[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Long Wiki Edits Thread

new wiki page:

We can probably borrow some bits and pieces from this PDF for the wiki - anything here/easy wins that might have been overlooked? @HulaHoop @madaidan

2 Likes
  • Added cellebrite claims with the debunked references to signal wiki
  • Added one more reference to OpenPGP security concerns
  • Added rules on when to accept new onion source for sdwdate
1 Like

I don’t think so. From a quick skim of the site, it doesn’t seem very good.

Unrelated, but I’ve recently published a Linux hardening guide which you may want to link in the wiki: https://madaidans-insecurities.github.io/guides/linux-hardening.html

2 Likes

There’s some interesting material that is worth integrating or covering. We should mention the benefits of updating UEFI if possible on the system. Not trusting preloaded OSs no matter what, even if they are a pre installed Linux. The fact that grub now supports encrypted boot partitions AFAIK (not in there but inspired by chapter heading).

2 Likes

new chapter:

https://www.whonix.org/wiki/Miscellaneous_Threats_to_User_Freedom#Tyrant_Security_vs_Freedom_Security

Updated https://www.whonix.org/wiki/Features#Tor_Network_.2F_Torification in response for a generic answer.

new wiki page:

and new related templates:

https://www.whonix.org/wiki/Other_Operating_Systems is the first wiki page where this is being used. Will be added to other wiki pages as needed.

This enhancement might be useful to mention in the chat section. Basically people can use OnionShare 2.3 to set up an onion address for secure E2E chats.

The main benefit is users can have anonymous chats without needing to set up any accounts e.g. “… a whistleblower can send an OnionShare address to a journalist using a disposable e-mail address, and then wait for the journalist to join the chat room, all without compromising their anonymity.”

https://blog.torproject.org/new-release-onionshare-23

Another major new feature is chat. You start a chat service, it gives you an OnionShare address, and then you send this address to everyone who is invited to the chat room (using an encrypted messaging app like Signal, for example). Then everyone loads this address in a Tor Browser, makes up a name to go by, and can have a completely private conversation.

If you’re already using an encrypted messaging app, what’s the point of an OnionShare chat room? It leaves fewer traces.

If, for example, you send a message to a Signal group, a copy of your message ends up on each device (the devices, and computers if they set up Signal Desktop of each member of the group). Even if disappearing messages is turned on it’s hard to confirm all copies of the messages are actually deleted from all devices, and from any other places (like notifications databases) they may have been saved to. OnionShare chat rooms don’t store any messages anywhere, so the problem is reduced to a minimum.

OnionShare chat rooms can also be useful for people wanting to chat anonymously and securely with someone without needing to create any accounts. For example, a whistleblower can send an OnionShare address to a journalist using a disposable e-mail address, and then wait for the journalist to join the chat room, all without compromising their anonymity.

Because OnionShare relies on Tor onion services, connections between the Tor Browser and OnionShare are all end-to-end encrypted (E2EE). When someone posts a message to an OnionShare chat room, they send it to the server through their E2EE onion connection. The OnionShare server then forwards the message to all other members of the chat room through the other members’ E2EE onion connections, using WebSockets. OnionShare doesn’t implement any chat encryption on its own. It relies on the Tor onion service’s encryption instead.

1 Like

Bot protection at sign-up.

About which operating system this website is about? Use all lower case for your answer.

Proper English? Edit suggestions?

What operating system is this website about? Type your answer in all lower case.

2 Likes

Split done:

new wiki pages:

discussion here:

Google launches a spectrev1 test page using JS for Intel CPUs. Where should this be listed?

https://www.phoronix.com/scan.php?page=news_item&px=Google-Leaky.Page-Spectre

1 Like

Not sure this page should duplicate most contents:

Main page:

Related wiki template:

Split:

2 posts were split to a new topic: Finding Backdoors in Freedom Software vs Non-Freedom Software

A post was split to a new topic: Whonix Security Roadmap

A post was merged into an existing topic: OnionShare Whonix integration development discussion

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]