The image associated with “Vibrant Community” seems to have gone AWOL on that page?
Also:
the “Warrant Canary” section should probably have a picture of a pretty yellow canary, instead of a tropical parrot. I’m sure @nurmagoz could find a nice one.
the “Upcoming Security Enhancements” title is not centered, like every other one on the page. Not sure if easy to fix or not.
I realize that I missed this one: “Run Android Application using Anbox.” -> “Run Android applications using Anbox.”
It’s a really long article. And it’s not my strongest area of knowledge. There’s some people only waiting for any nit they can pick to proof the point they’d love to make.
None of those arguments make sense. Obviously the CPU is privileged. The SP is no different from the rest of the CPU. The SP specifically is not an issue. TEEs are important. Why are Intel SGX, ARM TrustZone, RISC-V MultiZone etc. not mentioned there too if you think it’s such an issue?
Everything has vulnerabilities. You cannot expect the SP to be any different.
Arguably too cumbersome for me to personally do/take interest in. I like the software tool better. However @torjunkie seems to have done a great job formatting the process from the paper in:
This website is created for educational purposes and its content and
images are protected by international copyright laws. If you would like
to use the content of this website, please ask first and permission will
usually be granted under the condition that full credits and a link to
this website are given.
Another problem is that I would need to learn a lot more about the
subject or verification of authority.
Could you please remove the copyrighted content? @torjunkie
I’d remove it but I don’t want the formatting to be lost. Therefore feel
free to backup for own use.
Hi Dirk, I am contacting you for permission to quote from your paper on our wiki for manually encoding OTP messages. The Whonix project is an online anonymity distro based on Tor and Debian.
Qubes (used to? still has) issues with other graphic cards. Best would be to stay out of hardware recommendations for Qubes and leave that to Qubes.
Issue generally:
the information might get outdated
the information might get contested (such as above). Time consuming to reason about, providing references.
it’s overextending the scope of Whonix project
The best place for Qubes hardware recommendations should be Qubes places, i.e. probably mostly Qubes website. If information on that website is bad, contribute to it. And if that’s not an option, well, bad luck but still not good to do that task for Whonix to maintain.
It’s dishonest to claim Kicksecure (even when all the hardening work is complete) is as secure as mobile platforms. Those have decades of work gone into hardening the security model.
Security is not just a checklist of features. Kicksecure’s sandboxing/MAC/verified boot/etc. isn’t even near iPhone/Android and there are numerous security enhancements in phones such as modern exploit mitigations or widespread memory safe languages that are not achievable with Kicksecure.
The claim that most Android devices have locked bootloaders is also dubious. Unlocking the bootloader and even using custom keys is part of the reference implementation.
OpenBazaar many users using it inside whonix , i get many questions about it. It would be nice if someone can contribute to fill the instructions about it.
But firstly can we have please wiki section for it? So that outside contributors can fill it as well.
I see here OpenBazaar in the wiki “Deprecated” section (dont know why):
Hmm… ZeroNet various websites always results in this error: “Content.JSON Download Failed”. JS allowed on 127.0.0.1 and can see a number of peers so not sure what the problem is. Maybe like I2P you have to let it run for a long time beforehand?
Logs also show for various website attempts: “ContentDb not initialized, load files from filesystem…”
Have you succeeded in Qubes-Whonix @Patrick. Does about:config need some more tweaking perhaps? The home page works okay.
PS @madaidan Don’t waste all your talents & time on those reddit trolls. It’s like screaming into the void.
Spend more time over here doing your great development work!
Maybe like I2P you have to let it run for a long time beforehand?
Dunno. Conceivable.
Logs also show for various website attempts: “ContentDb not initialized, load files from filesystem…”
Have you succeeded in Qubes-Whonix @Patrick. Does about:config need some more tweaking perhaps? The home page works okay.
Last time I tested no such changes were required. I’ve tested very
little actual ZeroNet websites. Official links only. That worked for me
at that time.