Long Wiki Edits Thread

Do we document somewhere “if you don’t have physical security (untrusted visitors) for your computer (hardware backdoor), then you’re considered compromised, software cannot help you”? If not, could you add this please?

new chapter:
Verifying Software Signatures - Kicksecure

Expanded this chapter:
Placing Trust in Whonix ™

fix extra white space on all PDF embedded links is now fixed.

Wiki has a new minor feature. (ticket)

old version: Template:Reload Tor - Whonix

If you are using a terminal-only Whonix-Gateway ™, press on Expand on the right. [Expand]

new version: Template:Reload Tor - Whonix

If you are using a terminal-only Whonix-Gateway ™, click HERE for instructions.

HERE is a clickable button.

Could you please check/adjust the wording/style? When this matured, I can create a wiki template so this can be more easily used throughout the whole wiki.

3 posts were split to a new topic: systemd-analyze security

updated the bitmessage page to inform readers that the bmg service at bitmessage.ch is terminated.

1 Like

Reading thru whonix. org/wiki/KVM, there’s the note:
„Read and apply the [Pre-Installation Security Advice](whonix. org/wiki/Pre_Install_Advice)“ which leads to an outdated page, which links to another page, but the Pre-Installation isn’t there either. As you’ve already covered here that some pages are outdated, a new guide from tempest would come in handy and/or update the wiki here.
Where I can imagine an own wiki page from tempest would be a good thing, as he walks thru all necessary steps from scratch to finish - maybe especially for new users.

2 Likes

this will be coming. i’m converting chapters into wiki text at the moment.

1 Like

3 posts were split to a new topic: Whonix Enterprise Software

E-Mail: Difference between revisions - Whonix what do you think? @HulaHoop

Also not sure we should go into privacy by policy based advice anyhow. Previous (existing point):

JonDonym [archive] notes:

Due to the US PATRIOT Act (especially p. 215ff) and the fourth amendment to the FISA Amendments Act it is possible for US authorities to eavesdrop on the communication of non US citizens without a warrant. According to the US authorities it is enough that the servers are located in the US.

Lots of countries have similar programs. It might be hard to find any that don’t have these. Seems pretty difficult to keep track and reason about since there are ~ 200 countries and hard to keep track about each of these.

1 Like

The fourteen eyes are irrelevant. Just because those governments share data with each other, doesn’t mean they’re going to force the email provider to.

2 Likes

I think it’s worthless advice and we must only recommend things on a technical basis and assume if surveillance is possible then it is happening.

Offtopic: Is there a better looking vector icon for Thunderbird we can use? This one is absolutely hideous.

2 Likes

OK. Edit rejected and other non-technical advice removed:

E-Mail: Difference between revisions - Whonix

1 Like

FAQ was rebooted yet again.

Link to FAQ is now prominent on top of Whonix front page https://www.whonix.org

The goal of the FAQ is to summarize and explain Whonix in laymen terminology as much as possible. Role models are simple.wikipedia.org and ELIA5.

1 Like

Wifi encryption is beyond fucked. Wi-Fi Chip Vulnerability - Schneier on Security
Where do I add this reference?

1 Like

Router and Local Area Network Security - Kicksecure suitable?

That’s for specific hardware and patches have already been released. Users just need to update.

Problem is, most of the vulnerable devices will never receive an update nor will they be upgradable even if they do. Better to let people assume this is the case and behave accordingly.

From the article you linked:

Manufacturers have made patches available for most or all of the affected devices, but it’s not clear how many devices have installed the patches.

The only issue is users not installing them.