Long Wiki Edits Thread

torjunkie · May 16, 2020, 2:02am

Thanks @HulaHoop - really appreciated

Patrick · May 19, 2020, 9:26am

Issues with hardware recommendations for other operating systems maintained by others, i.e. Qubes. Related documentation:

Issue specifically:

Qubes-Whonix Security: Difference between revisions - Whonix

Qubes (used to? still has) issues with other graphic cards. Best would be to stay out of hardware recommendations for Qubes and leave that to Qubes.

Issue generally:

the information might get outdated
the information might get contested (such as above). Time consuming to reason about, providing references.
it’s overextending the scope of Whonix project

The best place for Qubes hardware recommendations should be Qubes places, i.e. probably mostly Qubes website. If information on that website is bad, contribute to it. And if that’s not an option, well, bad luck but still not good to do that task for Whonix to maintain.

Patrick · May 22, 2020, 5:06pm

A post was merged into an existing topic: [feature request] onionshare support

madaidan · May 22, 2020, 5:55pm

Kicksecure - Secure by Default Operating System needs a rewrite/removal.

It’s dishonest to claim Kicksecure (even when all the hardening work is complete) is as secure as mobile platforms. Those have decades of work gone into hardening the security model.

Security is not just a checklist of features. Kicksecure’s sandboxing/MAC/verified boot/etc. isn’t even near iPhone/Android and there are numerous security enhancements in phones such as modern exploit mitigations or widespread memory safe languages that are not achievable with Kicksecure.

The claim that most Android devices have locked bootloaders is also dubious. Unlocking the bootloader and even using custom keys is part of the reference implementation.

And again, GNU/FSF are not good sources.

Patrick · May 24, 2020, 10:15am

A post was split to a new topic: Wickr Me vs Qubes-Whonix Persistence

nurmagoz · May 26, 2020, 11:58am

OpenBazaar many users using it inside whonix , i get many questions about it. It would be nice if someone can contribute to fill the instructions about it.

But firstly can we have please wiki section for it? So that outside contributors can fill it as well.

I see here OpenBazaar in the wiki “Deprecated” section (dont know why):

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Deprecated#OpenBazaar

torjunkie · May 27, 2020, 11:42am

Hmm… ZeroNet various websites always results in this error: “Content.JSON Download Failed”. JS allowed on 127.0.0.1 and can see a number of peers so not sure what the problem is. Maybe like I2P you have to let it run for a long time beforehand?

Logs also show for various website attempts: “ContentDb not initialized, load files from filesystem…”

Have you succeeded in Qubes-Whonix @Patrick. Does about:config need some more tweaking perhaps? The home page works okay.

PS @madaidan Don’t waste all your talents & time on those reddit trolls. It’s like screaming into the void.

Spend more time over here doing your great development work!

Patrick · May 27, 2020, 12:21pm

torjunkie via Whonix Forum:

Maybe like I2P you have to let it run for a long time beforehand?

Dunno. Conceivable.

Logs also show for various website attempts: “ContentDb not initialized, load files from filesystem…”

Have you succeeded in Qubes-Whonix @Patrick. Does about:config need some more tweaking perhaps? The home page works okay.

Last time I tested no such changes were required. I’ve tested very
little actual ZeroNet websites. Official links only. That worked for me
at that time.

madaidan · May 28, 2020, 12:15am

Then why mention the full system MAC policy, hardened kernel, verified boot etc. at all?

Patrick · May 28, 2020, 9:37am

Because that chapter illustrates Kicksecure development goals (new name
of chapter).

Patrick · May 28, 2020, 4:06pm

Whonix on USB search term has very poor results on search engines. No wiki page is suggested Related information System Configuration and Access - Kicksecure is really hard to find.

Therefore moved that chapter to https://www.whonix.org/wiki/Template:Whonix_on_USB, and rewrote.

Created a dedicated wiki page for it:
Installation of Whonix ™ on a USB

madaidan · May 28, 2020, 6:09pm

Then why mention Android/iPhone?

I think the comparison table should be removed and a few more descriptive paragraphs written instead.

Patrick · May 28, 2020, 7:26pm

Because it shows that others managed to implement these features and it’s realistic to re-implement in Kicksecure - without adding any privacy issues or user freedom restrictions. It’s to tease and encourage other developers to catch up implementing some of the iPhone/Android security features in Linux (desktop) distributions too. If it gets added to Kicksecure that’s great, but if others focus on other Open Source Linux distributions that’s a net benefit too.

And if you’re wondering why it lists some disadvantages of iPhone/Android are listed, that’s to show in how many ways others are messing up. Tor create awareness of these issues (precondition for fix) and to not mess up in similar ways in future. Illustrating project goals, values, awareness.

Concept of Open/Free/Libre Software is great. However, since the inception of the 4 original essential software freedoms, other issues came up sometimes called tivoization, malicious feature, antifeature, tyrant software, treacherous computing or DRM (digital restrictions management). Also data portability, open databases, open source hardware, first mover effects, network effects, and more.

We have enough walls of texts. Some like tables, some don’t. In this case I found a table to be looking good.

madaidan · May 28, 2020, 7:30pm

Not to the same extent. The page is saying that the security features in Android are the exact same in Kicksecure but better which isn’t true.

They mess up far less than Linux does.

It doesn’t matter if it looks good. It’s conveying incorrect information.

Patrick · June 1, 2020, 6:25pm

Hi,

You can quote me or use information to write an article, as long as you
reference it properly and add the relevant link in the notes.

With kind regards,

Dirk
  Cipher Machines & Cryptology
http://users.telenet.be/d.rijmenants
http://rijmenants.blogspot.be http://rijmenants.blogspot.be/

torjunkie · June 1, 2020, 9:22pm

Great. As:

HulaHoop has had a look and is okay with it
We have the author’s permission
A clear credit is given up front to the author: “The description of this procedure draws heavily upon the following guide: The Complete Guide to Secure Communications with the One Time Pad Cipher [archive]; all credits go to the author.”

Can you please publish it?

Patrick · June 1, 2020, 10:04pm

torjunkie via Whonix Forum:

Great. As:

HulaHoop has had a look and is okay with it

We have the author’s permission

A clear credit is given up front to the author: “The description of this procedure draws heavily upon the following guide: The Complete Guide to Secure Communications with the One Time Pad Cipher [archive]; all credits go to the author.”

To be on safe side, could you please make the authorship more explicit
by naming author and organization (or organization and author as
applicable)?

torjunkie · June 4, 2020, 10:37am

We should probably deprecate the Usenet page:

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Usenet

Most of it relies on Mixmaster (dead) or Nymservers (largely reliant on Mixmaster).

All that leaves is two sections re: reading newsgroups with NNTP clients (whatever that is, not familiar with it) and accessing NNTP servers anonymously for discussion groups (if that is even possible).

Overall, a lot cause - not worth editing to bring it up to scratch unless you have different views.

torjunkie · June 5, 2020, 2:14pm

I’ll take that as a yes to deprecate.

Patrick · June 5, 2020, 2:58pm

Not really. I am not done thinking about this yet.