Long Wiki Edits Thread

I’m going to work my through all the pages in the main ToC and standardize at the bottom as follows (unless there are complaints about it, or reasons not to. Already done a few.):

= Footnotes =

= License =
{{License_Amnesia|{{FULLPAGENAME}}}}

{{Footer}}

[[Category:Documentation]] [[Category:Design]] etc.

I haven’t gone crazy yet, because I want to check that the new license should be on every page. Obviously the only time the new Encrypted Support LP license wouldn’t be used is when it’s stuff borrowed from elsewhere e.g. JonDos and so on.

BTW “Footnotes” section is technically better than “References” because the former can include citations and general explanatory notes, while the latter is technically only meant to include citations.

PS the [[Warning]] page I’m sure is an old published version.

I’m sure I fixed it more than a year or 18 months ago? Can you check please if there is a contemporary version available i.e. clean English and updated? I don’t (won’t) wanna edit things twice over from scratch, as it is very laborious.

We should probably also add a “Maintainer” insert on every main page and if its not allocated to someone (the majority of pages in existence), then it could just list “Whonix team” as the owner.

1 Like

It defaults to Whonix team. So I rather not add it everywhere to keep the pages short.

Maintainer template: It’s only few (for now) a few pages where the author (or a subset team) has the sole responsibility. A disclaimer. For content that is good to have, shouldn’t be refused, but too complex to be thoroughly checked.

The maintainer template is also very badly presented. Example:

Nymservers

About this Nymservers Page
Support Status stable
Difficulty medium
Maintainer HulaHoop
Support Support

Contents
[hide]

Tons of white space everywhere. The user has to scroll a lot until the actual page starts. First impression is “wtf is this about”. If we had some proper website style it may be different.

All pages:

  • not all have footnotes, so we don’t need it everywhere
  • for stylistic reasons we can drop some things at some pages
  • {{License_Amnesia|{{FULLPAGENAME}}}} is for wiki pages where content was imported from the Tails website only. Amnesia is the name Tails used in their copyright files. This long message is to be 100% compliant with GPL. Therefore,

Comparison of different variants: Difference between revisions - Whonix

doesn’t make sense.

The bridges page is such as case. It has the copyright on top of the wiki page as a html comment so anyone reading the html content could read it.

<!--
Copyright:

   Whonix Bridges wiki page Copyright (C) Amnesia <amnesia at boum dot org>
   Whonix Bridges wiki page Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
   
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 3 of the License, or
   (at your option) any later version.
         
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
      
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to:

    Free Software Foundation, Inc. 
    51 Franklin St, Fifth Floor
    Boston, MA 02110-1301, USA.

On Debian GNU/Linux systems, the complete text of the GNU General Public
License can be found in the /usr/share/common-licenses' directory.
The complete text of the GNU General Public License can also be found online on gnu.org <https://www.gnu.org/licenses/gpl.html>, in Whonix virtual machine images in /usr/share/common-licenses/GPL-3 file or on Github <https://github.com/Whonix/Whonix/blob/master/GPLv3>.
-->

Additionally it has a volunteer (not required by law) comment which was a friendly and useful suggestion by intrigeri years ago.

<!--
This wiki page is a fork of the Tails Tor Bridge Mode page, from this exact source <http://git.immerda.ch/?p=amnesia.git;a=blob;f=wiki/src/doc/first_steps/startup_options/bridge_mode.mdwn;hb=b4c1868fc9d59b6a1cb6d0e956ece5c92059c653>.
-->

{{License_Amnesia|{{FULLPAGENAME}}}} at the bottom of that page is mandatory by GPL as far as I understood years ago. The GPL forked program has to show a copyright notice. The website is the “program” here. Perhaps my understanding could be revisited and upgraded. Perhaps even a shorter acknowledgement (click to expand or link or so) would be acceptable by law. The discussion could be rehashed with the Tails developers.


For wiki pages without any third party content, Template:Footer - Whonix is sufficient. That is what there isn’t a ENCRYPTED SUPPORT LP license template.

Will fix.

Sure. No worries. Everything is in the wiki history.

OK - didn’t realize all that! Reject all those edits then from today. Thanks re: apparmor stuff too - giving me a real schooling lately :blush:

Busy next few weeks, so will have limited editing time. Should be better in March…

1 Like

Nice you have set up bank payment options for various currencies/countries too for Whonix. Good move. :slight_smile:

Updated Release notes re:

  • Fixed whonixcheck apparmor profile.
  • Whonix News anonymous count of users via whonixcheck.
  • Tor Browser segfault fix in Qubes-Whonix.
  • Port of anon-ws-disable-stacked-tor to systemd socket activation.
  • Corrected the detection method for KVM virtualization.

Please add any other recent fixes I missed.

1 Like

Hi torjunkie

I should be finished with “Leak Protection” today. I have a couple questions though.

