Long Wiki Edits Thread

New Electrum instructions are ready for review.

https://www.whonix.org/w/index.php?title=Electrum&oldid=41482&diff=cur

1 Like

Warning: Difference between revisions - Whonix is huge. All self-written? @torjunkie I haven’t seen such a summary/overview before yet.

Could you please help to review Warning: Difference between revisions - Whonix @HulaHoop?

<ref>Some have already been addressed by The Tor Project.</ref>

Why make this a footnote? Which ones were addressed, and which ones not? Seems like an important information if we add this.

<ref>Explaining why browser plug-ins should generally be avoided or disabled in Tor Browser.</ref>

Slightly confusing. All disabled by default in Tor Browser.

Connections to peer-to-peer systems are exploited to retrieve the IP address of the client. For example, adversaries can retrieve the IP address of clients connecting over Tor with the BitTorrent protocol when they communicate with the torrent tracker. <ref>Torrent trackers retrieve information about peers who can share the requested resource, that is, IP address and listening port.</ref> While tracker lists can be retrieved anonymously over Tor, the actual P2P connection is not – meaning a MitM attack on this connection can redirect to a list that includes the IP address of a malicious torrent peer. This means the IP address of the client that originated the tracker request (over Tor) can be retrieved.

Doesn’t apply to Whonix.

Quote Filesharing and Torrenting

Whonix will keep your IP address hidden while you use BitTorrent and other file sharing and P2P programs.

Since it doesn’t apply to Whonix, is it worth mentioning it on our Warning page? We could mention a short summary on attacks on Tor somewhere in Whonix wiki but the Warning page isn’t the right place?

Tor clients can be induced to adopt a malicious Tor guard (entry) node via: altering traffic capabilities of the target, blocking connections to legitimate entry nodes at the network level, and so on. This greatly assists end-to-end correlation and other attacks.

Reference required.

<ref>Note: This attack variant is no longer possible since directory servers now control the declaration of effective bandwidth.</ref>

Shouldn’t be a reference if this is no longer valid, too important to hide it in reference.

Cell Counting and Padding

Reference required.

Tor Cells Manipulation

Reference required.

Timing Attacks

Reference required.

Shaping Attacks

Reference required.

OK - tried to address most of that. I’m sure HulaHoop will pick up any BS claims made by researchers here.

All comes from the primary ‘Darknet’ reference. Have looked at a bunch of secondary refs which look pretty good. I should paraphrase / rephrase it a bit harder though :slight_smile:

@0brand nice work on Electrum pg

2 Likes

Tips on Remaining Anonymous: Difference between revisions - Whonix

Restructure to get rid of numerous ‘do not’ points in succession)

Nice. I agree. I am wondering about the whole page title DoNot. It’s a negative. Does that make sense? Is that cool, fancy, helpful to get the message across? If you’re wondering the same, I’d be open to re-style it. But if I am wondering about non-issues it can also stay as is.

Yes, rephrase it from the negative to the positive would be good. Perhaps a redirect to a page which matches the title. For example, “Tips on Remaining Anonymous”

1 Like

Electrum page:

Instead of

Note: Unless directed otherwise, the following instructions are run in Whonix-Workstation anon-whonix (Qubes-Whonix).

I’d move “anon-whonix” in the parenthesis:

Note: Unless directed otherwise, the following instructions are run in Whonix-Workstation (anon-whonix in Qubes-Whonix).

There’s a typo in footnote #1: sever instead of server.

Apart from that, looks perfect :+1:

1 Like

In Anonymize Other Operating Systems

The Stream isolation in Tor Browser is no for Whonix Workstation. Should we update it to yes?

iry via Whonix Forum:

In Anonymize Other Operating Systems

The Stream isolation in Tor Browser is no for Whonix Workstation. Should we update it to yes?

Yes.

