Please move this post to organization forum since this is quite a topic.
@dau @torjunkie the blog post ist now ready to be posted?
re https://www.whonix.org/wiki/Surfing_Posting_Blogging:
Could you please make Keystroke_Deanonymization (which is typing style only) it’s own chapter please? It’t not part of Stylometry (which is writing style only). And make that a template for reuse at Keystroke and Mouse Deanonymization?
LGTM.
No problem. Will do.
Also TODO (low priority):
- Research VPN hosting arrangements and suitable criteria as per your other post.
Will move that other post above to “Organization”.
1 Like
(Off-topic)
1) Re: Phabricator to Discourse Forums Migration - Phabricator Tickets - Whonix Forum
Tor Browser 7.0a2 broken in stretch based Whonix 14 - : Corrupt redzone 0 bytes after 0x7f0503ede9d0 (size 80), byte=0x0
I wonder whether you’d have more luck with 7.0a4 in stretch since Tor Project have made significant changes over the last couple of releases (?). Worth a try.
BTW tested 7.0a4 in (normal) Qubes-Whonix WS and it’s working fine (without AppArmor).
2) Re: Phabricator to Discourse Forums Migration - Phabricator Tickets - Whonix Forum
pulseaudio and vlc should not be installed in sys-whonix
You were waiting for Qubes Issue 2648 to be closed. That just happened today:
1 Like
@dau @torjunkie the blog post ist now ready to be posted?
LGTM.
I also think so.
1 Like
→ Fixed
Also, in apt-transport-tor template, this link no longer exists:
https://github.com/Whonix/anon-apt-sources-list/blob/master/etc/apt/apt.conf.d/30onion-allow
Do you mean this instead? →
https://github.com/Whonix/anon-apt-sources-list/blob/master/etc/apt/sources.list.d/debian.list
PS Fortasse’s expand/collapse all widget looks nice! 
1 Like
Good question. Can you make head or tail of Phabricator to Discourse Forums Migration - Phabricator Tickets - Whonix Forum?
It’s all very confusing.
Since Whonix forces everything over Tor, and .onions will be the default for apt upgrades in Whonix 14, why is this even needed?
I gather the apt-transport-tor enforces updates over Tor, or not at all - so this can kind of act as a failsafe.
But then your ticket indicates you have to worry about Tor over Tor (hence why Acquire:BlockDotOnion is false) and making sure anon-ws-disable-stacked-tor is in effect for the Workstation (and Gateway?) template.
Seems a lot of work for little benefit?
The answer why apt-transport-tor is still useful in Whonix is here:
David Kalnischkies:
That said, it might make sense to use a-t-tor anyhow even if not
strictly needed as it will deal better with certain tor anomalies given
that it knows tor is involved reporting better errors (like telling you
that the .onion address you typo’ed is too long/short; saying
“unreachable host” if a service is… well, not reachable, instead of
saying “TTL expired” which is reported by Tor and technically more
correct but unhelpful), will use different circuits for different
sources and stuff.
(In summary he’s saying “better error handling” and “better stream isolation”.)
It’s the more correct way to do it.
The opposite.
Tor over Tor in Qubes TemplateVM is generally sorted out by: […]
Using apt-transport-tor we don’t need to use BlockDotOnion false.
could use some polish.
- header
- footer
- og:description
- og:image wish list add
Thanks. I’ll fix them up soon (apt-transport-tor template & offline entry).
1 Like
Could you please get a phabricator account? @torjunkie Could be sometimes useful.
Please have a look at.
Wishlist 1: document TBB canvas warning. Do you think you can find the upstream bug / documentation and document this at Whonix wiki?
Since you’re a part of the Whonix team now, can I reach you by e-mail? Could you create an 4096 bit gpg key please?
Wishlist 2: Some very minimal instructions on how to create a gpg key on our OpenPGP key or a link to some guide that does better than us. There are a lot, we might not have to duplicate it.
Wiki History is perfect, cannot even nitpick!
Wiki History this is a hard to do edit at the right time. Since curl --tlsv1.3 is only available in Debian buster, it won’t work for stable users (currently: stretch) Same when this command is used on the host with stretch vs buster.
Please check out Phabricator to Discourse Forums Migration - Phabricator Tickets - Whonix Forum.
Could you please have a look at https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/tor/torrc.examples as well?
@Ego I’m doing the section on BitMessage and I saw an interesting bit of evidence for its track record. It hasn’t been audited but it turns out a gang used it over Tor to run their ransomware without getting caught.
Do you think there is a legal problem with adding this to the wiki?
No professional audit has been done for BitMessage to date. While we never condone criminal abuse of technology, its past use by criminals running a ransomware operation (over Tor) without getting caught, shows that it is somewhat “battle-tested”. We hope that dissidents in rogue nations could profit from that experiment.https://www.bleepingcomputer.com/news/security/chimera-ransomware-uses-a-peer-to-peer-decryption-service/
1 Like
Good day,
Sure, that should be no problem, seeing how it is A) factually correct and B) does not in any way support these acts. Again though, I’m not a lawyer.
Have a nice day,
Ego
2 Likes
Sounds good. I will add the stuff soon.
@Patrick the Usenet section seems very redundant and could use some clean-up. It should give a brief intro and point to our Mixmaster article IMO.
1 Like
@Patrick It seems devs do sign their git tags as you suggested though its not current. I haven’t worked out instructions to verify so I put it as TO-DO.
1 Like
Could you investigate this please? Wiki History @HulaHoop