[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Long Wiki Edits Thread


#181

Right. Fixed. I used an easy work-around instead of anchoring (PTSD from last time I used/touched anchors).

Also fixed up a bunch of broken internal refs for Unsafe Tor Browser behavior and x1 in Custom Homepage. They now link properly.

OK, now I really think we’re done there. Party time. :+1:


#182

Do you want the license section on every (main) wiki documentation page? That is:

= License =

{{License_Amnesia|{{FULLPAGENAME}}}}

If so, I’ll fix that up (it’s not consistent now and often missing).

Also, decide whether you want references noted as:

== References ==

Or

== Footnotes ==

On each page, since it is inconsistent now on each page.

PS I removed the “Secure Back-ups” part from Security Guide, since that issue is now closed on github (Qubes), because scrypt has been implemented and solves this problem. See:


#183

torjunkie:

Do you want the license section on every (main) wiki documentation
page?

No, license is only required for pages originally forked from elsewhere.

{{License_Amnesia|{{FULLPAGENAME}}}}

That specifically is only for pages that originate from Tails.

If so, I’ll fix that up (it’s not consistent now and often missing).

Also, decide whether you want references noted as:

What you could do is compare with the original. Then if the original was
improved in meanwhile, backport the changes to Whonix. And if our page
doesn’t include anything from the original anymore, we could as well as
also remove it.

== References ==

Or

== Footnotes ==

It depends. Sometimes it’s just references. Sometimes it’s footnotes.
Got any example where that looks wrong?

PS I removed the “Secure Back-ups” part from Security Guide, since
that issue is now closed on github (Qubes), because scrypt has been
implemented and solves this problem. See:

https://github.com/QubesOS/qubes-issues/issues/971

Thanks for noticing. Has this fix been deployed to recent Qubes versions
(R3.2)?


#184

Ah right - understood. Don’t worry about the license or footnote vs references thing then. I think they’re all good.

Not sure about scrypt being updated in stock 3.2. The bug only just got closed, so maybe it hasn’t come down to stable repos yet, because that normally takes 7 or 10 days or so.

Computer Security Education is taking longer than thought -> been busy + added lots of material here and there to remove the “TODO” references, which are annoying from an editing perspective i.e. it’s just better to research it, and cross that off.

Plus, some of it is critical e.g. router stuff I just added, which most users (even experienced ones) overlook, despite it being one of the weakest links targeted by scumbag hackers.

Getting closer though, just a few bits left e.g Windows vs other distros, MAC address stuff (hopefully just editing for that) etc. Once that’s done, I can move onto Advanced Security Guide, which I’m sure will be a nightmare to edit. :wink:


#185

Could you please add a chapter Tor Browser Hardened to https://www.whonix.org/wiki/Tor_Browser/Advanced_Users?

(Would have been useful as reference here: TOR BROWSER BUGGGG in whonix)


#186

The relevant information is in the introduction to this entry here:

http://kkkkkkkkkk63ava6.onion/wiki/Tor_Browser/Advanced_Users#Introduction

The “hardened” Tor Browser has been deprecated and major features like Selfrando memory randomization are now part of the alpha series and planned for eventual mainline adoption. Consequently, The Tor Project recommends users seeking a higher security solution should default to the sandboxed Tor Browser: [25] [26]

While the Sandboxed Tor Browser is currently in an experimental state itself, we feel that it provides much better safeguards against exploitation than the features we shipped in the hardened series.

Do you still want a “Hardened Tor Browser” entry to point to this?


#187

Yes, I think that would be useful to have as reference. Perhaps not a separate headline, but an anchor and clickable link (for future copy and paste) (that leads to the sentence on hardened)?


#188

OK. I added this anchor to just above the relevant text:

{{Anchor|Tor Browser Hardened}}

Presumably a clickable link will be available once that is signed off.


#189

OK - 66 edits and a ton of research later, the Computer Security Education entry is now ready for review.

Most of the TODO’s have now been addressed.

Painful would be an understatement. I might tackle some smaller entries before the Advanced Security Guide section.

Moving on.


#190

Great work on the computer security guide!


