Long Wiki Edits Thread

Patrick · December 22, 2017, 1:39pm

Very good new boxes for circumvention rather than tunnels!

I’ve been told, users don’t know which part of their connection gets censored. If they cannot access a website over clearnet, they don’t know that it is probably their network censoring the website and that circumvention tools would help. Many users don’t even know they are behind censorship. Even when they are using Tor for circumvention and cannot reach singular website, they might still think it is somehow their censor that is preventing that connection.

User -> Tor -> proxy/VPN/SSH -> Internet
User -> proxy/VPN/SSH -> Tor -> Internet

Makes a lot sense in our bubble, but I would appreciate if you could please kindly check if we explain this well when we try to take their perspective since you’ve been doing a good job pointing such bubbling issues out. Like when someone using Tor to circumvent, and a website is not reachable over Tor, using bridges would - for us - maybe not user - obviously - not help to fix the issue. Maybe the bridges page should have an overview “good for”, “not good for” or something? Even the page name “bridges” is not thinking from the perspective “what is the user trying to solve”?

torjunkie · December 25, 2017, 3:09am

Great, thanks.

I’ll try and edit these via Github. I’ve signed up, but they flagged the account because of Tor sign-up I think. So, I’ve asked them to unflag it - probably will take a while over X-Mas.

No problem, will look at this other stuff too and might do a mass find & replace for “Icedove” and change it to “Thunderbird” in the mean time and a few other low priority things.

PS Merry X-Mas and a happy New Year to the Whonix crew!

All the main contributors seem to be back now, Whonix 14 is close, and you’ve got some $ to employ new people - that’s great. Please share some info about the Linux developer stuff when you have a chance.

Presumably the new blood will focus on bugs, code clean up, and long-awaited minor changes to Whonix from the phabricator list, as opposed to new features.

There are lots of little things in the backlog that the current small Whonix team never have time to get to. Hopefully new programmers should be able to resolve a large number fairly easily and give the community the biggest bang for the buck.

The community is getting noticeably larger, but Whonix still seems to lack the vibrancy for community-based commits (code or documentation) compared to Qubes, and the mothership (Tor). Not sure why that is, but hopefully the positive trajectory continues.

Cheers

torjunkie · December 25, 2017, 7:47am

What, doesn’t anyone work on X-Mas day… slackers.

Has the apparmor profile for Thunderbird in Whonix 14 been changed to apparmor-profile-thunderbird ?

Right now the instructions still reference:

sudo apt-get install apparmor-profile-icedove

Which I changed in edits to:

sudo apt-get install apparmor-profile-thunderbird

Not sure if that is actually correct. If not, that profile/package should be renamed in Whonix 14 (?)

I changed all “Icedove” references to “Thunderbird” in the wiki, where appropriate.

Also, I changed all “Iceweasel” references to “Firefox ESR” where appropriate, since that branding issue was rectified in mid-2016 (see the Debian note about it).

torjunkie · December 26, 2017, 4:33am

→ Fixed (in Bridges entry)

Edit: 19 spam “issues” opened on phabricator the last 2 days.

Time to tighten up spam protection? All shit from Asia. Surely @fortasse can control that somewhat.

Patrick · December 26, 2017, 3:32pm

Not renamed. Renaming packages is not very rewarding. Very low priority. Maybe for Whonix 15. Maybe by then Debian changed back to icedove so then waiting would be rewarding.

torjunkie · December 28, 2017, 3:35am

TO DO (reminder to self):

