Leak Testing for Whonix-Workstation Binary 2.1.7-201412012203

Leak Testing for Whonix-Workstation Binary 2.1.7-201412012203

This thread is for those who would like to contribute original leak test results and leak test confirmations of the Whonix-Workstation Binary 2.1.7-201412012203 in the Qubes community templates repository. If wanting to discuss leak test results, then please start a new separate forum thread for each leak test result you would like to discuss.

[hr]

Leak Testing Instructions:

IMPORTANT: Please ensure that you are using the Whonix-Workstation Binary 2.1.7-201412012203 when reporting and confirming in this thread.

You can find some existing leak testing instructions and resources here…

[b]https://www.whonix.org/wiki/Dev/Leak_Tests[/b]

When reporting leak test results, please include relevant information such as:

• Leak Test Conclusion (example: Pass/Fail/Undetermined) - (pass = no leak; fail = leak)
• Whonix Qubes Version (example: 2.1.7-201412012203)
• Whonix Install Type (example: Binary)
• Whonix VM Type (example: Whonix-Workstation)
• Whonix-Gateway Version (example: Binary 2.1.7-201412012134)
• Tor Version (exmaple: 0.2.5.10)
• Qubes OS Version (exmaple: R2)
• Qubes Firewall Rules
• Leak Test Inputs
• Leak Test Outputs
• Relevant Notes & Links

See prior reports on this Whonix Qubes forum for examples.

Feel free to redact any private information that is not needed for test confirmation using “REDACTED”.

Please make one separate post in this thread for each separate test you report.

[hr]

[b]Current Results as of January 14, 2015:

• 0 FAILED
• 4 PASSED
• 1 UNDETERMINED

= 5 TOTAL[/b]

[hr]

Please note that the trustworthiness of the people and systems used in contributing such leak tests is impossible to verify. You are encouraged to conduct independent tests of your own, if relying upon this software for your anonymity.

[hr]

Leak Test Result

Leak Test Conclusion

• Pass

Whonix Qubes Version

• 2.1.7-201412012203

Whonix Install Type

• Binary

Whonix VM Type

• Whonix-Workstation

Whonix-Gateway Version

• Binary 2.1.7-201412012134

Tor Version

• 0.2.5.10

Qubes OS Version

• R2

Qubes Firewall Rules

• Whonix-Workstation:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Whonix-Gateway:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Fedora 20 x64 FirewallVM:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy

Leak Test Inputs

• http://ip-check.info
• Tor Browser 4.0.2
• Default Settings
• JavaScript On

Leak Test Outputs

• Your IP / REDACTED (Tor)
• Your location / REDACTED
• Your net provider / REDACTED
• Reverse DNS / REDACTED
• Cookies / This web site may receive cookies from you / medium
• Authenticaton / protected / good
• HTTP session / 10 minutes (until your Tor identity is changed) / medium
• Referer / Original: Websites may see from which other website you come from! / medium
• Signature / 8ab3a24c55ad99f4e3a6e5c03cad9446 (Firefox) / good
• User-Agent / Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0 / good
• SSL_session_id / REDACTED / neutral
• Language / en-us,en;q=0.5 / good
• Content types / text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 / good
• Encoding / gzip, deflate / good
• Do-Not-Track / / good
• A plugin is needed to display this content.
• A plugin is needed to display this content.
• JavaScript / JavaScript is activated! (Version: 1.5) / medium
• Tab name / “window.name” is traceable. Your unique ID: REDACTED / bad
• Tab history / There are REDACTED pages in your tab history. / medium
• Local storage / Local storage is enabled. Your unique ID: REDACTED / medium
• Screen / 1000 x 900 pixels 24 bit color depth / good
• Screen (usable) / matches screen resolution / good
• Browser window / matches screen resolution / good
• Browser bars / MenuBar PersonalBar StatusBar ToolBar ScrollBars LocationBar / good
• WebGL / disabled or not supported by your browser. / good
• Browser type / Mozilla/5.0 (Windows) 20100101 Netscape (en-US) / good
• System / Windows NT 6.1 Win32 (REDACTED GMT+0000 (UTC)) / medium
• Fonts / 3 installed fonts have been found on your computer. / good

Relevant Notes & Links

• Using fully updated systems.
• BuildSignoff · Wiki · Legacy / Trac · GitLab

Test Pages to Use 6. ​http://www.ip-check.info - See "Expected issues with popular test pages"

Expected issues with popular test pages
2. We handle “Cache cookies” differently than some popular test pages expect

• Sites will be able to store them until you click Torbutton’s ‘New Identity’, but not across url domains
• ​http://ip-check.info is the primary example of such a site. It sets a cookie and then checks for it immediately

Leak Test Result

Leak Test Conclusion

• Undetermined (most likely pass)

