[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Long Wiki Edits Thread


#1063

Could you review https://www.whonix.org/w/index.php?title=Router_and_Local_Area_Network_Security&oldid=38396&diff=cur please? @HulaHoop


#1064

im not replacing the screenshot , i want someone to replace it.

https://www.whonix.org/w/index.php?title=File:Whonixcheck_with_Whonix_News.png&filetimestamp=20130731225627&


#1065

We need to make a page about Mac Hosts similar to Windows Hosts.

Mac Hosts page can be filled from info here.


#1066

Not sure we gain much by importing other pages. We don’t really have anyone to maintain https://www.whonix.org/wiki/Windows_Hosts either. It exists now and has some info but no one really working on it actively (engage with community, capability to debate/clarify).

Coming to mind perhaps wanting to improve https://www.gnu.org/proprietary/malware-apple.html would be @torjunkie. But I leave it to the volunteer to decide if that is a good/fun use of time.


#1067

#1068

Hi Patrick

I agree pages could use an update (Qubes/Uninstall, new page Reinstall TemplateVM R4.0) I have a few thing to finish then I’ll start on this.

P.S Install whonix-gw-13 from backup to reproduce behavior from the following issue didn’t produce anything yet. Will try again.

https://forums.whonix.org/t/tor-error-your-tor-config-file-contains-at-least-one-error/6200/5


#1069

Changes rejected. Reasons:

  • Factually incorrect. Implies properly implemented IPSec, TLS and SSH is vulnerable to MITM attack if router is infected and that is not true. These protocols are resilient in face of untrusted middle nodes across the internet.

  • Not directly relevant to Whonix. Whonix security does not depend on whether your router is safe or not - therefore does not deserve such depth. In many cases you don’t have a choice in the software your network uses because it is not your network if you are on the go.

  • Even with a safe router, you are still hosed if family members run untrusted devices with proprietary spyware like Windows or out-of-the-box Android ROMs.

  • Implies you can be safe from targeted attacks - practically impossible in face of the adversaries mentioned and therefore false.

  • A laundry list of NSA/GCHQ tooling when the phrase “software or hardware implants” will do.


#1070

I think this page should say off the shelf routers should not be considered trusted and leave it at that. This means deprecating these sections.

The whole router/Wifi hardening guide is kinda pointless considering this. FOSS firmware recommendations are welcome. Open Hardware DIY guides, even better.


#1071

Saving time, as the gnu page made with strict laws about what to include and from where.

Doing our own research will improve more for sure.


#1072

Hi Patrick

apt-get-update-plus should be documented in “Operating System Software Updates”. Yes?

https://forums.whonix.org//apt-get-update-plus-8-secure-combined-apt-get-update-and-apt-get-install-dist-upgrade/5974


#1073

0brand:

apt-get-update-plus should be documented in “Operating System Software Updates”. Yes?

Once there is a new build of Whonix, yes. (Otherwise we have a messy
state where not everyone can be reasonably expected to have it.)


#1074

Added “Spawning DispVMs from other AppVMs” to Qubes/DispVM. This TODO is not complete. Creating Named Whonix DispVM Based on Whonix-Workstation complicates this a bit.

For example, if the name-dispvm is not running it is possible to use (Qubes secure copy) qvm-copy some-file to the named-dispvm even if it is not running or defaut_dispvm for that AppVM. The named-dispvm will start just like a normal VM to receive the file. This is not normal DispVM behavior?

Also of concern if the name-dispvms have to be shut down like a normal AppVM. Meaning the following does not apply.

A DispVM automatically shuts down when the first user-launched process is terminated

I’ll be working on documenting named-dispvm next. And finishing the TODOs.

Opps almost forgot.

https://whonix.org/w/index.php?title=Qubes/DisposableVM&oldid=38822&diff=cur


#1075

SecureDrop is using Whonix-Qubes:

Hope someone can document that into our wiki with further testing.

maybe testing as well non-qubes-whonix as well.


#1076

If someone wanted to give it a go it would be great. Might be a good idea to wait a until the bugs/shortcomings are worked out before thinking about adding to wiki.

This project is under active development, has known bugs and shortcomings, and is not ready for end users. This README is geared towards interested technical users and developers.


#1077

Hi TNT_BOM_BOM,

There is a bit of info on the Windows page i.e. MacOS section towards the bottom. I took out the best info from the GNU page and put it there. It could be expanded, but I’m trying to work on other stuff (although short of time at the minute)

Yes, agreed.

Whoops, I removed that TODO too early… :slight_smile: Good work you’re doing there

I think we should reference that on whichever pages talks about who uses Whonix (or good references page i.e. one where the guy thanks Patrick for firewall rules or similar).

If these guys use Whonix in the chain for SecureDrop, then that is a solid recommendation we should highlight, yes?


#1078

i believe yes.


#1079

https://securedrop.org/news/road-towards-integrated-securedrop-workstation/ could be mentioned as “others are building on top of Whonix” somewhere. Not for functionality. For project self-description purposes.

Also https://www.qubes-os.org/partners/ could mention “Whonix is a partner of Qubes” somewhere.


#1080

We should have a wiki page set up for this purpose. Well respected projects that build/use Whonix.


@TNT_BOM_BOM

Missing the Whonix logo -> https://qubes-os.org/partners/#whonix

Interested in logo pull request? :slight_smile:

0brand TODOs

  • Finish Qubes/DisVMs
  • Need to get moving on staff lounge task
  • Tester Page
  • Qubes Split Tor Browser
  • TNT_BOM_BOM screenshot
  • Update Qubes/Uninstall with new page Reinstall TemplateVM R4.0
  • New wiki page - Well respected projects that build/use Whonix?
  • Reproduce Whonix 13 -> Whonix 14 /var/lib/tor/.tor
  • Miss anything??

Anything that you would like me to do “priority” please let me know.


#1081

0brand:

We should have a wiki page set up for this purpose. Well respected projects that build/use Whonix.

Not sure we have enough content for that?

Perhaps suitable (multiple possible):


@TNT_BOM_BOM

Missing the Whonix logo -> https://qubes-os.org/partners/#whonix

Interested in logo pull request? :slight_smile:

Visible for me. (Seeing Whonix with Tor networking logo.

0brand TODOs

  • Finish Qubes/DisVMs
  • Need to get moving on staff lounge task
  • Tester Page
  • Qubes Split Tor Browser
  • TNT_BOM_BOM screenshot
  • Update Qubes/Uninstall with new page Reinstall TemplateVM R4.0
  • New wiki page - Well respected projects that build/use Whonix?
  • Reproduce Whonix 13 -> Whonix 14 /var/lib/tor/.tor
  • Miss anything??

Anything that you would like me to do “priority” please let me know.

Could you prioritize Update Qubes/Uninstall with new page Reinstall TemplateVM R4.0 please? Could be huge source for issues. Everything
else is perfect.


#1082

Hi Patick

Very odd. No Scripts/HTPS Everywhere disabled and log still will not render. :thinking:

Will do. Looking back, this likely contributed to (numerous?) support requests.

Edit: Whonix and Freedom of the Press Foundation are the only 2 logos that will not render on https://qubes-os.org/partners/#whonix