Long Wiki Edits Thread

Whonix ™ Protection against Real World Attacks could use

  • a more catchy page name. Suggestions?

  • a more catchy og:description (|description=)

    |description=How Whonix defeats the Top "In The Wild" Attacks on Anonymity
    

Better. Room for improvement?


og:description is generally very important since used by search engines and social media as sub text. Page names and titles are also very important for SEO and headlines.

1 Like

Workflow priority? Should tasks be completed as they arise or should they be prioritized?

TODO

  1. Add content “Software Installation TemplateBasedVM AppVM”
  2. Document enhancement: Using FireFox in Whonix to Connect to .onions
  3. Call for testers blog post needed. Help welcome!
  4. Security in Real World “more catchy page name” etc
1 Like

0brand:

Workflow priority? Should tasks be completed as they arise or should they be prioritized?

TODO

  1. Add content “Software Installation TemplateBasedVM AppVM”
  2. Document enhancement: Using FireFox in Whonix to Connect to .onions
  3. Call for testers blog post needed. Help welcome!
  4. Security in Real World “more catchy page name” etc

highest priority: call for testers

next highest: release announcement Whonix 14 draft

After that: everything is too similar to argue priorities.

I can do this if 0brand wants to work on the other one? Or vice-versa.

2 Likes

I just started on “Call for testers blog post needed. Help welcome!” but you"re more experienced and I’m (considerably?) slower at writing pages. It might make sense for you to write “Call for tester…” and I can do release announcement Whonix 14 draft? This way the highest priority gets done sooner? Let me know what you would like to do. I’m flexible. I’ll keep on going with this page until I hear from you. :wink:

Edit: This is going quicker than I expected. I should be able to finish fairly quickly. If you want to work on release announcement Whonix 14 draft?

1 Like

Done!

https://forums.whonix.org/t/qubes-whonix-14-0-0-6-9-templatevms-for-r3-2-and-r4-testers-wanted/4988

Please let me know it any changes need to be made.

2 Likes

Thanks 0brand!

Yes, I’ll push out my draft for Whonix 14 today or tomorrow.

I’m not quicker these days due to work and other stuff, but that is settling down now thankfully after a few hectic weeks. I hate it when life interrupts Whonix editing… :wink:

We could use another 5 people like you, since you write well and understand the platform technically.

Note to self: update release notes since Patrick and the team have closed a ton of bugs recently in preparation for the release.

PS If anyone is getting that can’t update Qubes dom0 error i.e. “directory doesn’t exist” yada yada, the fix is in the testing repo. Or, until that hits stable, before running qubes dom0 update, in sys-whonix run:

sudo mkdir -m 775 /var/lib/qubes/dom0-updates/

sudo chown user:user /var/lib/qubes/dom0-updates

and then it will work.

2 Likes

→ Done.

Moving onto a draft Whonix 14 release blurb…

1 Like

@Patrick, how about this below (not sure which features etc you’d like to highlight - took a guess. April date to be confirmed upon release.)

Whonix 14 has been Released

April X, 2018

Greetings to the Whonix community!

After 22 months of development, the Whonix Project is proud to announce the release of Whonix 14.

Whonix 14 is based on the Debian stretch (Debian 9) distribution which was released in June 2017. This means users have access to many new software packages in concert with existing packages such as a modern branch of GNuPG, and more. [1][2][3]

Major Changes and New Features

Whonix 14 contains extensive security and usability improvements, new features and bug fixes. For a detailed description of these and other changes, please refer to the official release notes. [4]

  • Rebased Whonix on Debian stretch (Debian 9).

  • Whonix 14 is 64-bit (amd64) only - 32-bit (i386) images will no longer be built and made available for download. [5]

  • The new Anon Connection Wizard [6] feature in Whonix simplifies connections to the Tor network via a Tor bridge and/or a proxy.

  • The Tor pluggable transport meek_lite [7] is now supported, making it much easier to connect to the Tor network in heavily censored areas, like China. [8]

  • The Tor Project’s Sandboxed Tor Browser is now compatible with Whonix. [9][10]

  • Onioncircuits are installed by default in Whonix.

  • Tails’ onion-grater program has been implemented to enable OnionShare, Ricochet and Zeronet compatibility with Whonix.

