Can tor project take over the whonix project or something, please?

Organization
1

Just like they did to the TailsOS project?

I’ve been a WhonixOS user for 3 years now, and I can’t help but notice that this project seems to be hanging by a thin rope. You can see constant issues coming up with the project that repeat itself like whonixos onion services being unreachable, or the whole swath of issues that came from user-sysmaint split, or to the lxqt migration (you click open download directory in tor browser and it opened using catfish for a long time) – and the worst is that it is obvious that Patrick doesn’t have the bandwidth required to listen, engage and interact with the userbase’s wishes, feedback, etc. We all noticed by now, that, the most frequent way patrick replies to your nice, courteous bug report is that a list of links to whonix os wiki that doesn’t provide any specificity to your message’s case. Not only these links like

  • self-help principle
  • solutions beyond whonix!
  • [article no 217 with 50k lines that you have to fish for your specific problem]

unhelpful, they are deeply discouraging for users to keep interacting with the whonix project.

It is also obvious that Whonix project isn’t doing well financially. There seems to be staffing problems, constant asks of donations with no clear way of monetization (for the sake of project’s posterity), which reflect to the user as the deterioriation, breakages, and a sense of apathy with the project.

So, can tor project take over the project develeopment of whonix? That would also give patrick a nice way to exit from this project, which he has done well to maintain up to now, but obvioulsy needs newer and more resourceful organization to take in the reigns.

1 Like
2

Examples of dysfunctional, and unhelpful community interactions:

  • Forum.onion unable to connect - #18 by mrxmr :: read your way to the bottom. The onion services of whonix has been dysfunctional for 14 hours now, and the best reply I get after wrangling with patrick is that “it works on my PC”.
  • Onion deb repo unreachable - #14 by mrxmr :: read your way to the bottom. Again, after a very unfruitful back and forth, the best answer I get is, “it works on my PC". Not even a verification of my report that whonix’s onion services has been down for HALF A DAY. At least verify, acknowledge the user report, dude.
1 Like
3

Theoretically, yes. Whonix is Software Fork Friendly. Which means, it’s a permission free process. Nobody needs to ask my permission to fork the project under the respective licenses.

Tails for the longest time has been a project by the Tor Project even ages before the more recent announcement.

As seen on https://2019.www.torproject.org/projects/projects.html.en (the 2019 version of Tor Project website) always listed Tails as a project by Tor Project.

You can probably go back with the web archive and the same will be true for many years before 2019.

Tor Project also donated to Tails. You might need to dig on the web archives to find references for that.

Uniting for Internet Freedom: Tor Project & Tails Join Forces | The Tor Project as I understand it is only deeper organisational integration.

Related:

1 Like
4

Possible, yes, but unlikely. The Tor Project Forum is even more neglected, and has been for years (I stopped contributing there around July 2024):

The self-help principle is the most effective approach, because that ultimately frees up developers’ resources to focus on the most important priorities in their workload.

1 Like
5

Which was dealt with, along with an explanation that the “fix” was a potential privacy liability and was thus undesirable. (Edit: It looks like the issue resurfaced, despite it still not being a problem with Whonix’s servers.)

It was a new feature that was expected to be highly disruptive, thus why an “enable unrestricted admin mode” button was added since the feature was first introduced.

To my awareness this was never a problem on non-Qubes-Whonix. On Qubes, it required writing a relatively complicated D-Bus shim in C to work around possible security issues, and required an upstream Qubes-side fix, neither of which were quick or easy to do.

These are both mine and Patrick’s most common replies to support requests that could have been self-solved or where solutions are already documented. We both engage very closely with bug reports, often fixing bugs within days when it’s easy to do. For support requests where solutions are already documented, we want to conserve our time to spend it on project development and maintenance, and repeating/rewording content already in the Wiki is not a good use of our time. We generally link to the specific section a user is supposed to read and follow when sharing wiki links.

If the Wiki content is not on par with your expectations, you’re welcome to submit edits for review. We review and give feedback on those.

Quote from the bottom of the Whonix website:

Whonix is proudly supported until 2026 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

Citation needed.

We’re an open-source project that gives away all our work for free. It is customary for such projects to request donations.

I think your expectations for the project are higher than is reasonable for even a large, commercially driven proprietary software product. I would argue Whonix’s way of dealing with bugs, even if not as fast as you would like, is much better than the way large businesses often do it, which is:

  • No clear way to report bugs
  • Feedback forms that feel like screaming into the void
  • No way to directly contact developers
  • Support teams who will just tell you to delete your temp files and try again, rather than giving specific guidance for dealing with an issue
  • Invasive telemetry gathered to determine what is and isn’t high-priority to fix
  • Little to no acknowledgement of what problems were fixed
  • Just keep using the software and pray that one day the issue is magically solved, without knowing if your report was ever seen
1 Like
6

You can see constant issues coming up with the project that repeat
itself like whonixos onion services being unreachable

Which was dealt with, along with an explanation that the “fix” was a
potential privacy liability and was thus undesirable.

Excuse me but how was it “dealt with”? Afaiu, patrick himself said he
was “waiting for the problem to go away”. How was it dealt with, again?
As I was getting onion site unreachable errors, and the debian package
repo unrechable errors, consistently, on different machines, over a span
of 12 to 15 hours, yesterday?

We all noticed by now, that, the most frequent way patrick replies to
your nice, courteous bug report is that a list of links to whonix os
wiki that doesn’t provide any specificity to your message’s case.

These are both mine and Patrick’s most common replies to support
requests that could have been self-solved or where solutions are
already documented. We both engage very closely with bug reports,
often fixing bugs within days when it’s easy to do.

(…except when the problem reports are about the onion services being
inaccessible…)

For support requests where solutions are already documented, we want
to conserve our time on project development and maintenance, and
repeating/rewording content already in the Wiki is not a good use of
our time. We generally link to the specific section a user is supposed
to read and follow when sharing wiki links.

Quote from the bottom of the Whonix website:

Whonix is proudly supported until 2026 by Power Up
Privacy, a privacy advocacy group that
seeks to supercharge privacy projects with resources so they can
complete their mission of making our world a better place. (Strictly
subject to our sponsorship
policy.)

Citation needed.

Le reddit answer. I am doomed. How come I ever forget that I should
let go of my direct experience with the project and instead should’ve
brought up and relied on sources cited on technical papers with
respected publishers (like /Reddit/, I guess).

How about an effort to setting up a uptime watcher for your onion
services so that I don’t constantly get under the gaslighting attempts
from you guys saying, “it just worked right now,” or, “it le werks on my
computer bro :^)” ? Would that be your “citation needed” for settling
the dispute about whether your onion services “work right now (bro)” or
not?