Whonix for VirtualBox with XFCE 14.0.0.9.6 - Release Candidate 1 - Testers Wanted!

Desktop shortcuts: just delete.

whonixcheck should show if networking is down. Probably the bug where upgrade of whonix-firewall breaks networking.

fix fail closed mechanism
https://phabricator.whonix.org/T875

telnet is a dependency of GitHub - Kicksecure/tor-ctrl: Raw use of tor's controller. The protocol is no longer recommended for remote connections but fine for use in local network. The package installed by itself does not cause any security risk. telnet does not run itself.

Not convinced, I haven’t seen any rar file for ages and no users asking about it ever.

No. Debian default. See:

vmlinux - Wikipedia

About showing DOS/Windows: ignore this level of sometimes non-nonsensical output. Too much expected perfection. Unrealistic. See:

Frequently Asked Questions - Whonix FAQ

Dependency.


Will get back to the other items later.

2 Likes

@nurmagoz:

  • Duplicate icons of Tor Browser

One of them is x-www-browser. General Linux problem. Can’t fix.

https://blog.codef00.com/2011/02/18/the-default-browser-on-linux-debacle/

1 Like

@nurmagoz

  • Hide that message or Remove Browse network icon? (not sure whats the good solution for it)

Trying to implement. If it works it will be done in new builds only.

Please review. @Algernon

1 Like

@nurmagoz:

  • Add Tor Browser as the default browser instead of debain sensible browser.

sensible-browser is not a real browser. sensible-browser is part of
Debian -- Error.

This package provides a number of small utilities which are used by
programs to sensibly select and spawn an appropriate browser, editor, or
pager.

The specific utilities included are: sensible-browser sensible-editor
sensible-pager

So when you start sensible-browser from command line, does it start
Tor Browser? If yes, then it works as expected. Then the implementation
of GitHub - Kicksecure/tb-default-browser: Configures system to use /usr/bin/torbrowser as default browser is working.

@nurmagoz:

  • Remove non-gui restart Tor (cause confusion)

Done.

1 Like

sensible-browser starts the tor browser. The kde stuff is pulled in mostly through kdesudo it seems, we already have a thread for this. Etc/UTC and UTC are the same. Thunderbird should indeed be installed on the workstation, I’d also add some kind of archive manager like xarchiver + some utils like xz, zip … on KDE there was ark for that purpose.
thunar.xml:

change network://"/ to network:///"/

1 Like

Confirmed. No change required.

Indeed.

Done.

1 Like

Fault of kdelibs. Ideally we’ll get rid of but we may or may not. Root cause is kdesudo vs gksudo. Not a security issue, just a usability issue. Discussion here:

Technical:

dpkg -S /usr/share/applications/kde4/ktelnetservice.desktop
kdelibs5-data: /usr/share/applications/kde4/ktelnetservice.desktop

dpkg -S /usr/bin/ktelnetservice 
kdelibs-bin: /usr/bin/ktelnetservice

dpkg -S /usr/share/applications/kde4/kmailservice.desktop 
kdelibs5-data: /usr/share/applications/kde4/kmailservice.desktop

Exec=kmailservice %u

dpkg -S `which kmailservice`
kdelibs-bin: /usr/bin/kmailservice
1 Like

This was also my conclusion.

Therefore this issue is considered invalid.

If you disagree please demonstrate an actual malfunction, i.e. timezone leak, timezone mismatch, default timezone gmt shown somewhere or anything similar.

1 Like

For reference here:

remove browser starter in xfce task bar
https://phabricator.whonix.org/T876


Some detail enhancements / usability fixes are doable which we can incorporate in upgrades / subsequent releases. Please create https://phabricator.whonix.org tickets for anything still missing.

Overall Whonix for VirtualBox with XFCE 14.0.0.9.6 - Release Candidate 1 seems to works well enough. Better than Whonix KDE version. Unless some major bug is found, this version can probably soon be released as stable Whonix default download.

1 Like

This was a bug. Most likely this one.

fix fail closed mechanism
https://phabricator.whonix.org/T875

Fixed after reboot most likely. Fixed in this 14.0.0.9.6 build.

In such cases next time please run whonixcheck.

1 Like

Not good argument pick on security, just because its not running doesnt mean its not risky. openssh-server doesnt run by itself but its a risk being there. actually any program or package doesnt run by itself (as assuming thats the default for almost all packages), but that doesnt mean its fine to install them by default for all users. also the real issue that telnet exist in WS & GW which give it more risky privileges on Whonix Design.

Because most of our community atm are techy linux users, and we left Windows long time ago. Thats why we dont hear about it much, although when users drag/drop or download .rar then they need to search for how to open it up. and i dont see much problems/risk of having it specially in the WorkStation.

rar is still a widely used file format and in my opinion should be supported out of the box to be more beginner-friendly.
In addition to that, I’d like to see thunar-archive-plugin installed, so thunar can handle archives. I personally would use file-roller but if you want to keep it smaller xarchiver will also work (although it’s drag&drop is kinda useless).
Thank you for switching to xfce.

Whonixcheck not one time pass --leak-tests:

This don’t look like a temporary problem, it always happened to me during tests.

Sure 14.0.0.9.6?

Sure not 14.0.0.9.4? That build had that issue.

To debug please run in workstation:

sudo ls -la /etc/resolv.conf

To fix (required for build 14.0.0.9.4 only) in workstation:

sudo apt-get install --reinstall anon-ws-dns-conf

You’re right, I was using v14.0.0.9.4. I forget it wasn’t RC1. After fix applied problem is solved.

PS1. Regarding rar, it would be good to have something out of the box to handle archives. Rar is like default goto archive format for non linux systems environment.

PS2. Thanx for ditching KDE as default interface.

PS3. Also, is this method will work for ws-gateway and user user autologin?

Due to Whonix - Overview chances are it will - feel free to try.

It did work.

1 Like