Long Wiki Edits Thread


The formatting now should help.

HexChat, ZeroNet & IM messenger overview page -> all fixed.

Just RetroShare, MixMaster and Signal to fix in that section.

1. I gather RetroShare works in (Qubes-)Whonix, but that just some of the security issues could be tighter? e.g.




On the wiki page, it says:

“INCOMPLETE - Depends on unimplemented features for Whonix”

That makes it sound like it doesn’t work, instead of (the probable intended meaning) “It works, but not with the best possible anonymity/security settings”.

2. Signal stuff says “Incomplete”. If it doesn’t work with those steps and it is just a basic skeleton, then I think we remove it from the main ToC i.e. because it is non-functional and not up to wiki standard for users.

3. That MixMaster page needs major reworking the way all the content is across 2 pages (Nym Server stuff can stay separate). Right now the main page is less useful than some of the Dev stuff.



Could someone please write a call for testers news for https://www.whonix.org/wiki/Whonix_Live?


  1. Unclear. If I am not mistaken, @HulaHoop wrote that. It’s been years since I tested RetroShare and lost interest since due to ceased development.

Nit: says unfinished rather than incomplete.
To answer your question: The instructions work as is but they are not elaborate / not pretty, not referencing usual disclaimers from https://www.whonix.org/wiki/Install_Software.
Sometimes I am using the wiki as a scratch pad. I don’t mind about the ToC entry but I would like to keep the page even if noindexed.

https://www.whonix.org/wiki/Dev/Mixmaster is a scratch pad with all the setup that was initially required. Most of it has been applied by default to Whonix to improve usability. So instructions on https://www.whonix.org/wiki/Mixmaster alone should be enough. That page was created during an earlier period of Whonix development where I wanted to show that almost anything can be combined with Whonix. (Kinda unlikely being an actual user of ZeroNet, Jondonym, i2p, mixmaster, remailers, proxy, ssh, VPN, bitmessage, various chat, voip and crypto currency clients, ftp, ssh, vnc, usenet, yacy, rss, freenet, gnunet, and whatnot. Some things were interesting for a time but then dropped.)
Haven’t used in years and unclear user interest. That might explain the “rotten” state of some things. Luckily many applications change little over time so things remain useful. Appreciate all efforts of upkeep!


i suggest being hesitant with gajim. for vanilla use over tor, it worked well enough. however, once i started trying to use omemo effectively, there were a lot of pitfalls. in some instances, it failed open (ie. unencrypted message sent). also, i was running into a bug here and there which i could not isolate. basically, a number of the tick boxes in the “privacy” section of “preferences -> advanced” would re-enable after i disabled them for some reason. additionally, unless there has been a sea change, there is no functional otr plugin for gajim at the moment.


Reinstalling Qubes-Whonix TemplateVMs page created and finished. Mistakenly added all content using admin privileges so I deleted page and started over. Also I’m not sure about the page title. Know it needs to be a redirect from Qubes/ ?



OK, great.

So, basically they just need a bit of polish or minor updates (except for Signal which needs a bit more work). No big deal. Should be able to do the testers post if you like.

Interesting - that is a major security issue with Gajim if that is the case. Happens with absolutely latest version available etc? Is that an open issue on their tracker?

Probably shouldn’t sit at the top of the list then. Although I know Micah Lee also likes it and he is pretty solid on advice normally.

Good work! :slight_smile: Did a minor edit.


I’ll have this finished a little later on. Unless @torjunkie is planning on it

Yes, I discovered boxes! :laughing:

I’ll get the formatting correct eventually. Well, maybe.

Edit: Should a term other than “dummy template” be used when moving vms to the cloned template? It could get confused with an actual dummy template in Qubes Unintall. i.e. dummy templates do not have a file system


Yes, wrong term I used there. Please change to something appropriate. PS there is no “correct” with editing, just differences in opinion One person’s box is another one’s bane. :wink:

Please, go ahead. I’m a little spent at the minute, so might take a breather for a bit anyhow.

Personally, I think the wiki is 50% improved since the website changes, improved stability and everyone’s efforts. I think Whonix forum traffic for simple shit also dropped by 50%, except for the usual offenders e.g. VPNs, install/re-install, Tor won’t bootstrap Qs, and clock fixes/time sync.

