[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Long Wiki Edits Thread


#1273

@HulaHoop in KVM method i think you missed mentioning the ability to check the images signatures with the keys no ?

Qubes has full complete guide about it:


#1274

Good point.

@Patrick doesn’t a signature mismatch imply that the images was modified maliciously or download corrupted? Wouldn’t also checking the sha256 hash be just another redundant step if the image checks out with the signing key?


#1275

Yes.

Yes, redundant. We choose to trust OpenPGP / gpg. It internally uses hashing also. If OpenPGP / gpg is broken, the internet is in bigger trouble anyhow. And from a threat model perspective, hash files don’t provide higher security than images downloads. If the image download was corrupted by an attack, why wouldn’t the hash file also be corrupted by an attacker. OpenPGP signatures are a way out of this.

Why do we provide hash files anyhow? Good question.

  • was a feature request
  • no extra maintainance work anymore since the process of creation, verification test and upload is automated
  • to convince oneself a file really is corrupted and that it’s not a gpg bug

#1276

https://www.whonix.org/w/index.php?title=Lantern&oldid=35506&diff=cur

It is inadvisable to consider paying for ‘Lantern Pro’ since the available payment methods cannot be used without damaging user privacy and/or anonymity.

Well, by connecting to lantern for free, doesn’t this already privacy and/or anonymity?

What’s the threat model?

An advanced adversary seeing that a user connects to lantern? This is sane to assume anyhow that this gets logged and later found out.

Quote https://www.whonix.org/wiki/Hide_Tor_and_Whonix_from_your_ISP

Some pluggable transports may seek to obfuscate traffic or to morph it. However, they do not claim to hide that you are using Tor in all cases but rather in very specific cases. An example threat model includes a DPI device with limited time to make a classification choice - so the hiding is very specific to functionality and generally does not take into account endless data retention with retroactive policing.

So consistent, efficient hiding of Tor

Is a payment trail worse than that?

We might keep this discouragement of payments but we’d have to give better reasons. Also I am not sure if the statement as is would be a target for libel. Unclear what it entails. Could you please elaborate on it more?


#1277

Tor Browser without Tor has been updated

http://whonix.org/w/index.php?title=Tor_Browser_without_Tor&oldid=41176&diff=cur


#1278

Will fix that.

Also thanks mig5 (can’t like any posts for some reason).

PS 0brand - those are some nice edits (and commits!) my man. More please.


#1279

The only downside as I see it with the banner change (“This website uses cookies” etc.) is that search box is no longer visible if JavaScript is disabled. And the banner can’t be dismissed by clicking ‘OK’ without JavaScript.

However, the search function can still be accessed with the Special:Search paramter added to the URL, so no big deal for editing purposes I guess (when searching for something).

@0brand Re: your post in the other thread. Happy to do a full edit on all your VPN hard work once it’s finished. Just give me the heads up when you are done - as I see you are still working on various things.
It’s all coming together nicely. +1


#1280

An alternative to https://www.mediawiki.org/wiki/Extension:CookieWarning would be desirable. Perhaps either a different mediawiki extension. or CSS tricks or some way to inject different dismissable banner code into mediawiki header.


#1281

I don’t think there is any solution for a dismissable banner with html/css only, haven’t seen that anywhere online yet.

Just now moved the banner down a few pixels so it doesn’t block our menu bar.


#1282

I noticed that the new version of Tor automatically detects that you changed your physical location based on IP(?) and uses a new guard node pinned to that hotspot location. This protects against the threat mentioned in the chapter: location tracking privacy of using Tor.

I don’t know the details of how it works but it’s pretty cool and worth mentioning for those who are worried about this.


#1283

Haven’t found any info on this in the Tor release notes. Will have to find a reference for this.


#1284

We have https://www.whonix.org/wiki/DoNot#Change_Settings_if_the_Consequences_are_Unknown but…

Should I apply the steps in this guide on the tor browser?
https://www.privateinternetaccess.com/blog/2018/09/firefox-hardening-guide/

it doesn’t really specifically address that and explains this makes it more fingerprintable perhaps with a short footnote as explanation/reference with proof or authoritative source as backup of this claim?


#1285

Could you please review

@HulaHoop?