Whonix Qubes Version

• 2.1.7-201412012203

Whonix Install Type

• Binary

Whonix VM Type

• Whonix-Workstation

Whonix-Gateway Version

• Binary 2.1.7-201412012134

Tor Version

• 0.2.5.10

Qubes OS Version

• R2

Qubes Firewall Rules

• Whonix-Workstation:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Whonix-Gateway:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Fedora 20 x64 FirewallVM:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy

Leak Test Inputs

• http://websocketstest.com
• Tor Browser 4.0.2
• Default Settings
• JavaScript On

Leak Test Outputs

• Environment:
  • WebSockets supported: Yes
  • HTTP Proxy: No
  • WebSocket protocol version: rfc-6455
• WebSockets (Port 80):
  • Connected: Yes
  • Data Receive: Yes
  • Data Send: Yes
  • Echo Test: Yes
  • Server time: REDACTED
• WebSockets (Port 443):
  • Connected: Yes
  • Data Receive: Yes
  • Data Send: Yes
  • Echo Test: Yes
  • Server time: REDACTED
• WebSockets (Port 8080):
  • Connected: Yes
  • Data Receive: Yes
  • Data Send: Yes
  • Echo Test: Yes
  • Server time: REDACTED
• WebSockets (Port 443, SSL):
  • Connected: Yes
  • Data Receive: Yes
  • Data Send: Yes
  • Echo Test: Yes
  • Server time: REDACTED

Relevant Notes & Links

• Using fully updated systems.
• BuildSignoff · Wiki · Legacy / Trac · GitLab

Test Pages to Use 3. ​http://websocketstest.com - Will indicate if websockets are enabled or not. - FIXME: Clarify what is the expected result.

Leak Test Result

Leak Test Conclusion

• Pass

Whonix Qubes Version

• 2.1.7-201412012203

Whonix Install Type

• Binary

Whonix VM Type

• Whonix-Workstation

Whonix-Gateway Version

• Binary 2.1.7-201412012134

Tor Version

• 0.2.5.10

Qubes OS Version

• R2

Qubes Firewall Rules

• Whonix-Workstation:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Whonix-Gateway:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Fedora 20 x64 FirewallVM:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy

Leak Test Inputs

• Samy Kamkar - evercookie - virtually irrevocable persistent cookies
  • Click to create an evercookie
  • Click to rediscover cookies
    • Cookie found: uid = REDACTED
    • userData mechanism: undefined
    • cookieData mechanism: REDACTED
    • localData mechanism: REDACTED
    • globalData mechanism: undefined
    • sessionData mechanism: REDACTED
    • windowData mechanism: REDACTED
    • pngData mechanism: ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
    • etagData mechanism: REDACTED
    • cacheData mechanism: REDACTED
    • lsoData mechanism: undefined
    • slData mechanism: undefined
  • Should Tor Browser allow this website to extract HTML5 canvas image data?: Allow in the future
  • Click to rediscover cookies
    • Cookie found: uid = REDACTED
    • userData mechanism: undefined
    • cookieData mechanism: REDACTED
    • localData mechanism: REDACTED
    • globalData mechanism: undefined
    • sessionData mechanism: REDACTED
    • windowData mechanism: REDACTED
    • pngData mechanism: REDACTED
    • etagData mechanism: REDACTED
    • cacheData mechanism: REDACTED
    • lsoData mechanism: undefined
    • slData mechanism: undefined
  • New Identity
  • Click to rediscover cookies
• Tor Browser 4.0.2
• Default Settings
• JavaScript On

Leak Test Outputs

• Cookie found: uid = undefined
• pngData mechanism: undefined
• etagData mechanism: undefined
• cacheData mechanism: undefined
• userData mechanism: undefined
• cookieData mechanism: undefined
• localData mechanism: null
• globalData mechanism: undefined
• sessionData mechanism: null
• windowData mechanism: undefined
• lsoData mechanism: undefined
• slData mechanism: undefined

Relevant Notes & Links

• Using fully updated systems.
• BuildSignoff · Wiki · Legacy / Trac · GitLab

Test Pages to Use 1. ​http://samy.pl/evercookie - Use Torbutton's 'New Identity' (not Vidalia's) to clear them, and make sure they're gone.

