Long Wiki Edits Thread

Yes, I like your ‘research project’ idea better in that thread. OK. Let me think about the wording for a bit.

(Off-topic)

When you get around to installing Tor v4.2.5, for the Whonix v3 onion service you probably want to implement the DoS Defense Extension. See:

https://lists.torproject.org/pipermail/tor-dev/2019-June/013875.html

Major features (onion service v3, denial of service):

Add onion service introduction denial of service defenses. Intro points can now rate-limit client introduction requests, using parameters that can be sent by the service within the ESTABLISH_INTRO cell. If the cell extension for this is not used, the intro point will honor the consensus parameters. Closes ticket 30924.

A post was split to a new topic: Connecting to Tor before a VPN (User → Tor → VPN → Internet) Issue

Connecting to Tor before a VPN (User → Tor → VPN → Internet) Issue can be far too hard to solve than calling it a documentation issue. Split to separate forum thread. I guess this forum thread is for actionable wiki edits only that don’t need too difficult research/testing.

i wasn’t sure if this was something that simply required an update in the docs or troubleshooting. i will experiment with it more over the next few days.

Warning: Difference between revisions - Whonix :

That is far too much detail for the Whonix ™ and Tor Limitations page: that page should [1] dispel user misconceptions, too high exceptions, too risky reliance. Explaining that in terms which sound understandable, conceivable (not being discarded as “conspiracy theory”).

For example:

OCSP (from user point of view: whatever that is), Retroactive availability, medium effort.

That’s not something:

• users can/should remember when reading that page
• actionable
• [1]

That is more interesting for researchers / developers.

My problem with that is that reviewing this would take away development time for more impactful things such as various security hardening recently. If I’d accept it on faith without review it would make the project look stupid if there were major discrepancies.

It would fit better in Internet Corporations and Privacy Concerns or Data Collection Techniques? That pages don’t have to be as thoroughly reviewed as maintained by torjunkie. What the https://www.whonix.org/wiki/Template:Maintainer is supposed to communicate is, that that page is the main responsibility of that maintainer. Therefore it does not have to be as thoroughly reviewed. It is more similar to a blog account on blogger.com such as somename.blogger.com. blogger.com isn’t the publisher. sommename is. blogger.com is just a platform.

Originally was:

To oversimplify it: Whonix is just a collection of configuration files and scripts.

Now over time changed to:

In simple terms, Whonix ™ is just a collection of configuration files and scripts.

Not sure that is very same meaning intended to community. Oversimplify is a valid word in dictionary.

“Whonix is just a collection of configuration files and scripts.” It’s not. There are too many configuration files and scripts. Realistically (almost) nobody will replicate all or most of what Whonix does one by one with configuration files and scripts. It would be silly to call Whonix "a collection of configuration files and scripts` and I have not seen that claim. Years ago Whonix became a Linux distribution. But for the sake of making that point it is useful to view it that way “Whonix is just a collection of configuration files and scripts.” The point I am trying to convene is that by adding more and more pre-configuration for anonymity/privacy/security and package selection it is still Debian based and while there are some bugs nothing major is breaking and nothing is deliberately freedom restricted.

2 posts were merged into an existing topic: Kernel Hardening

This page title is too complex and cannot be easily posted in forums. Could you please move this page to give it a better page name?

https://www.whonix.org/wiki/Hosting_a_(private)_(obfuscated)_bridge_or_(exit)_relay

Fixed the title for you.

A post was merged into an existing topic: Tempests email guide → Whonix wiki

2 posts were split to a new topic: SMAP SMEP - VirtualBox / KVM

new chapter:
Network, Browser and Website Fingerprint

updated chapter:
Tor Entry Guards - Whonix

Do we document somewhere “if you don’t have physical security (untrusted visitors) for your computer (hardware backdoor), then you’re considered compromised, software cannot help you”? If not, could you add this please?

new chapter:
Verifying Software Signatures - Kicksecure

Expanded this chapter:
Placing Trust in Whonix ™

fix extra white space on all PDF embedded links is now fixed.

Wiki has a new minor feature. (ticket)

old version: Template:Reload Tor - Whonix

If you are using a terminal-only Whonix-Gateway ™, press on Expand on the right. [Expand]

new version: Template:Reload Tor - Whonix

If you are using a terminal-only Whonix-Gateway ™, click HERE for instructions.

HERE is a clickable button.

Could you please check/adjust the wording/style? When this matured, I can create a wiki template so this can be more easily used throughout the whole wiki.

3 posts were split to a new topic: systemd-analyze security

updated the bitmessage page to inform readers that the bmg service at bitmessage.ch is terminated.

Reading thru whonix. org/wiki/KVM, there’s the note:
„Read and apply the [Pre-Installation Security Advice](whonix. org/wiki/Pre_Install_Advice)“ which leads to an outdated page, which links to another page, but the Pre-Installation isn’t there either. As you’ve already covered here that some pages are outdated, a new guide from tempest would come in handy and/or update the wiki here.
Where I can imagine an own wiki page from tempest would be a good thing, as he walks thru all necessary steps from scratch to finish - maybe especially for new users.