[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

all ur base r torify


#1

question

what makes more sense.

change rpc-policy to sys-whonix-14 - install qubes with whonix update options - onionize update addresses…

or

install apt-transfer-tor on all template - onionize

or do i miss something?


#2

and whonix suggest not modifying whonix templates/appvm

i think erasing apps not used is better than ‘looking like everyone else’

in case of fingerprinting.

any good article on what kind of information fingerprint gathering has?


#3

The Security Guide already covers all this.

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Security_Guide#Onionizing_Repositories

For Whonix 14:

  • Whonix & Debian updates already prefer onions.

  • Manual steps are required as per the guide if you want to ‘onionize’ Qubes dom0 updates, updates for standard Debian templates i.e. Debian8 and Debian9, and Tor Project updates.

  • No onion available for Fedora, because they’re not forward thinking like Debian. Apparently it hasn’t occurred to them that onions are far better than http connections with a gpg check, even though it would take minimal effort by their engineering team.

For Whonix 13:

  • You have to ‘onionize’ everything manually as per the Security Guide.

For fingerprinting issues, see detailed information at these wiki sources:

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Comparison_with_Others#Fingerprint

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Fingerprint

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Protocol-Leak-Protection_and_Fingerprinting-Protection


#4

thank you for the links. I will look at those.

yes, I have read all of that on whonix documents. apt-transport-tor was confusing. i have installed apt-transport-tor on all debian templates.

my thought is to use apt-transport-tor with ‘tor+http/s://’ and not route through sys-whonix to gain better stream isolation. from what i read, apt-transport-tor does not need whonix and whonix already uses apt-transport-tor.

so using apt-transport-tor not with sys-whonix would route debian very differently, maybe. or maybe not.