  • Most of the references have both the original website and web citation. I’m only using 1 of them. Should I use both when possible?
  • Is there a specific wiki page I should try to emulate? e.g. Header=color blue , use a specific text type for specific things etc.?
    That was a bad example. What I was trying to convey was some wiki pages may look more professional than others i.e. formatting wise? If so is there a good example of how a page should look?
1 Like

Webcitation should stay. It is in case the original goes offline.
Original should stay since well, it’s the original and webcitation might go offline.

1 Like

Done, warning page fixed.

1 Like

Done!

https://www.whonix.org/w/index.php?title=Security_in_Real_World&oldid=33081&diff=cur

I had most of the formatting done so I couldn’t do this.

I tried to write the page so it would be easy for non-geeks to understand. (The reason for the Hypervisor analogy and the “User Mistakes” Alice example at the end). I didn’t put any links to wiki/tunnels because I thought it would take away from what example was about i.e. user mistakes not VPNs.

Hope the edits are OK. Please let me know if anything I need re-write/edit. Also any feed back (areas I need to improve) would be appreciated!

2 Likes

Holy shit! Great work 0brand - that’s great stuff! Much more than I expected.

Any suggestions I have will be minor nits i.e. change a word here or there, or simplify a sentence or two (and change em back if you don’t like it, no problem).

Again, well done & don’t feel you have to bust your balls on every page like that, but it is certainly most welcome where the content is weak, like it was previously on that page.

Feel free to emulate any you think looks best for style and formatting. I guess it’s really a matter of taste.

Thanks Patrick.

Got tons of shit on at the moment, but I’ll get back into the solid edits soon enough.

1 Like

Hi torjunkie

Thanks for the positive feedback!

I know there were a few areas that needed attention and I was hoping you would lend your expertise. Thanks!

I’ll be starting on “Anonymity Operating System Comparison" shortly.

Does anyone remember the discussion to remove all references of NSA / FBI / etc. in the wiki? Where to find it?

That would apply to Whonix ™ Protection against Real World Attacks now as well.

Whonix defeats this and other time attacks since it uses sdwdate which connects to a variety of servers (likely to be hosted on different hardware) at random intervals and extracts time stamps from the https headers.

Most importantly, it sets the time. Because by the description above, if it was that alone, it wouldn’t solve it.

Clock Skew Attack - With this type of attack, an adversary acquires the time stamp of a Hidden Service http header and measures the skew. (clock skewing)(w) The adversary compares the acquired time stamp to that of Tor relays or other publicly reachable web servers. If the time skew of the Hidden Service server matches any of the publicly reachable servers or Tor relays, it is very likely the Hidden Service is hosted on the same server. Whonix defeats this and other time attacks since it uses sdwdate which connects to a variety of servers (likely to be hosted on different hardware) at random intervals and extracts time stamps from the https headers. To be fair, when this attack was first described Whonix did not exits.

Can it be called an attack? Any better term?


Could you add do something about TLS HELLO gmt_unix_time (#8751) · Issues · Legacy / Trac · GitLab (rewritten) as well please? (Clock also matters for client users, not only onion service hosts.)

There is another TimeSync: Whonix Time Synchronization Mechanism but more complex, perhaps it should be renamed?

It’s in this thread somewhere. The crux of it was we agreed (and did a find / replace) for all instances of those terms and replaced with “advanced adversaries (or adversary)”.

Pity that page was originally created with “Security in Real World” → “Security in the Real World”.

Of interest, the v2 and v3 onion pages have the “Wiki” button defaulting to Whonix ™ Documentation. Now, I remember there was a reason for this, but it seems strange to have “Download” and “News” buttons using the v2 and v3 addresses, but the “Wiki” and “Forum” buttons referring to clearnet addresses. I thought the wiki one used to default to the .onion address from memory (?).

It’s just odd.

1 Like

following each and every change to Whonix code

Please let me know if that works for you for Whonix changelog tracking purposes.

1 Like

Won’t be able most of that. More explanation:

v3 (prop 224) .onion for Whonix website - #29 by Patrick

Could you please add that explanation to Forcing Onion Connections on whonix.org so it is clear why this is even needed?

Btw: MediaWiki:Sidebar - Whonix

1 Like

Can it be called an attack? Any better term?

How about clock skew manipulation?

1 Like

Hi Patrick

Thanks for the feedback!

long-wiki-edits-thread/3477/190

I started on the edits. Will let you know when they are ready for review.

I have one question.

Instead of:

Also of note the NSA’s Tailored Access Operations which intercept routers, servers and other network hardware while being shipped to install covert implant firmware into them before they are delivered

Can it be change to:

Advanced adversaries can intercept routers, servers and other…

But without a reference i.e. footnote?

1 Like

HulaHoop:

Can it be called an attack? Any better term?

How about clock skew manipulation?

Neither an attack nor manipulation described. It’s “just” a corelation.

1 Like

Footnote should be okay.

Could you please also rewrite the two mentions of court order more neutrally?