Long Wiki Edits Thread

Patrick · February 26, 2018, 11:11pm

Ah great you found that. Yes, that message is still on point.

0brand · February 27, 2018, 12:36am

“Targeted” or “Pointed” clock skew correlation?

torjunkie · February 27, 2018, 1:33pm

Hi 0brand, I’ve done some minor edits for readability only on your hard work. See what you think.

A few style pointers as you wanted some feedback (my perspective only, feel free to ignore - your stuff is great):

Modern writing style is one space after a period, not two.
Spacing between paragraphs is I believe between four and ten points, but for ease to distinguish separate paragraphs in a wiki (considering we already have too much white space) & based on the current font size, one line break between paragraphs should suffice (meaning one clear line between paragraphs)
Try to avoid pronouns for greater clarity.
Generally avoid rhetorical questions and instead state something affirmatively.
Avoid run-on sentences.
Active rather than passive prose.
Avoid parentheses and rewrite sentences without them for better clarity.
Long sentences should be cut in half and rewritten.
Where possible, avoid progressive verb combinations (“ing” words) for more concise English. This also helps to avoid overuse of helping verbs e.g. am, is, was, were etc. It’s better to use the simple present, past or future tenses.
Convert the “negative” form of a sentence into the “positive” e.g. “which is protected and under the user’s control” not “which is unprotected and not under the user’s control”.
Avoid slang e.g. “geeks” and substitute with proper terms for more professional tone e.g. “enthusiasts”.
Dash & capitalization. I’m pretty sure if the sentence did not complete (form a complete sentence), there is no capitalization after the “-”.
Avoid e.g. i.e. - better to use “For example”, “That is” etc.
First letter of “Internet” is capitalized.
Break down larger paragraphs into smaller-sized chunks for readability.
Use sub-titling for areas to break down large chunks of text e.g. where I did it for Meltdown and Spectre for example.
Use [code] for tunnel configs and some other things to highlight the relevant text.

PS I break these rules all the time ha ha. Plus, I screw up my “which” with “that” constantly (damn [non]restrictive clauses!), usage of commas, plus a million other grammar rules; so take all this with a grain of salt.

PPS We make a good editing team!

Patrick · February 27, 2018, 4:36pm

Since you said fingerprinting, I thought you were working on this page: Protocol Leak and Fingerprinting Protection‎ That page has some obvious flaws.

Instead you were working on Whonix Track Record against Real Cyber Attacks. I must say for that page, I wasn’t too unhappy with it before. That page was supposed to show attacks we know that happened in the real world, i.e. deanonymization attacks used in the wild rather than theoretic. Making the point why Whonix works.

Perhaps the examples on that page could have been written more clearly. Or more examples where something went wrong outside of Whonix where Whonix was fine could be added since no one kept track with all the developments adding all the Whonix non-issues (but good show cases) there.

Security in Real World
Real World Examples that are Protected by using Whonix
Some real world examples that are protected by using Whonix:

Looks like we talked past each other. Somehow the above must have communicated something else.

Now the original purpose of that page isn’t served anymore. The content before these show case examples is so much that this is easily overlooked.

I wonder where the newly content created fits better. Some of the newly created content may fit better here (since quite comprehensive, technical, and non-actionable) perhaps in existing page(s) or new page(s)?

0brand · February 27, 2018, 11:39pm

Hi torjunkie

Thank for the feedback and the help with ~~“Leak Prevention”~~ Security in the Real World. The edits look great!

I just copied the style pointers to a personal file to be used as a reference when I edit the wiki. Thanks so much!

Yes we do!!

0brand · February 27, 2018, 11:59pm

Hi Patrick

In the wiki TOC the page is referred to as “Leak Protection” and I misunderstood what content belonged in there . I’m not able to find where I referred to it as fingerprinting but if I did I apologize. Regardless I wasn’t referring to the page by its actual name so thats why the confusion.

This was my fault, I need to work on communicating better. I know its important that you’re given the information you need to make informed decisions and you can’t do that if contributers/helpers aren’t providing you with it (or incorrect information). Sorry, my bad.

I’ll do a little fine tuning on the current (actual) page. Could you clarify what you mean by something going wrong outside of Whonix where Whonix is fine. I will add content on that.

I think for now in “Design” . A good page to reference when answering forum questions.

Taking the time simply to find a home may be a waste of resources vs. intent on writing something specifically for a wiki page. If a place for the content is eventually found, I will be more than happy to relocate it.

Also from now on I will post (detailed) what I am doing so no miscommunication.