#1286

Approved.

The link to the Hidden Wiki is problematic. There is useful info on there but the fact it links to other illegal material might make us liable if we link to it directly.

I recommend pasting the contents of the email page to a pastebin (or alternative) then archiving that with archive.org/web then linking to that page instead while citing the source as the hidden wiki.


#1287

Thanks!

Best staying away from hidden wiki entirely.


#1288

Fixed (removed).


#1289

1. This ‘onion gaming’ stuff is too big (and looks out of place) on this page -> http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Onion_Services_Guides#Multiplayer_.onion_Games

Probably better to just create a standalone ‘Onion Gaming’ page and link to it. Also, presumably more gaming stuff will become available over time.

2. Let me know if there’s something that needs fixing up on the email page updates i.e. re: the service provider changes. Effectively, some just go out of existence quite regularly it seems.

(It would be nice to have all those VFEmail pics replaced with a working alternative in the Email entry, but I’ll leave that to @tempest)

3. The added info on Tor attacks on the Warning page is to try and tighten up info - i.e. a ton of other (historical) attacks are possible against the client, server and/or network.

Good for reader to know it ain’t just confirmation attacks they need to worry about if the ‘big boys’ take an interest. Even Tor doesn’t list this out anywhere in one place that I remember seeing…

(haven’t forgotten the Whonix 14 Release Updates TODO; putting off the dull stuff)

Plan from here ->

  1. finish finer edits down to anonymous email section
  2. tidy up/rejig that Mixmaster stuff
  3. start some heavy edits on the Money section (good info, but structure/expression is wanting in several places there)

#1290

New Electrum instructions are ready for review.

https://www.whonix.org/w/index.php?title=Electrum&oldid=41482&diff=cur


#1291

https://www.whonix.org/w/index.php?title=Warning&oldid=41607&diff=cur is huge. All self-written? @torjunkie I haven’t seen such a summary/overview before yet.

Could you please help to review https://www.whonix.org/w/index.php?title=Warning&oldid=41607&diff=cur @HulaHoop?

<ref>Some have already been addressed by The Tor Project.</ref>

Why make this a footnote? Which ones were addressed, and which ones not? Seems like an important information if we add this.

<ref>Explaining why browser plug-ins should generally be avoided or disabled in Tor Browser.</ref>

Slightly confusing. All disabled by default in Tor Browser.

Connections to peer-to-peer systems are exploited to retrieve the IP address of the client. For example, adversaries can retrieve the IP address of clients connecting over Tor with the BitTorrent protocol when they communicate with the torrent tracker. <ref>Torrent trackers retrieve information about peers who can share the requested resource, that is, IP address and listening port.</ref> While tracker lists can be retrieved anonymously over Tor, the actual P2P connection is not – meaning a MitM attack on this connection can redirect to a list that includes the IP address of a malicious torrent peer. This means the IP address of the client that originated the tracker request (over Tor) can be retrieved.

Doesn’t apply to Whonix.

Quote https://www.whonix.org/wiki/File_Sharing#Please_limit.21

Whonix will keep your IP address hidden while you use BitTorrent and other file sharing and P2P programs.

Since it doesn’t apply to Whonix, is it worth mentioning it on our Warning page? We could mention a short summary on attacks on Tor somewhere in Whonix wiki but the Warning page isn’t the right place?

Tor clients can be induced to adopt a malicious Tor guard (entry) node via: altering traffic capabilities of the target, blocking connections to legitimate entry nodes at the network level, and so on. This greatly assists end-to-end correlation and other attacks.

Reference required.

<ref>Note: This attack variant is no longer possible since directory servers now control the declaration of effective bandwidth.</ref>

Shouldn’t be a reference if this is no longer valid, too important to hide it in reference.

Cell Counting and Padding

Reference required.

Tor Cells Manipulation

Reference required.

Timing Attacks

Reference required.

Shaping Attacks

Reference required.


#1292

OK - tried to address most of that. I’m sure HulaHoop will pick up any BS claims made by researchers here.

All comes from the primary ‘Darknet’ reference. Have looked at a bunch of secondary refs which look pretty good. I should paraphrase / rephrase it a bit harder though :slight_smile:

@0brand nice work on Electrum pg