Edit wish high priority:
For legal reasons etc… Hard terrain… Not sure I am getting paranoid here, but we shouldn’t call any names. Especially no powerful ones. Especially no legitimate ones.

Could you please look through the wiki for…

  • intelligence agencies
  • NSA
  • etc.

And rewrite them in generic terms? Call them adversary?

We’re pro privacy. We don’t want wifi sniffers in hotspots and other criminals to illegally eavesdrop our communications.

We can still link to articles mentioning any names. Would be hard to find articles in pure generic terms. As for the articles, we are just using them as references proving a claim. Then calling names is a only a by-product and not the point.


Lower priority bonus wishlist: Research Windows / MacOS RAM dumps. During application crashes, they might create a dump of the whole RAM (sometimes called coredump).

http://www.networkworld.com/article/2164903/windows/windows-how-to-solve-windows-8-crashes-in-less-than-a-minute.html

If you could explain that a bit (using that source or any other that more focuses on the outrageous privacy issues) (similar to the existing bullet points). Mention a RAM dump could contain anything done during that session (rather random depending on how the RAM is wiped [if at at all] and depending if it was overwrite. And of course all currently existing contents in RAM. Probably swap is included as well. Including all disk encryption passwords, opened documents contents, other password and whatnot. Very likely would even make security attacks easier since it might exact states about ALSR, seeds, and whatnot.


To make reviews faster and safer, could you please split future edits into parts:

  • a) language fixes
  • b) moving chapters around without changes
  • c) new content

By split, I mean only doing either a), b) or c), and then waiting for the review. That would make reading the diff a lot easier to read.


#191

Thanks.

Fixed the above for Computer Security Education. I’ll check others as I go along and replace with “adversary” or “adversaries”.

Sure. Will do. I’m hoping other entries won’t require the level of change that was seen in Computer Security Education and Tor Browser entries. :slight_smile:

No problem. Will look into it and add to Computer Security Education entry.

Cheers!


#192

Could you please review (and comment there is any comments) this upcoming blog post draft?

https://phabricator.whonix.org/T659#13258


#193

Secure downloading of files is an difficult and under documented. Wget seems buggy. Curl is hard to use without running into a downgrade attack. Can you make head or tail of this https://phabricator.whonix.org/T673 ticket?

TODO:

  • search the wiki for torproject.org, where applicable add alternative download links to Tor Project’s onion for downloads from torproject.org to the wiki
  • port wget to curl everywhere
  • perhaps one sentence (a template) explaining why use such a complicated curl command with a link to a page that explains the curl vs downgrade attacks vs wget mess. Perhaps a new wiki page command line downloader?

#194

Hi,

This LGTM.

A few minor nits:

1) Since normal (most) users don’t appreciate/know what localhost actually means, in the first line, localhost could have an imbedded link e.g. [http://whatismyipaddress.com/localhost localhost only] or [https://en.wikipedia.org/wiki/Localhost localhost only].

2) Second line, change “gateway” and “workstation” to “Whonix-Gateway” and “Whonix-Workstation”.

3) Do you need to define “external interface” here to be clear for normal users? That is, I presume it means “A connection to the WAN side of a router”. And not the LAN side.


#195

Not sure I understand all the implications exactly, but I’ll have a crack (see below). Point out what’s wrong.

1) How about, a brief Wiki page somewhere like this:

Secure downloading of files is a complex subject and the potential security implications are poorly understood by most users.

Whonix users will frequently want to download files from the Internet in order to achieve desired aims. Unfortunately, resorting to the simple wget command is ill-advised, because it is [https://lists.gnu.org/archive/html/bug-wget/2012-07/msg00015.html buggy]. For example, if users do not force a request to use SSL encryption, wget can [https://stackoverflow.com/a/38835162 fail silently]. Even when SSL is enforced with a command line option, this can [https://www.gnu.org/software/wget/manual/html_node/HTTPS-_0028SSL_002fTLS_0029-Options.html break interoperability with some sites] that use self-signed, expired or invalid certificates. Users could potentially ignore certificate verification warnings and proceed with downloads where the site’s authenticity is in question.

