Long Wiki Edits Thread

Changing the system font in Whonix WS? - User Support - Qubes OS Forum

I installed a messaging app in whonix-ws-16 to message over Tor. Typically I use a Debian template for the messenger app but decided to use the whonix ws template for a more robust Tor connection.

The messaging app uses the default system font to display emojis. The current default whonix font is extremely limited. Even a simple :slight_smile: displays as a white box.

Is the default whonix workstation font customized from within the VM template or is there a setting in dom0?

Is there a relatively secure way to install a custom font or should it be avoided?

I presume we should warn somewhere to not install custom fonts i.e. might be a fingerprinting vector? But I’m not sure - I gather it is a legitimate risk i.e. detectable by external sites etc?

1 Like

Indeed. It may or may not be remotely fingerprintable but consider the user is prefering this font in non-anonymous and anonymous VMs then reduces anonymity set by posting screenshots with support requests for both. In either case, for an abundance of caution it is best avoided to even avoid the question.

Kicksecure homepage, wiki and forums is now online.

Sorting out Whonix vs Kicksecure wiki contents will be a major effort. Design:

  • Distinct project branding Whonix vs Kicksecure to avoid users confusing one for the other.
  • The goal is to define “Kicksecure is an upstream of Whonix”. The same in other words: “Whonix is based on Kicksecure.”
  • Minimal duplication of Kicksecure vs Whonix wiki contents.
  • Kicksecure wiki having everything related security. Nothing on anonymity except perhaps a mention “Users interested in anonymity might have a look at Whonix, which is based on Kicksecure.”:
  • Whonix wiki having everything related to anonymity.
  • Kicksecure wiki being independent.
  • Whonix wiki linking to Kicksecure wiki for security related topics.

Difference between revisions of "Chat" - Whonix - could you please clarify what “Message content limited.” means?

I want to fix XFCEXfce proper case-sensitive but I need to change/correct the files names spelling in Whonix source code in a future build. Hence, it’s not fixed everywhere yet.

Now that kicksecure.com is online, there are two recommended host operating systems for Whonix:

  • Kicksecure, or
  • Qubes OS

While migrating Disable TCP and ICMP Timestamps - Whonix to Kicksecure wiki I was wondering what to do with instructions on how to disable TCP and ICMP timestamps on other Linux such as Debian, MacOS and Windows. I think keeping this documentation is too much and should be rejected. If someone wants better security like an operating system that disabled TCP and ICMP timestamps by default, use either Kicksecure or Qubes OS as a host operaging system.

Documenting the same for Debian, MacOS, Windows and even OpenBSD is stretching the project focus too thin. It’s a bit similar like the Debian wiki explaining how to do something on Windows or the MacOS website explaining how to do something on Debian.

The only documentation on Windows, MacOS will be how to install VirtualBox and import Whonix. That is useful to first time Linux users to try out Whonix but for better security these host operating systems are a lost cause. Instructions how to disable TCP and ICMP timestamps would be incomplete in the bigger picture since there would be a lot more host security settings (such as disabling telemetry) that should’t be part of Whonix wiki. Becuase the other way around, we’d also have to host full instructions on how to harden a Windows or MacOS host operating system which would be huge.

There’s now a much more beautiful download button.

Used here:

Some mediawiki CSS fixes have been implemented. Primarily, many places with previously too much white spaces have been fixes. More fixes are upcoming.

(Mediawiki CSS Fixes Wanted for Whonix Wiki!)

The CodeSelect widget has also been improved.

  • looks better
  • With javascript enabled, it now copies to clipboard when clicked. This does not happen with javascript disabled because that is unsupported by browsers.

Can be seen here:
Testpage8 - Whonix

And the many other wiki pages using the CodeSelect widget.

There are still some bugs (wrong box size if text inside CodeSelect is too long). Please test and leave feedback.

Other planned websites enhancements that I scheduled which are planned for the next 4 weeks are listed here:

Re: kicksecure wiki & existing documentation on Whonix website.