Finish Advanced Security Guide edits (almost complete).
Finally re-organize all (now edited) wiki entries as per ⚓ T141 reorganize 'Computer Security Education' vs 'Post Install Advice' vs 'Security Guide' vs 'Advanced Security Guide'
Cherry-pick Tempest’s guide https://anonguide.cyberguerrilla.org/ for various parts of wiki - cut & paste job given he gave permission for us to do that (see forums). Probably useful:
** Parts of Chapter 3.
** Chapter 4c - Using a Password Manager.
** Chapter 4d - Using IRC and HexChat.
** Chapter 4f - Encrypted email with Icedove and Enigmail (also use https://securityinabox.org/en/guide/thunderbird/linux/ & previous forum discussion re: creating strong key-pair with reference to air-gapped ones for Jason Bourne acolytes)
Start github edits
Finish edits of remaining untouched entries in “Modern Privacy Threats” & “Whonix Overview” (some are still very messy in terms of language, grammar, formatting, recency of information & structure).
Move onto Section 6 (“Whonix Bugs”) of long wiki ToC and onwards.

torjunkie · December 28, 2017, 4:49am

1. I presume this advice (below) in Advanced Security Guide is still correct even though you combined GW and WS firewall code with commits recently?

Second Optional (Extra) Firewall

There is a Second, Optional, Extra Firewall for Whonix-Workstation, which is disabled by default. You find it inside Whonix-Workstation in /usr/bin/whonix_firewall.

Read the script comments and decide if you want to use it.

2. Re: Prevent torproject.org Connections
&
Prevent Downloading Whonix News
&
Prevent Running apt-get (by Whonixcheck)
&
Preventing Autostart (of whonix-check)

in the Advanced Security Guide.

What’s the security/anonymity benefit? We should mention it in a line or two.

Also, I presume the autostart prevention steps be completed in Whonix-Workstation only.

torjunkie · December 28, 2017, 11:27am

→ Done

Patrick · December 28, 2017, 3:41pm

torjunkie:

Isn’t this advice (below) in Advanced Security Guide superseded now because you combined GW and WS firewalls with commits recently?

So should we delete this part, or modify the wiki entry to point to where this optional firewall is actually going to be stored in future?

Second Optional (Extra) Firewall

There is a Second, Optional, Extra Firewall for Whonix-Workstation, which is disabled by default. You find it inside Whonix-Workstation in /usr/bin/whonix_firewall.

Read the script comments and decide if you want to use it.

Good point. Shall be after Whonix 14 release.

torjunkie · December 30, 2017, 8:22am

In light of occasional malicious editing by trolls/bots on template pages, maybe it’s worth protecting all uncategorized templates in the first instance, and only allow editing by select staff i.e. those that are actually active with wiki edits in general e.g. TNTBoomBoom, Iry, HulaHoop, you, Entropy, Ego, me, etc.

Sign-in would be required to edit template pages only, and leave general wiki pages open as is.

I’m referring to -> special:uncategorizedtemplates

Or, if you don’t wanna do that, maybe consider protecting core templates e.g.

those relating to Code
those relating to color (e.g. BgGreenText etc)
those relating to donations
those relating to headers, footers etc.
those relating to versioning
etc.

I’ll suggest a re-organization of those security wiki entries as per phabricator ticket here (check everyone’s on board), and wait for final edits on Advanced Security guide to be signed off before I start moving that stuff around.

It’ll break a thousand links in the process, but so be it.

Also, as further above, if you let me know what is the actual point of “hardening Whonixcheck” (security/anonymity-wise - what’s the benefit?), I can reflect that in the advanced security guide also.

torjunkie · December 30, 2017, 12:52pm

This comes in three parts…

Part I

As noted by Patrick:

Pages in question:
https://www.whonix.org/wiki/Computer_Security_Education
https://www.whonix.org/wiki/Post_Install_Advice
https://www.whonix.org/wiki/Security_Guide
https://www.whonix.org/wiki/Download
https://www.whonix.org/wiki/Advanced_Security_Guide
I supposed that steps in Computer Security Education, Post Install Advice and Security Guide should be realistic to be applied by mortals. Advanced Security Guide is supposed to contain the hardcore stuff requiring more skill.

In Security Guide, the Anonymous 3G modem and Anonymous WiFi adapter chapters don’t really fit. From a logical flow it would fit better in Computer Security Education, but realistically it probably better fits into Advanced Security Guide. Maybe a section in Pre Install Advice that only addresses advanced users would be best.

