Long Wiki Edits Thread

We could probably reference this somewhere. Dev documentation? I guess the risk is the same for Whonix as OSS (but simple compared to the Linux kernel).

PS did you see that Codedev hack that affected tons of Github projects?

On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits

Abstract — Open source software (OSS) has thrived since the forming of Open Source Initiative in 1998. A prominent example is the Linux kernel, which has been used by numerous major software vendors and empowering billions of devices. The higher availability and lower costs of OSS boost its adoption, while its openness and flexibility enable quicker innovation. More importantly, the OSS development approach is believed to produce more reliable and higher-quality software since it typically has thousands of independent programmers testing and fixing bugs of the software collaboratively.

In this paper, we instead investigate the insecurity of OSS from a critical perspective — the feasibility of stealthily introducing vulnerabilities in OSS via hypocrite commits (i.e. seemingly beneficial commits that in fact introduce other critical issues). The introduced vulnerabilities are critical because they may be stealthily exploited to impact massive devices. We first identify three fundamental reasons that allow hypocrite commits. (1) OSS is open by nature, so anyone from anywhere, including malicious ones, can submit patches. (2) Due to the overwhelming patches and performance issues, it is impractical for maintainers to accept preventive patches for “immature vulnerabilities”. (3) OSS like the Linux kernel is extremely complex, so the patch-review process often misses introduced vulnerabilities that involve complicated semantics and contexts. We then systematically study hypocrite commits, including identifying immature vulnerabilities and potential vulnerability-introducing minor patches. We also identify multiple factors that can increase the stealthiness of hypocrite commits and render the patch-review process less effective.

As proof of concept, we take the Linux kernel as target OSS and safely demonstrate that it is practical for a malicious committer to introduce use-after-free bugs. Furthermore, we systematically measure and characterize the capabilities and opportunities of a malicious committer. At last, to improve the security of OSS, we propose mitigations against hypocrite commits, such as updating the code of conduct for OSS and developing tools for patch testing and verification.

No, didn’t notice.

Not used by Whonix. Even if it was used, it wouldn’t affect the security of Whonix.
Also on CI service Travis CI are no secrets. All the CI gets is access to data already available to the public such as source code and packages. No signing keys / secrets ever uploaded there. No upload access to Whonix website, source code, anything.

Suiteable?

“Open Source Misses The Point” can be added to more like saying this is not why free software created at the first place.

https://www.gnu.org/philosophy/open-source-misses-the-point.html

A post was split to a new topic: macvk/dnsleaktest

If you like to add more onion v3 links, could you use a wiki template please so we don’t have to write this long address literally multiple times (and increasing chances of typo)? (Simplify maintenance.) Or easier to replicate literally?

Checking the kicksecure-debian wiki here:

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Kicksecure/Debian

There are some improvements can be added:

The following commands need to be run either by root or use sudo.

If running addgroup --system console after su it will give command not found, It will only work if its used with sudo

so the commands should be changed to:

sudo addgroup --system console

sudo adduser user console

sudo adduser user sudo

--no-install-recommends asaik its only used once after apt install, If so the following command has extra --no-install-recommends

sudo apt-get install --no-install-recommends curl gpg gpg-agent --no-install-recommends

And repeated as well in “Pick A Package” Section

sudo apt-get install --no-install-recommends --no-install-recommends kicksecure-cli

Secbrowser is deprecated so this line should be deleted:

kicksecure-xfce: Same as kicksecure-cli but installs the XFCE graphical desktop environment and default applications such as SecBrowser ™ (A Security-hardened, Non-anonymous Browser).

I saw as well this place in the forum:

So which you see my post fits to go as a comment under you can shift my post to.

Fixed. Please check.

Awesome!

A post was split to a new topic: discourse forums disallow reply by email after days setting

A post was split to a new topic: sigstore for improving verification of downloads?

//cc @madaidan

file:///usr/share/homepage/whonix-welcome-page/whonix.html

Whonix ™ is produced independently of, with no guarantee from, The Tor® Project.

“with no guarantee from” seems superfluous. Logically, if Whonix is produced independently, then The Tor Project would never provide any kind of guarantee.

For simplicity, why not change it to:

Whonix ™ is produced independently of The Tor® Project.

(The logo on that page also reminds me that no update/notice was given regarding contributors who provided possible new logos. Some kind of news announcement should be provided about that issue because it closed in January or thereabouts i.e. if not going to update the logo, why not etc.)

torjunkie via Whonix Forum:

file:///usr/share/homepage/whonix-welcome-page/whonix.html

Whonix ™ is produced independently of, with no guarantee from, The Tor® Project.

“with no guarantee from” seems superfluous. Logically, if Whonix is produced independently, then The Tor Project would never provide any kind of guarantee.

For simplicity, why not change it to:

Whonix ™ is produced independently of The Tor® Project.

That text is a courtesy to TPO. Using exactly as requested.

Quote https://www.torproject.org/about/trademark/

How can I use the name “Tor”?

The Tor Project encourages developers to use the name Tor in ways that
do not confuse the public about the source of anonymity software and
services. If you are building open-source non-commercial software or
services that incorporate or work with The Tor Project’s code, you may
use the name “Tor” in an accurate description of your work. We ask you
to include a link to the official Tor website
https://www.torproject.org/ so users can verify the original source of
Tor for themselves, and a note indicating that your project is not
sponsored by The Tor Project. For example, “This product is produced
independently from the Tor® anonymity software and carries no guarantee
from The Tor Project about quality, suitability or anything else.”

(The logo on that page also reminds me that no update/notice was given regarding contributors who provided possible new logos. Some kind of news announcement should be provided about that issue because it closed in January or thereabouts i.e. if not going to update the logo, why not etc.)

OK - that makes sense then.

1G below needs to be replaced with the amount of memory you would like to add in gigabytes.

amount of memory or harddisk?

memory can be:

• permanent memory
• random-access memory (RAM)

Quote https://en.wikipedia.org/wiki/Computer_memory

• Volatile memory
• Non-volatile memory

Technically the term memory is correct and should be clear in the context it is being used there. However, if it’s confusing and someone has a suggestion to improve it feel free.

However we cannot write “the amount of harddisk you would like to add”. That seems wrong.

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Website_Tests#Whonix

Users are advised to use secure browsers, compartmentalize browsing in different virtual machines (VMs), harden their operating system Kicksecure,

Deprecated/Outdated.

What is outdated?