I don’t agree wtih the principle re: removing wiki pages on Whonix that are common to both and redirecting readers to the other website:

  • Readers often don’t read the existing documentation on whonix.org as it stands (just look at forum posts re: people often asking basic questions that are already answered in docs i.e. haven’t done their homework). Splitting across two websites will just increase that problem.
  • Better IMO to have one “complete” set of documentation in one place for simplicity and as a definitive security and privacy guide.
  • The kicksecure site can remain very simple and just get occasional page updates to match whonix.org documentation as required i.e. focused on security as you pointed out.
  • The vast majority of the user population is likely to remain focused on Whonix for many years to come → kicksecure is a novelty at present that is unlikely to have a large, standalone user base.
  • Whonix is well known, but the kicksecure base not so much.
  • Etc.

On that basis, I would reject those suggested edits that is redirecting certain pages to kicksecure.com

Sure - will have a look.

Also, re: Kicksecure logo.

I like the last two:

  1. Small padlock with full text; or
  2. Just the wording with the nice, weird “K” :slight_smile:

If I had to choose, probably #1.

Will get to other recent, suggested edits when I have a chance. Christmas time is busy…

1 Like

For many it’s “issue → ask somewhere”. I don’t think it would make a difference.

Problem is, there are ~ 70 repositories on gitlab.com/whonix. Security / anonymity all mixed up. The security parts cannot get as much outside attention if mixed up with anonymity. By a clean separation of projects, I hope things will look less daunting and easier to grasp.

Documentation in Whonix wiki would be complete because Whonix /wiki/Documentation would continue to have a complete overview even some links are to an external website, i.e. Kicksecure wiki.

Some problems:

  • Lots of duplication for things which are the same for Kicksecure and Whonix
  • Hard to keep track of backporting improvements from one wiki to the other wiki, especially if both versions have been edited independently
  • Occasional page updates in the KIcksecure would be harder than one might imagine. Many Whonix wiki pages are 95-99% unspecific to anonymity and about security only. But the remaining 1-5% anonymity specific content would make these pages unfit for unmodified copy/paste into Kicksecure wiki.

By not filling up Kicksecure wiki with relevant documentation for users and security features developer documentation, restricting the project to have minimal documentation, would be kinda maintaining the project with handbrakes on.

I am expecting the Kicksecure user base to exceed the Whonix user base since it’s simpler to use, no VMs required, the computer security enthusiasts community being a magnitude bigger than the anonymity enthusiasts community, no slow browsing speeds and all the anonymity knowledge not required.

Unfortunately these edits are ongoing and already done according to my instructions for 3 weeks.

We now have a template Archive_link which supports all that is needed.

(Template:Archive_link - wiki source code also contains documentation.)

  • plain link without web archive
  • “normal” link (most common), clearnet + automatically add link to the web archive

{{Archive_link|url=https://www.kicksecure.com|text=Kicksecure Homepage|onion=http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion}}


Kicksecure Homepage

(The icons are of course not that big in the wiki. Only this forum show them that big.)

full demo and documentation can be found here:

Already used here:
Creating an Anonymous Email Account for Support

No more need to add links (onion). Easy to illustrate the alternative onion link by using the new link template. There are no longer extraneous links to the web archive for onion links (which would be broken since web archive does not support onion links).

(A lightweight fork of mediawiki-link-to-archive.)

We now have:

new wiki chapter:

New wiki footer is online.

(Links to the footer template / widget can be found here: Dev/mediawiki - Whonix)

Difference between revisions of "Documentation" - Whonix

A new wiki header has been deployed. It has been re-implemented, is static, and compatible with JavaScript / no-JavaScript.

Some dynamic status information such as logged in, not logged in, create account is not properly shown yet but will be soon in the JavaScript version. For the no-JavaScript version this isn’t possible as this would require not only CSS changes which are comparatively “easy” but a whole new mediawiki skin and PHP which would be a lot more difficult (speak: more expensive). The “basic” functionality (read, edit with or without account, tools) however should be fully functional for both versions (JavaScript and no-JavaScript). Some “advanced convenience” functionality might not be doable at this time.

Due to issues with MediaWiki skin foreground (Broken with mw 1.37), we’re back to MediaWiki default skin Vector and CSS enhancements are being added on top of it.

All enhancements to MediaWiki in the Whonix wiki are being documented here:

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]