Here are the contents of these pages as they stand right now. Suggesed changes will be in the next forum post. I’ve made a few comments after each one.

CURRENT TOCs FOR THESE ENTRIES

POST INSTALL ADVICE / POST-INSTALLATION SECURITY ADVICE

On Whonix-Gateway and Whonix-Workstation
Change Passwords
Security Updates
Network Time Syncing
Security Guide
Footnotes

Note: 1 x remaining TODO (document network time syncing in terminal).

COMPUTER SECURITY EDUCATION

Introduction
General
Safer Upgrades
Tor Browser
Host Security

Core Dumps
    Security and Privacy Risks
Malware
Firmware Trojans
Avoid Out-of-band Management Features
    Out-of-band Management Design
    Out-of-band Management Functionality
    Exploitation Risk
    General Privacy and Security Concerns
    Hardware Recommendations
    Avoid Other Out-of-band Features
Using a Dedicated Host Operating System and Computer
Using Whonix on External Media
Using a Non-shared Host
Firmware Updates
    Firmware on Personal Computers
    Firmware Updating and Security Problems
Using Open-source Hardware
    Hardware Trust in Modern Computing
    Open-source Hardware Alternatives
        ARM-based Platforms
        Open-source Processors
    Final Hardware Purchase
        Buyer Considerations
    Firmware Considerations
Host Operating System
    Windows Hosts
        Windows as Malware
        Windows Analysis
    MacOS Hosts
    GNU/Linux Hosts
        Recommended GNU/Linux Distribution
Router and Local Area Network Security
    The State of Router Insecurity
    Suitable Hardware and Router Configurations
    Accessing Router Settings
        Linux
        Windows
        macOS
    Recommended Router Settings
        General Router Settings
        Wireless Network Router Settings
    Router Firmware
Host Firewall
Disable TCP Timestamps
    Qubes
    Linux
    Windows
    Other Operating Systems
Disable ICMP Timestamps
    Qubes
    Linux
    Windows
    Other Operating Systems
Microphones
    KVM
    VirtualBox
    Qubes
Webcams
Wireless Input Devices
Backups

Whonix information

MAC Address
    Introduction
    Using a Home Connection
    Using a Public Computer
    Using a Personal Computer in a Public Network
    Random MAC Addresses
    Auto-connect Risk
    Changing MAC Addresses
        For Qubes Hosts
        For Linux Hosts
        For Windows Hosts
        For MacOS Hosts
    Sources

Known Bugs
Greater Security and Next Steps
References
License

Note: 3 x TODO’s oustanding

Disable TCP timestamps instructions for other OSes other than Mac, Windows, Linux
Disable ICMP timestamps instructions for other OSes other than Mac, Windows, Linux, OpenBSD
Help to test and expand MAC Address spoofing on Linux hosts

Also note that this is far too big for a single page. Basically another main (bold) wiki entry on the main ToC with the breaking down of main chunks into sub-entries is far more reader-friendly and sensible.

Also needs stuff with discrete steps to be pulled into security guides.

SECURITY GUIDE

> Basics

Motivation
Virtualization Platform
    Type 1 vs Type 2 Hypervisors
    Qubes-Whonix vs Physically-Isolated Non-Qubes-Whonix
    Qubes-Whonix Hardware Requirements
    VirtualBox Hardening
Operating System
    Updates
    Updating with Extra Care
    Installing Additional Software
Whonix-Gateway Security
    General
    Seccomp
    Tor Connection Padding
    AppArmor
    Warning: Bridged Networking
Host Security
    Basics
    Power Saving Considerations
    Hardware Component Risks
    Anonymous Mobile Modems
    Anonymous WiFi Adapters
    Hardening
Whonix-Workstation Security
    Introduction
    AppArmor
    Firejail
        Introduction
        Installing Firejail
        Sandboxing Tor Browser
        Running Firefox-ESR in a Firejail Sandbox (Qubes Debian Template)
    VM Snapshots
    Adding a NAT Adapter to Whonix-Workstation / Updates without Tor
    Adding a Host-Only Networking Adapter to Whonix-Workstation / SSH into Whonix-Workstation
Onionizing Repositories
    Whonix and Debian Packages
    Qubes Packages
Passwords
    Principles for Stronger Passwords
    Generating Unbreakable Passwords
Transporting UDP Tunnels over Tor
Time Attacks
Tor Versioning
Verifying Software Signatures
    What Digital Signatures Prove
    Checking Digital Fingerprints of Signing Keys
    Checking Digital Fingerprints of Signed Software
System Hardening Checklist
Stay Tuned
Advanced Security Guide
Footnotes