  • Onion sources are now preferred for Whonix updates/upgrades for greater security.

  • Updated Tor to the v3.2.9 major (stable) release to enable full v3 onion functionality for both hosting of onion services and access to v3 onion addresses in Tor Browser.

  • Created the grub-live package [11] which can run Whonix as a live system on non-Qubes-Whonix platforms. [12]

  • Corrected and hardened various AppArmor profiles to ensure the correct functioning of Tor Browser, obfsproxy and other applications.

Known Issues

  • Desktop shortcuts are no longer available in non-Qubes-Whonix.

  • OnionShare is not installed by default in Whonix 14 as it is not in the stretch repository. It can still be manually installed by following the Whonix wiki instructions [13] or building it from source code. [14]

  • Enabling seccomp (Sandbox 1) in /usr/local/etc/torrc.d/50_user.conf causes the Tor process to crash. This issue is resolved in Tor 0.3.3 which has not yet reached Debian stable. [15]

While there may be other issues that exist in this declared stable release, every effort has been made to address major known problems.

Please report any other issues to us in the forums, after first searching for whether it is already known.

Download Whonix 14

Whonix is cross-platform and can be installed on the Windows, macOS, Linux or Qubes operating systems. Choose your operating system from the link below and follow the instructions to install it.

https://www.whonix.org/download/

Upgrade to Whonix 14

Current Whonix users (or those with 32-bit hardware) who would prefer to upgrade their existing Whonix 13 platform should follow the upgrade instructions below.

Release Upgrade

What’s Next?

Work on Whonix 15 is ongoing and interested users can refer to the roadmap to see where Whonix is heading. [16]

Developer priorities are currently focused on easing the transition to the next Debian release due in 2019 (“buster”; Debian 10) and squashing existing bugs, rather than implementing new features.

We need your help and there are various ways to contribute to Whonix - donating or investing your time will help the project immensely. Come and talk with us! [17]

References

[1] Debian -- News -- Debian 9 "Stretch" released
[2] Release Notes for Debian 12 (bookworm), 64-bit PC
[3] Release Notes for Debian 12 (bookworm), 32-bit PC
[4] Changelog - Whonix
[5] Whonix 13 users with 32-bit systems can however upgrade their platform by following the available wiki instructions, rather than download new Whonix-WS and Whonix-GW images.
[6] Anon Connection Wizard - Whonix
[7] News - Whonix Forum
[8] Add the "meek_lite" transport, which does what one would expect. · Yawning/obfs4@611205b · GitHub
[9] Linux · Wiki · The Tor Project / Applications / Tor Browser · GitLab
[10] https://www/whonix.org/wiki/Tor_Browser/Advanced_Users#Sandboxed_Tor_Browser
[11] Live Mode for Kicksecure
[12] grub-live is optional and requires the user to first enable it manually.
[13] Instructions are pending.
[14] https://github.com/micahflee/onionshare/blob/master/BUILD.md#gnulinux
[15] sandbox_intern_string(): Bug: No interned sandbox parameter found for /etc/tor/torrc.d/ (#22605) · Issues · Legacy / Trac · GitLab
[16] ⚓ Query: Open Tasks
[17] https://forums.whonix.org

3 Likes

Done!

https://www.whonix.org/w/index.php?title=Software&oldid=33394&diff=cur

Instructions varied from the original “Install Printer Drivers TempBasedVM” I think the changes look a little better? Please let me know if any changes are necessary!

1 Like

In light of the recent issues with the v2 , v3 .onions being down (Whonix , Qubes ). I think it may be a good idea to add short instructions on how to change back to the clearnet http:// URI repository. It may be confusing to some users and they may forgo updating their system if there are no easy to follow instructions.

Any thoughts on weather they should be added? Id be happy to do so if that was the consensus.

https://www.whonix.org/wiki/Security_Guide#Onionizing_Repositories

Good idea re: reverting changes (due to .onions down or possibly poor connection speeds).

torjunkie:

@Patrick, how about this below (not sure which features etc you’d like to highlight - took a guess. April date to be confirmed upon release.)

Whonix 14 has been Released

April X, 2018

Greetings to the Whonix community!

After 22 months of development, the Whonix Project is proud to announce the release of Whonix 14.

