In the interest of added security, I followed the instructions in the Advanced Security Guide to disable CPFP. I did the “ps aux” check and it looked o.k… Also, as I see Whonixcheck on Workstation stopped performing the Tor bootstrap test, as expected.
Now that I’ve disabled CPFP, the Advanced Security Guide says “You will receive helpful notifications when Tor is not fully bootstrapped anymore by multiple tools that come with Whonix”. My question is what are the “tools” that will send those notices? Also, when I’m using Tor in Workstation, is there anything I can see with my own eyes that would indicate a problem with bootstrapping (i.e. some kind of visible indication)?
Now that I've disabled CPFP, the Advanced Security Guide says "You will receive helpful notifications when Tor is not fully bootstrapped anymore by multiple tools that come with Whonix". My question is what are the "tools" that will send those notices?
I fixed that sentence:
Also, when I'm using Tor in Workstation, is there anything I can see with my own eyes that would indicate a problem with bootstrapping (i.e. some kind of visible indication)?
You're not supposed to use Tor in the Workstation.
If you mean Tor Browser, don’t just write “Tor”. And no, you cannot. It either works (connections possible) or not.
Are you sure you know that “Tor bootstrap” refers to? A bulky, technical term perhaps. It’s “Tor connecting xx percent…”, “Tor not connected”, “Tor connected”. That’s all. It’s not about “secure”, “not secure”, “anonymous”, “not anonymous”. Not knowing the bootstrap status lead to less usability. I don’t see how it relates to security.
You’ll find out that Tor is not bootstrapped when you’re unable to connect. The only case were it lightly relates to security is if you care about a long running server or download. But for monitoring these cases, any other test/notification of your own would do.
Thanks Patrick. You’re correct I did not fully understand what Tor bootstrap meant
My remaining questions-
what is the benefit of disabling CPFP?
are there any instructions available to “undo” all the steps I took to disable CPFP, so I can have CPFP fully enabled again? I looked at the steps and I can see some are easy to revert, but others are not clear how to revert.
My primary concern is the long running download scenario you mentioned. If you could suggest how to set up my own notifications for this scenario, that would be fine also, so I wouldn’t have to bother trying to re-enable CPFP.