Note: no outstanding TODOs.

Far too long. Definitely any moderate-complex stuff there that needs to be shifted into the advanced guide.

Again, probably better to have a Security Guide (bold) main page wiki entry, with sub-entries to break up its chunkiness.

DOWNLOAD

Only has the table with host os, recommendation of platform to install etc?

But probably under the Download Whonix section on main wiki page it would be better to list all the the links to Qubes, KVM, Virtualbox, and physical isolation directly under it.

ADVANCED SECURITY GUIDE

Also note that this is far too big for a single page. Basically another main (bold) wiki entry on the main ToC with the breaking down of main chunks into sub-entries is far more reader-friendly and sensible.

Basics
Network Time Synchronization

General
Spoof the Initial Virtual Hardware Clock Offset
    Introduction
    KVM
    VirtualBox
    Qubes
Summary
Deactivate Automatic TimeSync

Host Security

Whonix Platform
Hardening
    Key Hardening Steps
    Additional Defenses
apt-transport-tor
Torify apt-get Traffic
One VM Whonix Configuration
Separate VirtualBox User Account
DMZ
Host Firewall
    Installation
    Port Scan
    NAT Router
    Dedicated Connection
    Filtering Ports
        Introduction
        Incoming
        Outgoing
Tor Traffic Whitelisting Gateway

Hardware Security
Physical Attacks

Introduction
Full Disk Encryption
    On the Host
        Protection Against Powerful Adversaries
        Extra Measures
        Protection Against Lesser Adversaries
        Advice for Solid-state Drives and USB Storage
        Tips
    Encrypted Guest Images
        Full Disk Encryption within the Virtual Machine
        Virtual Machine Files in an Encrypted Container
        Other Security Considerations
        Open Security Research Questions
Side Channel Attacks
Screen Lock
BIOS Password
Cold Boot Attacks
    Preventative Measures
Evil Maid Attack
Problematic Interfaces

Operating System

About Debian
    Debian Announcements
    Harden Debian
Harden Software Repositories
Hardened Kernels
Vulnerabilities at Install Time
    Introduction
    Possible Solutions
        apt-cache
        apt-offline
        Building from Source Code using Current Sources
        Always Up-to-date Builds

Virtualization Platform

VirtualBox
    Introduction
    Secure Labeling
Qubes

Whonix-Workstation Security

Hardening
    Introduction
    AppArmor
More than One Tor Browser in Whonix
Using Multiple Whonix-Workstations
Second Optional (Extra) Firewall

Whonix-Gateway Security

Static VirtualBox IP
Disable Control Port Filter Proxy
    Introduction
    How
        On Whonix-Gateway
            Deactivate CPFP in Firewall
            Deactivate CPFP
            Deactivate whonixcheck CPFP Running Test
        On Whonix-Workstation
            Deactivate whonixcheck's Tor Bootstrap Test
            Deactivate sdwdate-plugin-anon-shared-con-check
            Tor Browser Updater

whonixcheck Hardening

Prevent Polluting TransPort
Prevent torproject.org Connections
Prevent Downloading Whonix News
Prevent Running apt-get
Prevent Autostart