I would say we should avoid making such a section entirely to avoid making inaccurate statements. Some of these attacks are purely theoretical and may not be effective in the real world. Hosting distances and datalink latency might make them useless in practice, also Tor network size and mixing in more traffic besides just TBB, also affects success rate. Also unless we have someone actively asking TPO for a review of the material and to keep abreast any mitigation developments, we risk harming the reputation of the software’s efficacy since the data will be outdated.

With that said, if you want to keep it, it better belongs in it’s own dedicated page instead of the warning page. I also agree about the comments Patrick made.

1 Like

A dedicated page with dedicated maintainer would be ok. Then Whonix is
more like a third party host of information and we have limited duty to
review the contents.

These contents are inspiring for sure for some readers but seems non-essential for most users of the warning page. However, this goes more into the direction of a research project. It would a lot time to get knowledgeable enough to be capable to review and publish it for me.

As chapter License of the Warning page indicates, the Warning page was initially based on Tails Warning page. So any argument made by me just now could be turned against me. Such inconsistencies would be inherited from the fact that this was initially a fork of Tails documentation for completeness of Whonix documentation sake rather than a well thought through “what the user really needs” (which is an afterthought much later now).

I think @HulaHoop has a point here. the issue of online security is huge and perhaps it will be useful to separate the attacks we can mitigate from those we can’t.

Specifically, what’s missing for me is a more Whonix-centered threats page, and practical ways to address them, if any. For example:

  • Effect of sdwdate or whonixcheck on possible classification as a Whonix user vs. any other Tor users (by Guard?).
  • Workstation to gateway flow of info. For a careful user, the workstation is “what you do” while the gateway is “who you are”. The combination of both presents the biggest danger. But when the info from the workstation isn’t encrypted, gateway has both “who you are” and “what you do”. Is there a way to address that.
2 Likes

No problem. Just get rid of them.

1 Like

Covered here:

?

Looks so. Another point - can the UTC settings in Whonix be a giveaway?

Tor browser presents UTC anyway. If somehow the Guest time is exposed (if not possible with TBB, then say with FF), this info can be used.

For example, a clearnet site in Russian observes the following:

  • User accesses it at hours that makes sense for people in Russian timezone
  • User arrives through a Tor exit relay
  • Browser exposes the OS timezone is UTC

What’s the likelihood it’s a Whonix user? Similarly for an Australian or Japanese site? or a site that mainly relevant for Pacific time users?

Tor Entry Guards: Difference between revisions - Whonix

I don’t think these instructions lead to different Tor entry guards.

Making a snapshot of Whonix-Gateway after it boostrapped results in Tor having already picked its entry guards. Reverting to such a state always ends up with the same Tor entry guards.

The most usable way to do this might be multiple Whonix-Gateway’s.
Manually copying Tor guard configuration each time before each use case seems error prone and complicated.

# This snapshot should be used with <u>all</u> Whonix-Workstation snapshots related to/called “Email”, whether it is identity “John Doe”, “Jane Doe” and so on. Note the Workstations should also be generated separately from a clean baseline.

Not sure about this also.

//cc @HulaHoop

How’s it so if Tor was not started yet?

We want the same guard for all activity of the same type. To run two email accounts concurrently, then you would need to clone the GW.

You’d never need to do this. Just use the same GW snapshot or clone.

Quote Tor Entry Guards: Difference between revisions - Whonix

# Start Whonix-Gateway and wait for Tor to finish bootstrapping (connecting).

Finish bootstrapping = Tor has chosen its entry guards.

Quote Tor Entry Guards: Difference between revisions - Whonix

Whonix-Workstation snapshots related to/called “Email”, whether it is identity “John Doe”, “Jane Doe” and so on.

This sounds like multiple e-mail accounts should be using the same Tor entry guards.

Well that text did say to create these snapshots per domain of activity i.e. Email, IRC etc. and not for separate identities within a domain e.g. Jane Doe 1, Jane Doe 2 etc.

2 Likes