Long Wiki Edits Thread

1. Surveillance Capabilities page → Fixed.

2. I’d suggest a mass find-replace for “Hidden Services” → “Onion Services”. That’s all over the wiki.

3. We should probably also rename the “Hidden Services” wiki page to “Onion Services”.

Then just have a first line on that page stating:

Onion services were previously known as (Tor) Hidden Services.

4. You want a “GPG Fingerprint” template of some description based on discussions with HulaHoop?

I’m not good with those {{{}}} templates :slight_smile: If you tell me which other template one I can imitate, then I can do that for you.

Anyway, moving on…

2 Likes

:slight_smile:

That’s either mostly or fully done.

Edited pages on Login required - Whonix could use some rough review if nothing broke links or logically.

Onion Services - Whonix (and others) still contains the word “hidden” sometimes.

  • hidden server
  • hidden servers
  • hidden webserver
  • Hidden VoIP Mumble Server
  • and others
  • /var/lib/tor/hidden_service

What about Tor config directives such as HiddenServiceDir, Tor Project hasn’t made it possible to use Onion instead?

The following page was deliberately not renamed.

It’s because it compares Tor onion services with other options.

That would be useful.

Which pages are using gpg verification instructions? Any (complete or incomplete list)? @HulaHoop

These are the most extensive / secure / sophisticated gpg verification instructions we have:

  • referring to Whonix ™ Signing Key explaining to get the signing key from multiple sources and through the OpenPGP web of trust
  • file name verification through gpg --verify-options show-notations (I haven’t seen this used elsewhere.) which is useful to spot downgrade or stale download attacks
  • Explaining This key is not certified with a trusted signature! message.
  • GPG signature timestamp verification

Other places lack one or multiple of this because it is a lot to type. And… Needless to say… All of the file verification state of the art is a complete usability mess, expecting unrealistic things from users, but that’s not our fault.

1 Like

https://www.whonix.org/wiki/Template:Verify_the_virtual_machine_images_using_the_command_line is an example template.

{{Verify_the_virtual_machine_images_using_the_command_line
|download_signature_link=
|cd_directory=
|gpg_verify_cmd_gw=
|gpg_verify_cmd_ws=
|gpg_verify_success_gw=
|signature_notation_gw=
}}

Supported variables.

  • download_signature_link
  • cd_directory
  • gpg_verify_cmd_gw
  • gpg_verify_cmd_ws
  • gpg_verify_success_gw
  • signature_notation_gw

Verify Virtual Machine Images on the Command Line shows how the template can be used.

1 Like

(Search each of that page for fingerprint to find the relevant part concerning gpg verification.)

If we want to create a template for all of these pages…

  • which is the best version of these
  • create a best version / refine it
  • What are the similarities of each of this pages? Which text is repetitive or can be made repetitive?
  • What are the differences of each of this pages?
    • These need to be translated into wiki variables. Either do it as per instructions above or leave variablization to me.
  • Differ will…? Instructions to get the key.
  • cd command
  • key import command
  • gpg fingerprint
  • gpg import command
1 Like

That’s all of them. Of course the deprecated doesn’t matter

In Tox’s case its a template

Thanks @TorJunkie!

1 Like

Hi torjunkie

Have the general layout (about halfway done with content) I’m still a little shaky on the overall format. It should work itself out.

Intro

  • Understanding leaks (basic overview)
    • How leaks occur
    • What info can be leaked
    • Challenges preventing

Security In The Real World

  • Threats
  • Whonix security model
    • Overview (detailed)
    • Whonix vs.
      • Past exploits (current content)
      • Present day (meltdown ect.)
      • Future (zero day)

#Whonix blocks info leaks. Important users know: What isn’t an info leak? User mistakes etc.

Close

1 Like

OK - went through all those find-replace pages for “onion” and fixed multiple broken links/redirects or duplicate phrases.

Another minor (nit) change might be a mass find-replace for “a onion” → “an onion” :slight_smile:

Not that I’m aware of i.e. all their Tor code still references things like HSDir and so on.

OK.

Re: GPG stuff - thanks @Patrick @HulaHoop - I’ll probably post a possible template back here first for content, then work out the variables stuff with your input if it’s problematic, since I haven’t really done that before.

Note to self - must also fix FAQ entry re: Tor connections as per Patrick’s suggestion & add sharing docs research re: embedded watermarking etc. risks which I forgot to do.

2 Likes

Hi Obrand - that looks like a pretty good structure.