Tor
Chaining Anonymizing Gateways
Useful External Links
Other important stuff
Footnotes
License

Note: 3 x TODOs

Qubes random clock offset for Whonix VMs (not yet possible)
Query whether virtualizers write VM Ram contents to disk when swap/crash dumps disabled
How to uninstall sdwdate-plugin-anon-shared-con-check

Now how to fix…

torjunkie · December 30, 2017, 12:56pm

Part II

MAIN DOCUMENTATION WIKI TOC SUGGESTED CHANGES

Download Whonix

Currently:

Whonix System Requirements
First Time Users
Download Whonix

Suggested change (add landing pages explicitly & shift up Post-installation Advice, and Start Whonix page):

(NEW) Download, Install and Start Whonix

First Time Users
Whonix System Requirements
Download and Install Whonix
** Qubes-Whonix (Xen)
** KVM (Linux)
** VirtualBox (Linux, Windows, Mac)
** Physical Isolation Builds
Start Whonix
Post-installation Security Advice

First Whonix Steps

Currently:

Post-installation Security Advice
Start Whonix
Configure (Private) (Obfuscated) Tor Bridges
KDE / Virtualbox Desktop Tips
Stay in Tune with Whonix Developments

Suggested change:

Get rid of this section all together. 2 parts have already been shifted, so the other 3 need to find a home. Suggest:

KDE /VirtualBox Tips gets shifted to the Non-Qubes-Whonix Only section
Configure (Private) (Obfuscated) Tor Bridges gets shifted to the following section - Anonymous Internet Connections and Hosting
Stay in Tune with Whonix Developments gets shifted to Whonix Bugs section, which is renamed to “Whonix Bugs and Development”

Whonix and Host System Security

Currently:

Computer Security Education
Security Guide
Advanced Security Guide
System Hardening Checklist
Install Additional Software Safely
Secure Command Line / Tor Browser Downloads

Suggest:

We delete this section & actually end up with 3 new (bold) main TOC sections: Host Security Education (general, no steps), Security Guide (explicit steps, beginner to moderate difficulty), and Advanced Security Guide (explicit steps, hard to complex difficulty).

A shitload of sub-entries are created, as follows, with these parts below often ending up on their own new page (cut and pasted), and breaking up the humungous entries we have now. Those entries cut and pasted retain their own (mini) ToC of course.

Note that (only) 4 sections from the Computer Security Education (old) entry that only related to Whonix (and not host security) are shifted to Security Guide or Advanced Security Guide i.e. these ones ->

General
Safer Upgrades
Tor Browser
MAC Address Spoofing

(NEW) Host Security Education:

Introduction
Core Dumps
Malwares and Firmware Trojans
Out-of-band Management Features
Using a Dedicated Host Operating System and Computer
Using Whonix on External Media
Using a Non-shared Host
Firmware updates
Using Open-source Hardware
Host Operating System
Router and Local Area Network Security (note that accessing router settings and recommended settings steps are shifted to Security Guide sub-entry
Host Firewall (actual steps shifted to Security Guide)
TCP and ICMP Timestamps (actual steps shifted to Security Guide)
Microphones and Webcams
Wireless Input Devices
Backups
Known Bugs
Greater Security and Next Steps

(NEW) Security Guide

Note: one huge page now becomes many smaller separate pages under this section. Various parts are shifted to other areas as required i.e. Anonymous Mobile Modems, Anonymous WiFi Adapters, and Transporting UDP Tunnels over Tor is shifted to Advanced Security Guide, because that stuff is complex for normal users.

Basics and Motivation
Virtualization Platform
Operating System
Whonix-Gateway Security
Host Security (also add in here the router settings stuff ripped from old Computer Security Education, actual Debian steps for Host Firewall install and config, and actual steps for disabling TCP / ICMP timestamps)
Whonix-Workstation Security
Onionizing Repositories
Passwords
Time Attacks
Tor Browser
Tor Versioning
Install Additional Software Safely
Secure Command Line / Tor Browser Downloads
Verifying Software Signatures
Other resources (explicitly references Advanced Security Guide, Stay Tuned and System Hardening Checklist)

(NEW) Advanced Security Guide

Note: MAC Address Spoofing stuff from original Computer Security Education gets into Advanced Security Guide TOC on main wiki (part of Host Security page). Complex and many steps.

