Long Wiki Edits Thread

Patrick · November 28, 2019, 8:24am

Also this:

torjunkie · December 1, 2019, 12:58am

Template {{VersionNew}} clearly states 15.0.0.6.6, but on various download and other pages it presents as “15.0.0.4.9”? Strange.
The download page for VirtualBox (VirtualBox/XFCE) also still points to:
https://download.whonix.org/ova/15.0.0.4.9/Whonix-XFCE-15.0.0.4.9.ova even though 15.0.0.6.6 is the stable point release?
KVM download page points to 15.0.0.7.1 stable release. Will KVM & Virtualbox releases not stay in sync?
In our release notes (updates) we’re not really picking up Qubes-Whonix specific ones. Is there a github link just for that?

Patrick · December 1, 2019, 8:08am

Unfortunately, sometimes not.

Nothing Qubes-Whonix specific lately as far as I can remember.

Qubes is currently missing out:

Not directly. Some Qubes-Whonix specific changes go into individual packages rather than into the qubes-whonix package. Not much going on there lately. The “direct” but “incomplete” github links:

Thanks!
Server caching issue. Manually purged cache for now for now but original issue not identified / fixed on server.

Yes. Whonix VirtualBox 15.0.0.6.6 - Point Release

Patrick · December 6, 2019, 3:24pm

Could you review Full Disk Encryption: Difference between revisions - Whonix please? @HulaHoop

HulaHoop · December 7, 2019, 4:55am

After thinking about it for a long time I decided to reject the changes for these reasons:

This entire section is meant as a workaround until fixed gnome-disks is in stable. Which means that ideally neither I nor anyone else should ever have to care about the underlying commandline interface to get something as important as block device encryption working.
Some instructions are redundant given the amount of data on the password best practices page. I advise anyone who has anything important to store to just use the maximum length passphrase instead of jumping thru hoops and debating what is safe with keystretching of all flavors (sha iterations, argon2)
Interacting with filesystems like ext4 formatting, should be done using gparted for simplicity. Whenever considering instructions we should not include stuff that can be done with GUIs or any other easier way. The wiki should be about the least complex way to accomplish complex things and no more.

I hope you try to understand my POV and aren’t put off by the edit rollback. I am a big fan of short and sweet documentation and don’t want users to be confused or give up because the page has become unbearably long.

Patrick · December 9, 2019, 3:08pm

12 posts were split to a new topic: i2p inside Whonix-Workstation broken

Patrick · December 12, 2019, 6:38am

Could you review Full Disk Encryption: Difference between revisions - Whonix please? @HulaHoop

HulaHoop · December 12, 2019, 5:07pm

Accepted. Happy data nuking everyone!

Patrick · December 14, 2019, 8:21am

A post was merged into an existing topic: Freenet with Onioncat

Patrick · December 14, 2019, 5:49pm

Could you review Freenet: Difference between revisions - Whonix please? @HulaHoop

HulaHoop · December 14, 2019, 5:53pm

Great. @Torjunkie is on a roll today

torjunkie · December 16, 2019, 11:57am

BTW that GNUNet page is a bit light on. I have to read up on it, but we don’t have many instructions there? Or not much we can add?

Patrick · December 16, 2019, 1:45pm

ToDo for Kicksecure ™ Wiki Devs / whonix.org main Homepage Improvements is being worked on.

Could use your help with the text on that wiki page (which serves as a draft for homepage contents). @torjunkie

HulaHoop · December 16, 2019, 2:22pm

Last time I tried it doesn’t work, may need a retest with Buster to see if the situation has changed.

torjunkie · December 16, 2019, 8:33pm

Yes, I like your ‘research project’ idea better in that thread. OK. Let me think about the wording for a bit.

(Off-topic)

When you get around to installing Tor v4.2.5, for the Whonix v3 onion service you probably want to implement the DoS Defense Extension. See:

https://lists.torproject.org/pipermail/tor-dev/2019-June/013875.html

Major features (onion service v3, denial of service):

Add onion service introduction denial of service defenses. Intro points can now rate-limit client introduction requests, using parameters that can be sent by the service within the ESTABLISH_INTRO cell. If the cell extension for this is not used, the intro point will honor the consensus parameters. Closes ticket 30924.

Patrick · December 23, 2019, 8:41am

A post was split to a new topic: Connecting to Tor before a VPN (User → Tor → VPN → Internet) Issue

Patrick · December 23, 2019, 8:42am

Connecting to Tor before a VPN (User → Tor → VPN → Internet) Issue can be far too hard to solve than calling it a documentation issue. Split to separate forum thread. I guess this forum thread is for actionable wiki edits only that don’t need too difficult research/testing.

tempest · December 24, 2019, 1:14pm

i wasn’t sure if this was something that simply required an update in the docs or troubleshooting. i will experiment with it more over the next few days.

Patrick · December 25, 2019, 10:05am

Warning: Difference between revisions - Whonix :

That is far too much detail for the Whonix and Tor Limitations page: that page should [1] dispel user misconceptions, too high exceptions, too risky reliance. Explaining that in terms which sound understandable, conceivable (not being discarded as “conspiracy theory”).

For example:

OCSP (from user point of view: whatever that is), Retroactive availability, medium effort.

That’s not something:

users can/should remember when reading that page
actionable
[1]

That is more interesting for researchers / developers.

My problem with that is that reviewing this would take away development time for more impactful things such as various security hardening recently. If I’d accept it on faith without review it would make the project look stupid if there were major discrepancies.

It would fit better in Internet Corporations and Privacy Concerns or Data Collection Techniques? That pages don’t have to be as thoroughly reviewed as maintained by torjunkie. What the https://www.whonix.org/wiki/Template:Maintainer is supposed to communicate is, that that page is the main responsibility of that maintainer. Therefore it does not have to be as thoroughly reviewed. It is more similar to a blog account on blogger.com such as somename.blogger.com. blogger.com isn’t the publisher. sommename is. blogger.com is just a platform.

Originally was:

To oversimplify it: Whonix is just a collection of configuration files and scripts.

Now over time changed to:

In simple terms, Whonix ™ is just a collection of configuration files and scripts.

Not sure that is very same meaning intended to community. Oversimplify is a valid word in dictionary.

“Whonix is just a collection of configuration files and scripts.” It’s not. There are too many configuration files and scripts. Realistically (almost) nobody will replicate all or most of what Whonix does one by one with configuration files and scripts. It would be silly to call Whonix "a collection of configuration files and scripts` and I have not seen that claim. Years ago Whonix became a Linux distribution. But for the sake of making that point it is useful to view it that way “Whonix is just a collection of configuration files and scripts.” The point I am trying to convene is that by adding more and more pre-configuration for anonymity/privacy/security and package selection it is still Debian based and while there are some bugs nothing major is breaking and nothing is deliberately freedom restricted.

Patrick · December 28, 2019, 9:39am

2 posts were merged into an existing topic: Kernel Hardening