Take those out of the equation, and it is very quiet. Just like it should be when the software is blessedly stable and the important parts of the documentation actually work (mostly). :slight_smile:


Yes what I wrote was true at the time but may very well have changed. I don’t think we should endorse retroshare anymore because of the serious security bugs/RCEs uncovered all over in an audit. While the concept is awesome, the implementation is lacking and it would be irresponsible to endorse it for a user base that may have serious sec requirements.

I think we should deprecate install instructions and leave the info about the state of its codebase as a warning to those who might consider it.


Draft for Patricks review. This is not an actual call for testers!

Whonix VirtualBox/KVM Live-mode Testers Wanted!

Whonix now has the option of booting into a live system . When live-mode is chosen, all write operations will go to RAM instead of the hard disk. The primary objective of live-mode is to prevent malware from gaining a persistent foothold and to return the system to its state prior to booting.

System with low resources:

If Whonix is running on a system will low RAM it is recommended that all non-essential processes are shutdown on the host. This will free up memory to allocate the virtual machines if needed.

Configuration instructions for live-mode:


Note: Live-mode is currently unsupported with Qubes-Whonix

Follow Whonix live-mode Development:

Thanks to @Algernon and everyone else who made live-mode possible.



Reinstalling Qubes-Whonix TemplateVMs page created and finished. Mistakenly added all content using admin privileges so I deleted page and started over. Also I’m not sure about the page title. Know it needs to be a redirect from Qubes/ ?


Excellent! I moved to:

This is because other Qubes docs are also in Qubes/ hierarchy. (Could
be reconsidered but I guess it is good like that (SEO).)

Added some TODOs to https://www.whonix.org/wiki/Qubes/Reinstall.

Any other advantage of Manual Reinstallation method other than The advantage of this method is, that it also works with non-Fedora based Qubes dom0 UpdateVMs, i.e. also with Debian based Qubes dom0 UpdateVMs.
(just now added by me).?



Thanks HulaHoop. To deprecated it shall go.


Grammar nit (won’t let me edit it for some reason):

This will free up memory to allocate to virtual machines if needed.

(Or reword: This will free up memory for virtual machine allocation, if needed.)

Note : Live-mode is currently unsupported in Qubes-Whonix


Automated Reinstall

TODO: --action=reinstall requires a Fedora based Qubes dom0 UpdateVM.

I conducted testing using sys-whonix as UpdateVM. It went smoothly AFAICT. I’ll have to test again

Manual Reinstallation

Unfinished! See TODOs

It didn’t occur to me to put those in. Much easier to use salt since it does all of the work. no mistakes

I’ll get those done :wink:





this is from when i was creating a chapter for it in the guide i work on a couple months ago. i don’t know if it’s with the latest version. additionally, another bug i forgot to mention was that the ability to even select omemo encryption in a chat window would sometimes be haphazard. the omemo icon simply wouldn’t display.

i have not reported these as bugs to the devs since i am not sure if it had something to do with the virtualbox environment i was experimenting with yet. as you may recall, i had a weird error where coyim and torbrowser appeared to be fighting with each other, and that was fixed by increasing the ram available to the workstation. if there is a strong desire to move to gajim, i can give it another round of experiments.

[user@dom0 Desktop]$ qubes-prefs updatevm

user@dom0 Desktop]$ sudo qubes-dom0-update --enablerepo=qubes-templates-community --action=reinstall qubes-template-whonix-ws-14

Qubes OS Repository for Dom0                     25 MB/s |  26 kB     00:00    
Dependencies resolved.
 Package                     Arch   Version             Repository         Size
 qubes-template-whonix-ws-14 noarch 4.0.1-201807171801  qubes-dom0-cached 672 M

Transaction Summary

Total size: 672 M
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Reinstalling: qubes-template-whonix-ws-14-4.0.1-201807171801.noarch       1/2 
whonix-ws-14: Importing data
  Erasing     : qubes-template-whonix-ws-14-4.0.1-201807171801.noarch       2/2 
  Verifying   : qubes-template-whonix-ws-14-4.0.1-201807171801.noarch       1/2 
  Verifying   : qubes-template-whonix-ws-14-4.0.1-201807171801.noarch       2/2 

  qubes-template-whonix-ws-14.noarch 4.0.1-201807171801                         

[user@dom0 Desktop]$ 

It took multiple tries running the command due to connection failure (Tor congestion). So maybe a comment should be made that re-running command might be necessary.

Using a non-torrified UpdateVM might also be needed if whonix-gw is the (broken, misconfigured…) template that is reinstalled. Instructions for both torified and non-torified are needed. Or maybe combined into a general - How to set UpdateVM?