Basics
Network Time Synchronization
Host Security
Hardware Security
Physical Attacks
Operating System
Virtualization Platform
Whonix-Workstation Security
Whonix-Gateway Security
whonixcheck Hardening
Tor
Chaining Anonymizing Gateways
Other Links and Resources

Part III clean version coming…

torjunkie · December 30, 2017, 12:57pm

Part III

MAIN DOCUMENTATION WIKI TOC SUGGESTED CHANGES (clean version)

Download, Install and Start Whonix

First Time Users
Whonix System Requirements
Download and Install Whonix
** Qubes-Whonix (Xen)
** KVM (Linux)
** VirtualBox (Linux, Windows, Mac)
** Physical Isolation Builds
Start Whonix
Post-installation Security Advice

First Whonix Steps - DELETED

Whonix and Host System Security - DELETED

Host Security Education:

Introduction
Core Dumps
Malwares and Firmware Trojans
Out-of-band Management Features
Using a Dedicated Host Operating System and Computer
Using Whonix on External Media
Using a Non-shared Host
Firmware updates
Using Open-source Hardware
Host Operating System
Router and Local Area Network Security
Host Firewall
TCP and ICMP Timestamps
Microphones and Webcams
Wireless Input Devices
Backups
Known Bugs
Greater Security and Next Steps

Security Guide

Basics and Motivation
Virtualization Platform
Operating System
Whonix-Gateway Security
Host Security
Whonix-Workstation Security
Onionizing Repositories
Passwords
Time Attacks
Tor Browser
Tor Versioning
Install Additional Software Safely
Secure Command Line / Tor Browser Downloads
Verifying Software Signatures
Other resources

Advanced Security Guide

Basics
Network Time Synchronization
Host Security
Hardware Security
Physical Attacks
Operating System
Virtualization Platform
Whonix-Workstation Security
Whonix-Gateway Security
whonixcheck Hardening
Tor
Chaining Anonymizing Gateways
System Hardening Checklist
Other Links and Resources

entr0py · December 30, 2017, 7:40pm

That’s a ton of work!

IMHO, all the critical (meaning absolutely critical) security steps should be in “Post-Install” section. (ie updating)

Then, there should just be one Advanced Security section divided into pages based on target. Actually, Advanced Security might be too broad a term.

Computer Security
    BIOS / Firmware
    Host Operating System
    Hypervisor
    Virtual Machines
        Whonix-Gateway
        Whonix-Workstation

Having a Security page and an Advanced Security page with overlapping topics seems arbitrary and redundant, and confusing for user. It’s still possible to have an advanced section in the individual pages described above.

Patrick · December 31, 2017, 4:39pm

Please proceed with the suggested mediawiki lockdown. Due to increased popularity and community size, I am afraid more trolls/spammers are attracted so we have to lock down things more.

Just now set your wiki account to administrator.

Login required - Whonix

(This comes with one change: edits made by that account are confirmed by default. If you wish them to be signed-off beforehand, you’d need a separate account or edits without account.)

Patrick · December 31, 2017, 5:09pm

For the wiki reorganization, I need more time to read and maybe also to allow more discussion.

torjunkie · January 1, 2018, 2:57am

Happy New Year!

OK - I’ll lock down (protect) the 250 odd templates in the first instance to “Allow only administrators”.

I won’t do any actual wiki content edits via that account, as I don’t think edits should be confirmed by default (too dangerous! ) i.e. will just keep normal edits without sign-in.

Thanks @entr0py - I like your ideas - removes duplication (abitrary split of same topics), collapses three sections into one, simplifies everything.