From my editing experience I find that by first writing / fixing the content, this lends itself to the obvious structure that is needed afterwards, as well as obvious holes in material that need more references or other fixes.

I look forward to seeing it! :slight_smile:

1 Like

Wow, that were quite a few required fixes…

Done. :slight_smile:

1 Like

1. Fixed DoNot page so it has some structure (was a mess of bullet points before).

2. Re: Special:Log/newusers

I gather it is fair to assume that a large proportion of these accounts are bogus, soon-to-be-used-for-spam accounts if they have zero contribs and have never said squat in forums.

I wonder if Whonix should be proactive and auto-delete accounts, say older than 12 months, that have never been active in any shape or form for either wiki or forum contributions.

For instance, in that 1st page stretching back to late 2016, I see maybe 38/50 accounts that fall into that category.

3. Will try and sort out this gpg fingerprint page next (when I have some time).

2 Likes

I would think that many account where set up and forgotten about. It should also be considered that some forum members have accounts set up to email threads/posts from categories they are interested in i.e. Qubes-Whonix, KVM etc. Just because they are not active does not indicate they are not benefiting or being educated from forum posts. Is also should be considered some members have backup accounts. For example I recently used mine to post some comments in the “Why Facebook is Cancer” thread. :smile:

2 Likes

torjunkie:

2. Re: Special:Log/newusers

I gather it is fair to assume that a large proportion of these accounts are bogus, soon-to-be-used-for-spam accounts if they have zero contribs and have never said squat in forums.

I wonder if Whonix should be proactive and auto-delete accounts, say older than 12 months, that have never been active in any shape or form for either wiki or forum contributions.

For instance, in that 1st page stretching back to late 2016, I see maybe 38/50 accounts that fall into that category.

If they are bots, they managed to circumvent the registration process
spam protections but then failed to circumvent the spam posting protections.

Since registration spam protections haven’t been improved, it is fair to
assume they could create new accounts any time. Since it’s mostly
programs running, that failed, I think these are just database slug and
now inactive. Therefore I am not convinced the effort to get rid of
those would help to prevent future spam.

2 Likes

Related changes:

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Template:Open_/etc/tor/torrc&oldid=33148

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Bridges&oldid=33149

Could anyone help me to review it please?

TODO:

  1. Could anyone help me to create a template that exactly called Open_/usr/local/etc/torrc.d/50_user.conf please? To be more specific, the template should be used as {{Open_/usr/local/etc/torrc.d/50_user.conf}}
  2. Copy related content in template Open_/etc/tor/torrc to the new template.
  3. Add content below in the 50_user.conf template:

{{mbox
| type = notice
| image = [[File:Ambox_notice.png|40px|alt=Info]]
| text = Since Whonix 14, all user’s own Tor configurations should go to {{Code2|/usr/local/etc/torrc.d/50_user.conf}}, not anywhere else. Please be aware that Whonix will not modify the /usr/local/etc/torrc.d/50_user.conf once it is created, which means you are fully responsible for adding and removing configurations in it.
}}

1 Like

My personal experience with editing Whonix Wiki is not perfect:

  • I am not familiar enough with the Wikimedia syntax currently
  • the account is usually logged out automatically after a certain period of time
  • Working in Tor Browser makes every single redirection and loading time-consuming
  • have to manually (search does not always get desired result) find the template in the special page (which is kind of hidden) and then modify it.
  • have to click history to get a clean URL reference to the changes

Therefore, I would like to say thank you from my heart to everyone who has been contributing to the Wiki.

Thank you for the great effort and work!!

3 Likes

Hi iry

I can relate to that. I’m currently editing/rewriting Leak Protection and its taking a little longer than I originally had hoped. Its mostly monkey-see-monkey-do , I see the syntax used in other wiki pages to get a desired result, I do the same. Plus I’m not as experienced as most of the regular wiki contributors (whonix/anonymity wise) so I have to research to make sure the content is correct which takes even more time. Its something I am enjoying doing though. I will say I have a new found respect for past and present wiki editors. Its not easy.

4 Likes

Reviewed.

Created. I just put a “.” in there. Enter the text you like and I’ll edit it later on for wording. :slight_smile:

2 Likes

Thank you so much for your help, @torjunkie !

All Done:

http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Template:Open_/usr/local/etc/torrc.d/50_user.conf&action=history

http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/w/index.php?title=Bridges&oldid=33162

1 Like

I bursted out laughing when seeing this cause I can totally related to that. :smile:

Me, too!

3 Likes