Patrick · February 28, 2018, 12:53pm

0brand:

In the wiki TOC the page is referred to as “Leak Protection”

I see. Confirming that edit was a mistake by me most likely.

Patrick · February 28, 2018, 1:12pm

0brand:

Could you clarify what you mean by something going wrong outside of Whonix where Whonix is fine.

Tor Browser on Debian: outside of Whonix
Icedove on Tails: outside of Whonix
Tor Browser in Whonix: in Whonix

0brand · March 3, 2018, 3:01am

Hi Patrick

Done!

https://www.whonix.org/w/index.php?title=Security_in_Real_World&diff=prev&oldid=33297

Just have to figure out where the newly created content fits best.

Still working on a name. It includes an attack (compromise whonix-ws) and clock skew correlation so trying to think of name that fits.

Patrick · March 5, 2018, 8:23pm

Do you think it would fit here?

0brand · March 5, 2018, 10:04pm

Yes, fits nicely. Some of the content in new page will have to be taken out but most will fit into current “/Dev/Technical Introduction” sub headings IMO

0brand · March 8, 2018, 1:00am

Done!

Wiki edit - Added content (text only) hit publish —> Formatted, add links etc. hit publish.
If this is not correct please let me know.

https://whonix.org/w/index.php?title=Software&oldid=33292&diff=cur

0brand · March 8, 2018, 2:37am

Done!
Some of the page text was non-editable. Did not show up in the edit field. I Take it would have to be edited in ( https://www.whonix.org/wiki/Template:RAM_Adjusted_Desktop_Starter)

https://whonix.org/w/index.php?title=RAM_Adjusted_Desktop_Starter&oldid=27816&diff=cur

Patrick · March 8, 2018, 2:15pm

Excellent! Added some nitpick changes on top.

We now have enough content for a shiny new documentation page. Do you think it would be good to move the content to the separate page? Printing and Scanning - Whonix

A minor comment on Software - Kicksecure
Why re-create that VM every time? If it gets infected by malware, it would probably get infected every time by the same malware?

if driver installation is the source: yes
if the printed file is the source: no

That chapter Software - Kicksecure is very good to have. Could you please copy it to make a generalized chapter “software installation TemplateBasedVM AppVM”. The idea is:

keep it mostly as is
have a custom script that that VM that does something like add repository, add signing key, apt-get update and apt-get install
do this every time that AppVM is started

Wastes some network traffic (but ok for many) but better than StandaloneVM. Combines TemplateBasedVMs’s advantages (little disk space and centralized updates) with “quasi full persistence”. For many applications such as signal or wire this works great. Their application data stays in the home folder and the application gets easily installed by script every time.

Any dependencies available from packages.debian.org would be installed normally in TemplateBasedVM to speed up above a bit so only the package/software missing from packages.debian.org gets installed over and over again in TemplateBasedVM.

Does that make sense?

0brand · March 8, 2018, 2:53pm

Yes!

Mostly inexperience. Trying to error on the side of caution. My thinking was.

user makes mistake(s) and does not realize it (e.g. uses Tor Browser in printer VM for sensitive activity). Safer to remove VM after every session.

Great idea! Makes perfect sense. If I’m unsure about something when creating content I will seek your guidance.

Off Topic- Wiki related:

TODO

Patrick · March 8, 2018, 9:56pm

Where does Next - Whonix fit in the wiki?

0brand · March 9, 2018, 1:30am

https://whonix.org/wiki/File_Sharing ----> /wiki/Anonymous_File_Sharing ?

https://whonix.org/wiki/Secure_Downloads

Patrick · March 9, 2018, 11:10am

Then we’d have to do Instant Messenger Chat → https://whonix.org/wiki/Anonymous_Chat and many more as well?

Looked superfluous for me, since Whonix already is for anonymity. But for SEO a good page URL (and page title) is good.

If we put onionshare to Filesharing and Torrenting we need to move the existing content into a chapter, how do we call it?

0brand · March 10, 2018, 12:00am

Done! May want to pay close attention to edit # 2. Content correct?

https://www.whonix.org/w/index.php?title=Printing_and_Scanning&oldid=33320&diff=cur

Peer-to-Peer File Sharing
P2P File Sharing
Community Based File Sharing

Haven’t come up with a good name. This all I have so far.

domU clock skew correlation through domX compromise
clock skew correlation through sister domain compromise

0brand · March 11, 2018, 2:03am

Done!

https://whonix.org/w/index.php?title=Dev/Technical_Introduction&oldid=30360&diff=cur