The only thing is that section on the main wiki TOC will likely be huge in numbers of associated pages listed under it, but worth modelling first with tentative new ToC here to see what it will look like.

Yes, more discussion needed, as this will be quite a big re-organization when if we go ahead, plus a lot of new pages will be created in the process. So let’s bed down the “entr0py proposal” first…

Patrick · January 1, 2018, 3:55pm

Please don’t mix moving changes with wording changes to make this easier to review.
/Documentation TOC changes are okay.

Note: 1 x remaining TODO (document network time syncing in terminal).

Disable TCP timestamps instructions for other OSes other than Mac, Windows, Linux
Disable ICMP timestamps instructions for other OSes other than Mac, Windows, Linux, OpenBSD
Help to test and expand MAC Address spoofing on Linux hosts
Qubes random clock offset for Whonix VMs (not yet possible
Query whether virtualizers write VM Ram contents to disk when swap/crash dumps disabled

Ok.

How to uninstall sdwdate-plugin-anon-shared-con-check

No longer required. sdwdate-plugin-anon-shared-con-check was merged into sdwdate in Whonix 13. We currently don’t have a way to disable it.

SECURITY GUIDE
Far too long. Definitely any moderate-complex stuff there that needs to be shifted into the advanced guide.

Generally, making it shorter sounds good. At the moment it seems unrealistic that more than a hand full of users would apply all of it. Which ones do you suggest to move?

Only has the table with host os, recommendation of platform to install etc?

Yes.

But probably under the Download Whonix section on main wiki page it would be better to list all the the links to Qubes, KVM, Virtualbox, and physical isolation directly under it.

Physical Isolation is deliberately not listed. It causes a ton of support requests, is for advanced users only, is only a leftover.

KVM is deliberately not listed. It’s super difficult (too many steps to read and apply) to even install, super lengthy guide to get it running, for geeks only. Users are incapable of making the decision VirtualBox vs KVM. What happens is they get confused and bounce off.

ADVANCED SECURITY GUIDE
Also note that this is far too big for a single page.

What’s our goal here? What’s the target audience? Documentation on advanced security guide is often not actionable. Often user / system / environment specific. Often the user has to do its own research. After having talked to users of Whonix at various CCC meetups, after having talked to usability designers, I am sure almost all users are swamped even by the security guide. It’s just unrealistic to expect such long spawns of attention.

I would appreciate if you could watch Aral Balkan: Superheroes & Villains in Design on usability.

Aral Balkan: Superheroes & Villains in Design on Vimeo

They’re basically thinking it from the perspective of the user. The user wants to improve anonymity / security / privacy, learns about Whonix, visits its website and then just wants to try it. Anything like “first steps before using Whonix” confuses the user, makes the user bounce and perhaps end up with something like an existing VPN service hidemyass that looks secure and simple.

Please also see:

News - Whonix Forum

[1] The documentation we’re currently providing is seems more useful for companies with a separate security department, with teams of people having time and concentration to work through it and apply it, security professionals / enthusiasts. Also as material to advocate / educate on the weaknesses of default configuration in security, privacy and anonymity. It shows we at Whonix did our homework on research and are well suited to be supported to tackle some of these issues.

[2] That also relates to the short documentation / Quick Start which we discussed earlier in Whonix forums which should target actual common end-users, with very short and simple steps.

For these groups of people [1] the presentation may not be perfect, but good enough. The best way would be to avoid having to document these things in the first place by having it sorted out by default.

What I am trying to say here is a friendly “I believe it’s not the best use of time at this point”. What I would like to see however is outreach. It’s like we have the blueprint for a factory and cars from BMW but no actual drivers because no one knows about it. We researched and documented a lot of issues thoroughly. Sometimes in messy technical language which even people capable of fixing this issues at the root with code wouldn’t understand. Then you popped up and gave it a professional sounding final sanding / wording. Few people know about Whonix, but almost no one knows about things like keystroke deanonymization.