Leak Test Result

Leak Test Conclusion

• Pass

Whonix Qubes Version

• 2.1.7-201412012203

Whonix Install Type

• Binary

Whonix VM Type

• Whonix-Workstation

Whonix-Gateway Version

• Binary 2.1.7-201412012134

Tor Version

• 0.2.5.10

Qubes OS Version

• R2

Qubes Firewall Rules

• Whonix-Workstation:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Whonix-Gateway:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Fedora 20 x64 FirewallVM:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy

Leak Test Inputs

• My IP Address - BrowserLeaks
• Tor Browser 4.0.2
• Default Settings
• JavaScript On

Leak Test Outputs

• Shows Your IP:
  • IP Address: REDACTED
  • Host Name: REDACTED
• TCP/IP stack OS Fingerprinting:
  • Passive, SYN: REDACTED
• IP Address Location:
  • Organization: REDACTED
  • ISP: REDACTED
  • AS Number: REDACTED
  • Country: REDACTED
  • State/Region: REDACTED
  • City: REDACTED
  • Timezone: REDACTED
  • Local Time: REDACTED
  • Latitude/Longitude: REDACTED
• Tor Relay Details:
  • Fingerprint: REDACTED
  • Running: True
  • OR Addresses: REDACTED
  • Dir Address: REDACTED
  • Flags: REDACTED
  • Exit Policy: REDACTED
  • First Seen: REDACTED
  • Last Seen: REDACTED
  • Current Uptime: REDACTED
  • Last Restarted: REDACTED
  • Bandwidth: REDACTED
  • Nickname: REDACTED
  • Contact: REDACTED
  • Platform: REDACTED
• HTTP Request Headers:
  • Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
  • Accept-Encoding: gzip, deflate
  • Accept-Language: en-us,en;q=0.5
  • Connection: keep-alive
  • Referer: https://www.browserleaks.com/
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
• Where is this IP: REDACTED

Relevant Notes & Links

• Using fully updated systems.
• BuildSignoff · Wiki · Legacy / Trac · GitLab

Test Pages to Use Proposed by adrelanos: - ​https://www.browserleaks.com/

Leak Test Result

Leak Test Conclusion

• Pass

Whonix Qubes Version

• 2.1.7-201412012203

Whonix Install Type

• Binary

Whonix VM Type

• Whonix-Workstation

Whonix-Gateway Version

• Binary 2.1.7-201412012134

Tor Version

• 0.2.5.10

Qubes OS Version

• R2

Qubes Firewall Rules

• Whonix-Workstation:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Whonix-Gateway:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy
• Fedora 20 x64 FirewallVM:
  • Allow network access
  • Allow ICMP traffic
  • Allow DNS queries
  • Allow connections to Updates Proxy

Leak Test Inputs

• JavaScript Browser Information - BrowserLeaks
• Tor Browser 4.0.2
• Default Settings
• JavaScript On

Leak Test Outputs
Client-Side: JavaScript Browser Information

• JavaScript: Version 1.5
• Document Referrer: https://www.browserleaks.com/
• Screen Resolution: 1000×900 10:9 24-bit TrueColor (working area: 985×885)
• System Time: REDACTED (UTC)
• Navigator Object:
  • User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
  • App Version: 5.0 (Windows)
  • App Name: Netscape
  • App Code Name: Mozilla
  • Product: Gecko
  • Product Sub: 20100101
  • Vendor: empty
  • Vendor Sub: empty
  • Build ID: 20100101
  • Platform: Win32
  • OS CPU: Windows NT 6.1
  • Language: en-US
  • OnLine: true
  • Do Not Track: unspecified
  • Cookies Enabled: true
• Battery Status API:
  • API Vendor: false
• Network Information API:
  • API Vendor: false
• More HTML5 Features Detection:
  • See Also: [Modernizr Helper]
• Rest of window.navigator:
  • mozId: null
  • mozPay: null
  • mozAlarms: null
  • mozContacts: [object ContactManager]
  • mozPhoneNumberService: empty
  • mozApps: [xpconnect wrapped (nsISupports, mozIDOMApplicationRegistry, mozIDOMApplicationRegistry2)]
  • mozTCPSocket: null
  • vibrate: function vibrate() { [native code] }
  • javaEnabled: function javaEnabled() { [native code] }
  • mozIsLocallyAvailable: function mozIsLocallyAvailable() { [native code] }
  • sendBeacon: function sendBeacon() { [native code] }
  • registerProtocolHandler: function registerProtocolHandler() { [native code] }
  • registerContentHandler: function registerContentHandler() { [native code] }
  • taintEnabled: function taintEnabled() { [native code] }
  • mimeTypes: [object MimeTypeArray]
  • plugins: [object PluginArray]
  • AddSearchProvider: function AddSearchProvider() { [native code] }
  • IsSearchProviderInstalled: function IsSearchProviderInstalled() { [native code] }
  • addSearchEngine: function addSearchEngine() { [native code] }
• Internet Explorer Features:
  • No Internet Explorer found
• Installed Plug-Ins:
  • No NPAPI Plug-ins found

Relevant Notes & Links

• Using fully updated systems.
• BuildSignoff · Wiki · Legacy / Trac · GitLab

Test Pages to Use Proposed by adrelanos: - ​https://www.browserleaks.com/