Deploying a self-contained Anon-OneVM looks close because:
Whonix-Gateway’s own traffic has always been torified. I expect it’s doable effort to think and code it through more to make it into a secure, anonymous Anon-OneVM .
On the other hand, deploying a self-contained Anon-OneVM is unlikely because:
would require rebranding so it won’t get confused with Whonix
would require a separate project page distinct from the Whonix brand to avoid generating confusion (separate project, separate website, wiki, issue tracker, forum?)
lack of time
Deploying a plain Debian-OneVM has still faint hope:
doesn’t require much added maintenance burden
would probably just a project page on some project hosting website (gitlab or something)
low support project: only answering to good bug reports and pull requests, otherwise not giving support
So in contrast to the linked OneVM setup torification will be done on the VM and not on the host? Imho usecases boil down to people with older computers and mostly to something like low RAM. The number of those people will decrease over time and without GUI you can run the gateway with quite low RAM. So it would be a difference of 256-512 MB RAM for OneVM vs the current setup. I’m not sure if it will make much of a difference CPU wise. Most posts here where something lagged were due to RAM. If it is only one VM then only one can break. But then you need to maintain it in addition to the other ones and the security is not much different from Tails.
So in contrast to the linked OneVM setup torification will be done on the VM and not on the host?
Yes.
Imho usecases boil down to people with older computers and mostly to something like low RAM.
Yes, and better usability.
If it is only one VM then only one can break. But then you need to maintain in addition to the other ones and the security is not much different from Tails.
Regarding usability. This is certainly true. Still there should be some warning that this setup is the less secure option + maybe give some hints about hardening the host. Maybe something like installing/enabling corridor on the host when using OneVM. The question, which you can probably answer best, is also how feature complete the gateway or workstation should be. I.e. install torbrowser and maybe IRC and other programs on the gateway. Or make torification directly on the Workstation. Not sure how much work this actually would be. Maybe as simple as installing the gw firewall package + timesync + connection wizard?
Only a safety net. And if that project was to prioritize usability over security/anonymity, then don’t mention difficult things like corridor.
Otherwise it would be feature complete, Tor Browser, IRC, all.
Recommendation that there is a more secure project makes sense.
An interesting idea. (Wouldn’t be called workstation anymore.) Development effort could be smaller. The code delta might also be smaller that way. Hard to foresee development effort either way.
If such a project is indeed doable with minimal effort then it would be worth it to attract more users. I imagine a modified WS would be least path to resistance than modifying GW.
I don’t believe that a separate project page/brand is warranted. A clear disclaimer on the download page and a self evident name is enough.
There is also another potential project our packages are good for. A hardened vanilla Debian guest that is VM friendly with a TBB version that can use the clearnet. IMO such a project may have traction in the enterprise world.
Naming:
UniStation or Whonix Omni
For vanilla project: ClearnetVM
DebianVM - Would cause confusion between plain Debian and Whonix enhancements. Ideally our changes would become default upstream at some point but until then we need a name that differentiates.
Hardened Debian - Would imply that default Debian is not secure which is not true because we chose it for our base because its great sec policies. Even though Debian don’t have absurd trademark rules like Ubuntu, its still a good idea to emphasize our Distro name in our spins until we become an official Debian project (if ever) - in that hypothetical case it becomes Debian-Whonix GW…
A fair point. We do go well beyond the default and at least for a first time install there are a lot of knobs to be turned for a default Debian. I could really do without having to do this - this project would be perfect. Will you support physical hardware for host installs if this picks up?
OK so it’s been attempted before but these guys’ effort has since been abandoned. I like the Hardened Debian name now but I recommend asking upstream first if it’s OK just to be absolutely sure we don’t run into any problems down the road. Might give us some publicity too.
This was created due to a professional support request. The future of it is uncertain. It’s brand new. Leak testing is done but it needs more testing generally.
UniStation - A Tor TransparentProxy with only One Machine