To provide greater security when downloading, Whonix has implemented a scurl script. This invokes the usage of [https://packages.debian.org/jessie/curl curl] with the following additional command line parameters:

  • –tlsv1.2 --proto =https to enforce strong encryption.
  • –remote-name to simplify naming conventions for downloaded files.

Scurl is not vulnerable to [https://security.stackexchange.com/questions/41988/how-does-sslstrip-work SSLstrip]. This is a man-in-the-middle attack which forces a user’s browser to communicate with the adversary in plain-text over HTTP (poisoning the download).

Unfortunately, scurl is mostly only available in Whonix and the command will generally not work in other distributions. To use scurl, simply run.

scurl {{https URL file location}}

In all cases, users should avoid downloading files over plain HTTP.

2) Suggested template (linking to the above):

‘’‘Warning:’’’ Users should invoke the scurl or curl command to download files instead of using wget. To use it, run either.

scurl {{https URL file location}}

Or manually run.

curl --tlsv1.2 --proto =https --remote-name {{https URL file location}}

3) Once 1 & 2 is signed off and fixed up, I can manually search for wget instructions and replace with scurl in the first instance. I can also do the “adversary” find and replace stuff at the same time.


#196

Looks great!

wishlist:

  • agency -> adversary

Low priority bonus:
Perhaps we can also consider changing some page names. Like Desktop… I only used this because I had no better idea. If you have suggestions on renaming, please make them. It matters, because that influences search engines.

Also a little special attention would be great at page’s description= fields.

|description=Whonix Linux Desktop Tips and Tricks, RAM Adjusted Desktop Starter, Auto Login, Single vs Double Click, full-screen

Because that will likely become the sub text in search engine results. Also influences how the oneboxes in the forums will look like.


#197

OK - great.

1) Do you want to create a scurl template and reference it here and I can fill it out as agreed.

2) Where should the “Safe downloads” wiki entry/page go? Any suggestions?

3) Once the above are done & reviewed, I’ll go through all the main documentation on the main page and search/replace:

  • all wget (change to scurl)
  • NSA, GCHQ, intelligence agencies, agency etc (all changed to adversary/adversaries)

The only exception to the above is things like “NSA Key” which are explicitly referenced as existing in Windows etc, which there is no good way of avoiding.

4) I checked out core dump stuff. Yes, it’s a problem since all the refs show that it can leak encryption keys, passwords etc.

The problem is that Linux is also vulnerable. According to some info I found, apparently even Debian, Arch Linux etc. have some systemd default set to dump shit like this, unless systemd changes are made to some config file / setting somewhere.

It of course begs the question, should Whonix be changing that systemd setting to prevent any potential leaking of critical information in event of one of the (rare) crashes?

Apparently advanced adversaries can try to enforce a crash, just to get their hands on core dump / kernel dump etc information.

5) I’ll keep description=fields on my list, but as a low priority until finishing off Advanced Security Guide and some other key entries.

Agree it is important.

6) Renaming entries. Yes, I agree many need some work. It will become clearer after a ton more editing is finished, because then we will be ready to rework where everything belongs.

I’m gonna suggest some things later on definitely, and see what you think. Especially that “General Information” section on the main page, which needs major merging work & shifting further down the page.


#198

https://www.whonix.org/wiki/Template:Scurl

Good question. Created for now:
https://www.whonix.org/wiki/Secure_Downloads

(Unless there are better suggestions for a page name.)

(low priority) Perhaps the chapters from https://www.whonix.org/wiki/Tor_Browser#File_Downloads could be converted into templates and reused on https://www.whonix.org/wiki/Secure_Downloads. I mean, that page could also discuss how to download using a browser.

Great!

They might do core dumps, but I doubt they are auto uploaded anywhere.


#199

https://www.whonix.org/wiki/Template:Third_Party_Repository - perhaps we could suggest using separate Whonix-Workstations?


#200

Fixed.

Fixed.

Agree. Create a template, and I’ll fill it out for you.

Fixed.

My TODO (to keep track):

  • Fix extra template (above) when created
  • Finish coredump entry
  • Fix find and replace terms
  • Torproject downloads changed to .onion references
  • Start Advanced Security Guide

Lower priority:

  • Description Fields
  • Renaming/shifting entries around