Long Wiki Edits Thread

1) Re: http://kkkkkkkkkk63ava6.onion/wiki/Vidalia

Suggest you move this to “deprecated”, since it has been defunct / unmaintained since early 2015. See:

https://lists.torproject.org/pipermail/tor-talk/2015-February/036833.html

2) http://kkkkkkkkkk63ava6.onion/wiki/Features

→ Now all fixed / edited.

3) I realize a couple of those tor project .onion inserts were wrong in my suggested edits i.e. they were for users already without TB to start with, so they obviously couldn’t browse to XXXXXXXXX.onion

The sandboxed section insert should be right though (I tested it, it works). Obviously curl not scurl, since there is no https for that particular .onion

1 Like

@torjunkie, those are great suggestions!

I have updated the draft with all of them. The text is a lot better now :slight_smile:

Thanks, you’ve done a great job as well!

2 Likes

Moved to: http://forums.kkkkkkkkkk63ava6.onion/t/forum-code-of-conduct-draft/3958

Please move this post to organization forum since this is quite a topic.


@dau @torjunkie the blog post ist now ready to be posted?

re https://www.whonix.org/wiki/Surfing_Posting_Blogging:

Could you please make Keystroke_Deanonymization (which is typing style only) it’s own chapter please? It’t not part of Stylometry (which is writing style only). And make that a template for reuse at Keystroke Deanonymization - Whonix?

LGTM.

No problem. Will do.

Also TODO (low priority):

  • Research VPN hosting arrangements and suitable criteria as per your other post.

Will move that other post above to “Organization”.

1 Like

(Off-topic)

1) Re: ⚓ T651 Tor Browser 7.0a2 broken in stretch based Whonix 14 - <jemalloc>: Corrupt redzone 0 bytes after 0x7f0503ede9d0 (size 80), byte=0x0

Tor Browser 7.0a2 broken in stretch based Whonix 14 - : Corrupt redzone 0 bytes after 0x7f0503ede9d0 (size 80), byte=0x0

I wonder whether you’d have more luck with 7.0a4 in stretch since Tor Project have made significant changes over the last couple of releases (?). Worth a try.

BTW tested 7.0a4 in (normal) Qubes-Whonix WS and it’s working fine (without AppArmor).

2) Re: ⚓ T641 Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix

pulseaudio and vlc should not be installed in sys-whonix

You were waiting for Qubes Issue 2648 to be closed. That just happened today:

1 Like

@dau @torjunkie the blog post ist now ready to be posted?

LGTM.

I also think so.

1 Like

→ Fixed

Also, in apt-transport-tor template, this link no longer exists:

https://github.com/Whonix/anon-apt-sources-list/blob/master/etc/apt/apt.conf.d/30onion-allow

Do you mean this instead? →

PS Fortasse’s expand/collapse all widget looks nice! :smiley:

1 Like

Good question. Can you make head or tail of ⚓ T610 use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";?

It’s all very confusing.

Since Whonix forces everything over Tor, and .onions will be the default for apt upgrades in Whonix 14, why is this even needed?

I gather the apt-transport-tor enforces updates over Tor, or not at all - so this can kind of act as a failsafe.

But then your ticket indicates you have to worry about Tor over Tor (hence why Acquire:BlockDotOnion is false) and making sure anon-ws-disable-stacked-tor is in effect for the Workstation (and Gateway?) template.

Seems a lot of work for little benefit?

The answer why apt-transport-tor is still useful in Whonix is here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754242#54

David Kalnischkies:

That said, it might make sense to use a-t-tor anyhow even if not
strictly needed as it will deal better with certain tor anomalies given
that it knows tor is involved reporting better errors (like telling you
that the .onion address you typo’ed is too long/short; saying
“unreachable host” if a service is… well, not reachable, instead of
saying “TTL expired” which is reported by Tor and technically more
correct but unhelpful), will use different circuits for different
sources and stuff.

(In summary he’s saying “better error handling” and “better stream isolation”.)

It’s the more correct way to do it.

The opposite.

Tor over Tor in Qubes TemplateVM is generally sorted out by: […]

Using apt-transport-tor we don’t need to use BlockDotOnion false.

could use some polish.

  • header
  • footer
  • og:description
  • og:image wish list add

Thanks. I’ll fix them up soon (apt-transport-tor template & offline entry).

1 Like

Could you please get a phabricator account? @torjunkie Could be sometimes useful.

Please have a look at.

https://phabricator.whonix.org/T683

Wishlist 1: document TBB canvas warning. Do you think you can find the upstream bug / documentation and document this at Whonix wiki?


Since you’re a part of the Whonix team now, can I reach you by e-mail? Could you create an 4096 bit gpg key please?

Wishlist 2: Some very minimal instructions on how to create a gpg key on our OpenPGP - Kicksecure key or a link to some guide that does better than us. There are a lot, we might not have to duplicate it.

Error - Whonix is perfect, cannot even nitpick!

Template:Curl Secure: Difference between revisions - Whonix this is a hard to do edit at the right time. Since curl --tlsv1.3 is only available in Debian buster, it won’t work for stable users (currently: stretch) Same when this command is used on the host with stretch vs buster.

Please check out ⚓ T676 fix obfs4proxy AppArmor issue in Whonix 14.

Could you please have a look at https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/tor/torrc.examples as well?

@Ego I’m doing the section on BitMessage and I saw an interesting bit of evidence for its track record. It hasn’t been audited but it turns out a gang used it over Tor to run their ransomware without getting caught.

Do you think there is a legal problem with adding this to the wiki?

No professional audit has been done for BitMessage to date. While we never condone criminal abuse of technology, its past use by criminals running a ransomware operation (over Tor) without getting caught, shows that it is somewhat “battle-tested”. We hope that dissidents in rogue nations could profit from that experiment.https://www.bleepingcomputer.com/news/security/chimera-ransomware-uses-a-peer-to-peer-decryption-service/

1 Like

Good day,

Sure, that should be no problem, seeing how it is A) factually correct and B) does not in any way support these acts. Again though, I’m not a lawyer.

Have a nice day,

Ego

2 Likes