apt-transport-tor is a package that allows host operating systems or non-Whonix-Workstation VMs that are not behind a torifying gateway (like Whonix-Gateway) to torify their apt-get traffic for individual repositories.
With non-Whonix systems in mind, for security reasons apt-get blocks clearnet connections to
.onion domains by default. apt-get developers want to protect users from accidentally trying to use
.onion repositories without using Tor. Otherwise, a rouge DNS server could redirect users to a false domain and trick them into thinking they are using Tor when they are not.
- For instance it reports if the .onion address is too long or short, and will use different circuits for different sources.
- apt-transport-tor will not result in Tor over Tor scenarios due to built-in Whonix settings preventing this.