Long Wiki Edits Thread


Sounds good. I will add the stuff soon.

@Patrick the Usenet section seems very redundant and could use some clean-up. It should give a brief intro and point to our Mixmaster article IMO.


@Patrick It seems devs do sign their git tags as you suggested though its not current. I haven’t worked out instructions to verify so I put it as TO-DO.


Could you investigate this please? https://www.whonix.org/w/index.php?title=Time_Attacks&oldid=29861&diff=cur @HulaHoop


The writer insists that one must reboot to apply the updated sysctl settings instead of sysctl -p. Since its not accurate you can ignore it.


https://www.whonix.org/w/index.php?title=E-Mail&curid=95&diff=30622&oldid=30614 why delete all of that? There is a lot stuff there not covered elsewhere and still valid. @HulaHoop


Sorry I thought it was covered by the Nymserver and Mixmaster articles I did. Can you point out what needs to be extracted and moved over?


I would agree, that a lot on the e-mail pages does not really belong there. E-mail alike software or e-mail alternatives could go to a different page. (And then just leaving a link to these on the e-mail page.)

  • Usenet (perhaps a separate wiki page)
  • alt.anonymous.messages
  • Nym server URL Retrieval
  • almost none of the deleted content is covered elsewhere
  • also the introduction on what nymservers are should be migrated since the one on the [[Nymsever]] page does not cover it.

Not particularly hot content, but still worthwhile to keep (and moved/reorganized elsewhere).


I created a Usenet page to keep the material:

I moved everything except quicksilver section because from my experiments with it, I found it hard to use and a buggy POS compared to the documented way to fetch messages from nymserver.


Quicksilver documentation moved to deprecated. These require more work. //cc @mirimir



General description for whonix live mode part 1:

===== What is live mode? =====

In live mode all changes to the filesystem (logs, downloaded files, …) will be saved to volatile memory (RAM) i.e. if you restart the machine everything will be in the same state as before and e.g. previously generated/downloaded files will be gone.

===== Why use live mode? =====

Sometimes files generated during an user session might contain sensitive data. Also malware might be installed e.g. while browsing the web. Those files will be gone after a reboot if you use live mode.

===== How can I save files? =====

Most people also want to make persistent changes e.g. store files in a way that they survive a reboot.
In case you want to apply updates, install new software, change desktop settings … you can just boot into persistent mode and make the changes there.
When you want to save downloaded files or maybe some document you created in live mode you can attach e.g. an USB drive/another virtual hard disk to the virtual machine or use a shared folder and save your files there. Your main operating system will still remain unchanged.

===== How is this different from other live CDs? =====

Live CDs are usually read-only squashfs images and can’t be easily updated which is bad security wise and uncomfortable for general usage.
Since most live CDs don’t work in pure read only mode there are some mechanisms to make them “writable”.
For linux distributions overlayfs and device-mapper snapshots are commonly used. These use RAM in order to store filesystem changes but those will be gone after a reboot.
The approach described here allows you to use a switchable system i.e. use live and persistent mode on demand.
In that way you can easily apply updates and other persistent changes and still boot into live mode if you choose to do so.


Cannot say much yet, since I don’t know how it will be implemented.


Low priority: Changing Icedove to Thunderbird everywhere on the wiki since Debian has sorted out the trademarking thing with Mozilla. So future users who have no idea about this don’t get confused. Or we can note that Icedove & Thunderbird are synonyms and leave it like that.


Rejected Disable auto-login


Not convinced this increases security. (Since malicious host modifications are far more dangerous.)

If anything, for https://www.whonix.org/wiki/Advanced_Security_Guide.


https://www.whonix.org/w/index.php?title=Computer_Security_Education&oldid=30618&diff=cur - Do you know about libreboot vs binary blobs? @HulaHoop


Libreboot is a de-blobbed Coreboot fork with the side effect that it has very limited hardware support. Similar to the linux-libre project which does the same with the upsteam kernel.

I don’t particularly like the FUD-esque way this edit implies. Is it possible that these blobs could be malicious? yes. Probable? no - because its an extremely stupid thing to do for every machine out there when it can be discovered by rival states and turned into a PR Nightmare for CPU companies.

However libreboot is important from a freedom POV where people want to run a libre stack from the bottom up and don’t want blobs that can evolve into DRM schemes from running on their machines.



onioncircuit is coming to Whonix14:

So we should add related information to:



Added some changes and reorganization of that page on top.

Do you think you could briefly explain please the “frozen” / stable / older nature of package versions in Debian stable?


Added a few lines to:


Actually I messed that up. The quote under https://www.whonix.org/wiki/Install_Software#Prefer_Packages_from_Debian_Stable_Repository already explains it.


Could you review https://www.whonix.org/w/index.php?title=I2P&oldid=30664&diff=cur please? @HulaHoop