Long Wiki Edits Thread

These are all subjects which came up several times in Whonix chat:

Issues Beyond Licensing

1 Like

Not bad. However some of these issues could actually be solved with licensing. But I wouldn’t know such a license would still be Free Software / Open Source certified by FSF / OSI.

The Cryptographic Autonomy License version 1.0 (CAL-1.0) seems an interesting license at first sight covering newer issues but I didn’t look into it yet much. Maybe there are others too which I am not aware of.


1 Like

Interesting point. Please add to the page also.
Perhaps best to rename to:

Miscellaneous Threats to User Freedom

as a catch-all that doesn’t exclude licensing as a potential fix.

1 Like

Alright, done.

1 Like

A post was merged into an existing topic: Tor Connection Padding

Latest version of Ubuntu is 20.04 - so not sure this is still relevant?


If Ubuntu 14.04 has a screen resolution of 640x480 you may be able to get 1024x768 by simply by running xdiagnose and changing any setting under Debug. Marking them all or unmarking “Enable automatic crash reporting”, are reported to work. Reboot.

Also, is the rest of that page still okay for higher screen res in VirtualBox without VirtualBox guest additions? Or majorly outdated (and should be deprecated)?

1 Like

A post was split to a new topic: Security Risks of VirtualBox Shared Folders

OK - on the relevant wiki page I noted because it is unclear:

Bidirectional clipboard sharing is currently disabled by default in Whonix ™ VirtualBox VMs.

For Whonix-Gateway ™, one directional clipboard sharing from the host to Whonix-Gateway ™ is allowed.

If that is not right, please correct it.

BTW if bidirectional clipboard sharing is enabled by default (which would be a mistake IMO since it is easy for VirtualBox users to change that setting), we should add a pointer in the security guide to disable it (many won’t want convenience over security)

1 Like

It was user contributed a long time ago. I don’t test these things. I’d say can be left as is but perhaps a comment added about the untested / unmaintained nature of it. Not required to call it deprecated until we hear it’s broken or otherwise causing trouble. Good to keep because I haven’t seen this anywhere else on the internet.

1 Like

Good idea. Please add.

1 Like

Could you review https://www.whonix.org/w/index.php?title=Tor_Myths_and_Misconceptions&oldid=58589&diff=cur please? @HulaHoop

1 Like

So does Whonix enable clipboard sharing by default in VirtualBox (bidirectional?) - still not clear to me :slight_smile:

Also, can’t add this to the Data Collection Techniques page due to this error:

File not found

Firefox can’t find the file at http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Data_Collection_Techniques&action=submit.

Check the file name for capitalization or other typing errors.
Check to see if the file was moved, renamed or deleted.

Maybe you’ll have better luck adding the below, or something needs fixing on the wiki…

= Redirect Tracking =

Mozilla succinctly describes this novel threat: https://blog.mozilla.org/security/2020/08/04/firefox-79-includes-protections-against-redirect-tracking/

When we browse the web we constantly navigate between websites; we might search for “best running shoes” on a search engine, click a result to read reviews, and finally click a link to buy a pair of shoes from an online store. In the past, each of these websites could embed resources from the same tracker, and the tracker could use its cookies to link all of these page visits to the same person. To protect your privacy ETP 1.0 blocks trackers from using cookies when they are embedded in a third party context, but still allows them to use cookies as a first party because blocking first party cookies causes websites to break. Redirect tracking takes advantage of this to circumvent third-party cookie blocking.

Redirect trackers work by forcing you to make an imperceptible and momentary stopover to their website as part of that journey. So instead of navigating directly from the review website to the retailer, you end up navigating to the redirect tracker first rather than to the retailer. This means that the tracker is loaded as a first party and therefore is allowed to store cookies. The redirect tracker associates tracking data with the identifiers they have stored in their first-party cookies and then forwards you to the retailer.

To illustrate the threat, consider somebody browsing an online website advertising computer hardware who decides to click a link to purchase a suitable laptop from a suitable retailer. The browser will quickly navigate to the relevant website and the hardware product page loads. Without realizing it, the customer may have been tracked via several steps:

  1. The website advertising the computer hardware had the appropriate URL to redirect to the specific retailer.
  2. An embedded redirect tracker intercepted the click and sent the customer to their website instead.
  3. The tracker saves the intended destination – the retailer’s URL – that the customer thought they were directly visiting.
  4. After the redirect tracker is loaded as a first party, it can access its cookies. This means information is stored about which website the customer came from and where they are headed, along with cookie identifers (allowing tracking across the Internet).
  5. The customer is automatically redirected to their original destination after the tracking data is saved.

Fortunately Firefox 79 partially addresses this behaviour via its Enhanced Tracking Protection. Every 24 hours any cookies and site data stored by known trackers are cleared, preventing trackers from building a long-term profile of user activity. However, temporary tracking is available within that 24 hour window and a host of unknown trackers may still pose a profiling threat. https://blog.mozilla.org/security/2020/08/04/firefox-79-includes-protections-against-redirect-tracking/

Also, all the Friday & Saturday edits are mine, so I think they safely improve a fair few things :wink:

1 Like

Re bidirectional clipboard sharing: “In Whonix ™, VirtualBox guest additions are installed by default.”


Tor bandwidth weighted capactiy != number of nodes. All are not weighted equally, obviously so for accuracy, this statement is should be omitted:

This is equivalent to more than 380 Tor exit relays at the peak of the attack

Actually reading more closely, I don’t understand the sslstrip attack nodes’ relevance to the misconception being addressed. These nodes weren’t proven to be government run. Also for this particular attack, a GPA Can mount this attack on connections without having to be an exit node. For any other type of attacker, the only way to place themselves between cryptocurrency users and their sites is to run a malicious node.

However classical correlation attacks on the Tor network would need malicious exits and entry guards to be used simultaneously to deanonymize. Perhaps Roger’s statement needs to be further clarified that the structure of the internet is somewhat centralized and so flows can be more effectively monitored at choke-points even from outside the Tor network. Nothing in practice though proves that Tor is completely defeated by them however.

1 Like

torjunkie via Whonix Forum:

So does Whonix enable clipboard sharing by default in VirtualBox (bidirectional?)

Whonix VirtualBox: bidirectional clipboard sharing by default

There was a long forum discussion on the subject. Perhaps you have more
luck finding it than I had.

1 Like

@BOssmank you realize your posts reek of spam about some random shitcoin? I restrained myself from banning you on sight since you don’t seem to be a bot and had a legit support question. I will give you a second chance after removing your ad posts.

1 Like

No man it was legit and that was the only way I could pay some one back. Now they will have 50 and some PI that’s not on market yet.



That was my guess because who else would bother to add over 20% of Tor exit bandwidth. Although on second thought, since they were common cryptocurrency thieves, it probably was some general malicious actors (government is already well funded/over-compensated).

That was nusenu’s calculation and he/she seems to know their stuff based on that long article published before The Tor Project addressed the issue.

Anyway, just take out what you don’t like, because readers should be aware of the capability of malicious actors i.e. the fact this could happen undetected for a time is of real concern in the current ecosystem setup.

IMO Tor really needs to start transitioning to a ‘known good’ / confirmable Tor exit family groups etc. because the current model is abused and has been for the longest time. Plus, only half of the network’s bandwidth is used on average, so they can afford to cut (potentially) dodgy, anonymous operators.


Adjusted the paragraph to be more focused on the government point. Edited and polished the FAQ further.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]