitors traffic, run by the same government then your traffic is compromised?
But if you run your own lahana node, then it's not (excluding questions about whether or not Amazon have the ability to go into a node for example)?
Sorry if it sounds like I'm being daft I'm just trying to understand the specifics here, so I can figure out ways to address them (if they fall within the scope of lahana, vs traditional Tor uses).
I cannot recommend either, but I would note that in your link they do seem to state 'Anyway, not so many people seem to do use a tunnel before they connect to Tor, therefore it's not so well tested, do not rely on it too much.'. So I'd be wary of their advice for anything you need to bet your life on.
There's a guide for iOS users, I haven't got round to posting a guide for Windows and Mac OSX yet.
 - http://lahana.dreamcats.org/ios-howto/
 - http://www.reddit.com/r/lahananodes/
The reason for using tor is to make it so the source is not directly identifiable to surveillance tools unless the user uses the connection insecurely (e.g. runs bittorrent or has browser leaks). There is the added bonus of being able to access tor without having to install anything on your device.
Tor bridges are fantastic, but for people on mobile devices that don't run android or aren't jailbroken this isn't an option. Lahana opens this up to people running unjailbroken iOS, Blackberry and Windows Phone.