The mass of issues of that sort makes me doubt that documentation is an appropriate fix to it. If “99%” of users get deanonymized by let’s say keystroke deanonymization, it doesn’t help if 1% works through all of Whonix documentation, knows about it and defends against it, since the anonymity set is too small. So I would like to awareness for these issues increased so people with the skills to fix these issues help out fixing them.

torjunkie · January 2, 2018, 4:52am

OK - a lot of info there. So, I’ll just start off with one suggestion to start with, and come back to those other bits.

Based on that video and looking at a couple of samples (Debian and Ubuntu), if we look at user desired outcomes (simplicity, getting Whonix up and running & basic update of templates), then we really should have:

A simplified page (sample text below) which has links to a “Quick Start” area which basically is about downloading and installing and updating the VMs.
We also need to build in those simplified guides there which I believe were already finished for Windows (?). Otherwise it is wasted - it was the 2 page thing that a forum poster contributed.
The same doc overview page has a link to “The Whonix Administrator’s Handbook” (which can basically be our current main wiki TOC, which is massive)
This addresses users being overwhelmed with information as is currently the case. If engineers can’t install Whonix, then there is a serious design problem.
Newcomers just see the Download table stuff, verify, install, start VMs, change passwords (if required), and update. That’s it. (analogy, think about that that swipe card for train in video. One swipe, get on the Whonix train. Right now we have the Swedish ticket machine with a thousand buttons, warnings and messages for newcomers. Not good.)
Wishlist: In general, bullet points is okay for ToCs, but most distros use either numbering systems i.e. 1, 1.1, 1.1.1, 2.3, 2.3.5 etc. or letters + numbers e.g. A.2, B.6, C.1.3. I prefer the former. Much easier to track the depth of content and different sections for the reader and visually more pleasing.

See for inspiration

https://www.debian.org/doc/
https://help.ubuntu.com/

I’m thinking (ripping off Debian here) →

Documentation

Documentation is critical to the correct operation and maintenance of the Whonix OS. Further, technical manuals describe the operation and use of programs, and how to set up specialist configurations.

In an effort to create a high-quality, usable and stable OS, the Whonix team is making every effort to provide users with documentation that is more accessible.

Whonix Quick start

Newcomers to Whonix are recommended to first start reading:

Whonix Installation Guide

Whonix FAQ

If possible, have these guides on hand when first installing Whonix. It will answer many questions and help users to quickly install, start and update a functional Whonix system. Users might later want to go through:

The Whonix Administrator’s Handbook - the comprehensive user manual

Whonix Release Notes - for users who are upgrading

So basically all we need to do is change the redirect from Whonix Documentation to go to the sample text above.

“The Whonix Administrator’s Handbook” just redirects to the current massive main wiki ToC.

“Whonix Installation Guide” above actually redirects to a new page which ONLY has:

Download, Install and Start Whonix

First Time Users
Whonix System Requirements
Download Whonix
Start Whonix
Post-installation Security Advice

If we decided to include those mini quick-start guides from the forums, then they would just slot in above.

Patrick · January 2, 2018, 9:12am

Thank you for taking this so positively!

Yes, that’s it.

Ok.

That’s literally true. I know people who have “proven their intelligence” (as a lack of a better comparable test: having passed university engineering and working as engineer) who are swamped and bounced by Whonix.

Right.

Realistically we also have to drop verify, change passwords and post install advice.

Updating is expected to be automatic as well realistically. (Hard but somehow have to rethink in coming releases… Dev/Automatic Updates - Kicksecure)

The numbers were actually removed after advice by usability designer Brennan Novak since the default mediawiki numbering adds no benefit only mental burden.

elementary os was recommended to me as the currently most advanced usability Linux distribution.

https://elementary.io

Their docs, didn’t find much:

Learning The Basics

Usability wise “like MacOS” makes sense to me.

Ok.

Please scratch First Time Users and Post-installation Security Advice.

I was wondering about Whonix System Requirements as well.