Whonix 14 is based on the Debian stretch (Debian 9) distribution which was released in June 2017, meaning users have access to numerous updated and new software packages, a modern branch of GnuPG, and more. [1][2][3]

Major Changes and New Features

Whonix 14 contains many security and usability improvements, new features and bug fixes. For a detailed description of these and other changes, please refer to the official release notes. [4]

  • Rebased Whonix on Debian stretch (Debian 9).

  • Whonix 14 is 64-bit (amd64) only - 32-bit (i386) images will no longer be built and made available for download. [5]

  • The new Anon Connection Wizard [6] feature in Whonix simplifies connections to the Tor network via a Tor bridge and/or a proxy.

  • Onionshare and onioncircuits are installed by default in Whonix.

  • Tails’ onion-grater program has been implemented to enable onionshare, Ricochet and Zeronet compatibility with Whonix.

  • Onion sources are now preferred for Whonix updates/upgrades for greater security.

  • Updated Tor to the v3.2.10 major (stable) release to enable full v3 onion functionality for both hosting of onion services and access to v3 onion addresses in Tor Browser.

  • Created the grub-live package [7] which can run Whonix as a live system on non-Qubes-Whonix platforms. [8]

  • Corrected and hardened various AppArmor profiles to ensure the correct functioning of Tor Browser, obfsproxy and other applications.

Known Issues

  • Desktop shortcuts are no longer available in non-Qubes-Whonix.

While there may be other problems that exist in this declared stable release, even effort has been made to address major known problems.

Please report any other issues to us in the forums, after first searching for whether it is already known.

Download Whonix 14

Whonix is cross-platform and can be installed on the Windows, macOS, Linux or Qubes operating systems. Choose your operating system from the link below and follow the instructions to install it.

https://www.whonix.org/download/

Upgrade to Whonix 14

Current Whonix users (or those with 32-bit hardware) who would prefer to upgrade their existing Whonix 13 platform should follow the upgrade instructions below.

Release Upgrade

What’s Next?

Work on Whonix 15 is ongoing and interested users can refer to the roadmap to see where Whonix is heading. [9]

Developer priorities are currently focused on easing the transition to the next Debian release due in 2019 (“buster”; Debian 10) and squashing existing bugs, rather than implementing new features.

We need your help and there are various ways to contribute to Whonix - donating or investing your time will help the project immensely. Come and talk with us! [10]

References

[1] Debian -- News -- Debian 9 "Stretch" released
[2] Release Notes for Debian 12 (bookworm), 64-bit PC
[3] Release Notes for Debian 12 (bookworm), 32-bit PC
[4] Changelog - Whonix
[5] Whonix 13 users with 32-bit systems can however upgrade their platform by following the available wiki instructions, rather than download new Whonix-WS and Whonix-GW images.
[6] Anon Connection Wizard - Whonix
[7] Live Mode for Kicksecure
[8] grub-live is optional and requires the user to first enable it manually.
[9] ⚓ Query: Open Tasks
[10] https://forums.whonix.org

This is really good!

Could you make this a wordpress draft please?

(Should also be possible to copy and paste html there.)

OK - will do.

1 Like

Great job, @torjunkie !

Shall we include the support meek_lite, too? It greatly improved the user experience in heavily censored area: http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Whonix_Release_Notes&oldid=33415

It can be put under the Major Changes and New Features:

  • Tor Pluggable Transport meek_lite is supported, making Whonix much easier to connect to the Tor network in heavily censored areas, like China.

: News - Whonix Forum

3 Likes

I am not good at wording. So in your opinion, do you think using word like “tremendous” or “huge number of” will be better than using “many”, @torjunkie ?

It is not exaggerated considering to number of changes from Whonix 13 → 14.
http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Whonix_Release_Notes#Whonix_14

1 Like

Done!

https://whonix.org/wiki/w/index.php?title=Manually_Downloading_Tor_Browser&oldid=32458&diff=cur

Please let me know if changes are necessary.

2 Likes

It seems onionshare is not in and will not be in Whonix 14 because of it is not available in Debain Stretch repository.

2 Likes

Thanks to you both. I will get back to this shortly (bit busy today) and fix these things up.

1 Like

@iry @0brand

Changes made to suggested Whonix 14 blog release (further above).

If you like it and don’t have any other suggestions, I’ll save it as a draft blog for Patrick.

2 Likes