Yes, please put your name as maintainer of that page and proceed.
During Tails license deprecation on pages that don’t contain Tails contents the {{Header}} got lost in action. Could you restore please?
Almost (except some legal pages) should have {{Header}} and {{Footer}}.
Could you review supply chain attacks please? Firmware Security and Updates: Difference between revisions - Whonix @HulaHoop
It’s good but shouldn’t we call this a waterhole attack? Supply chain implies physical tampering like product interdiction or infiltrators in the hardware industry that slip malicious circuitry into a chip fab. Both attack classes are not mutually exclusive.
It’s important to say that the more widespread the targets, the easier detection becomes so sometimes it will be limited to a small number of shipments going to targets.
1 Like
Based on the preceding information and links, users seeking an open-source solution need to make a compromise. Since RISC processors supporting a fully-fledged operating system do not yet exist
RISC as in RISC-V? RISC-V is an open source, permissively licensed ISA (instruction set). It is not a processor itself. LowRISC is the foundation committed to releasing a version of the processor that is completely open from the ground up.
OpenPOWER technology and opensource hardware principles. Unfortunately it is not compatible with Qubes OS.
I’d add: but it is with Linux. There can be a hypothetical Whonix KVM Version for a Raptor workstation.
Question: Is OpenPOWER merely source available or can foundation members freely modify and release processors based on remixes of the ISA? The word open would be confusing in such a situation.
1 Like
Contributors and Authorship - should we add e-mail addresses, link to major accounts (like github), and gpg keys there? (Only for those who wish. No need to complete for completeness sake.)
Or Official Whonix ™ Online Profiles more suitable?
Background: I was recently asked if HulaHoopWhonix · GitHub is part of Whonix team, and didn’t have any wiki page to point to.
How about a link to the users profile. Email/gpg key can be added there.
For example: https://forums.whonix.org/users/entr0py
1 Like
Example of first time Linux in a VM user woes.
“Whonix is asking for host login” → https://www.reddit.com/r/Whonix/comments/b6qvjr/changing_password_in_whonix/
(An issue of not providing a unified experience.)
Trying to update @0brand’s e-mail address. Moderator status will be temporarily revoked (duration less than 1 hour most likely). Similarly the account will be deactivated for a very short period.
1 Like
As per:
User account @0brand deactivated, e-mail updated as per @0brand’s request, activation e-mail sent, (mod restored). After link the activation link, the account will be re-activated.
1 Like
On second thought this would be a better idea. If someone were to look at (https://github.com/orgs/Whonix/people) they might think Whonix is a single person project i.e. mostly Patrick’s commits in recent times. Even if looking at the Whonix Team page it would be difficult for other people (orgs) to tell from a glance:
a) who contributes. AND
b) what they contribute to the Whonix project.
This way it would be a simple matter to provide a link to the Official Online Profiles page. It could save time down the road if someone requests this information.
I’ll be creating my profile when I get the chance. 
1 Like
@Patrick Sure Whonix users don’t need to follow this, but people who want it on their hosts for more security and wider application will. Can you please revert?
1 Like
Are there reasons for not changing whonix clearnet instructions to also be over Tor?
tor+http
and also would need apt-transport-tor
https://www.whonix.org/wiki/Template:Whonix-APT-Repository-Add
The page is primarily read by Whonix users. These following that instructions would be confusing. So we can mention Debian users there but it needs to be done in a way that doesn’t lead Whonix users to applying https://www.whonix.org/wiki/Whonix_Packages_for_Debian_Host.
- Onions unreliability. No longer using onions by default in Whonix.
- More complex instructions for setting up the repository. Maybe not a good reason?
- How much is it worth connecting to Whonix repositories over onions when all other of users repositories are probably still using plain http? Maybe not a good reason?
Onions could be mentioned but I was wondering if that is not what the user is looking for in that moment, thus bouncing.
No problem - instructions are very nice and pretty clear (interested users can read the footnotes as you say for details).
Please give the wiki account Buffy power to edit templates and create new pages and I’ll do the rest. (will also fix up that Onion Gaming shit, which is annoying on that Onion Services page etc etc.)
BTW there are some protected templated pages which IMO shouldn’t be protected e.g. stylometry, that malware & trojans page etc. Generalist text that is only mentioned in one page should allow general user edits so they can be improved over time by the user base. Templates used in a 1,000 places - not so much.
I’ve added waterhole attack text to the firmware page → but I need to shift it to the “Malware and Trojans” page (since not specific to firmware where the pending edits are sitting). But waiting on template editing powers for that.
Thanks - will fix all that.
2 Likes
Great! 
Done.
Sure. Please update.
I meant changing the instructions for whonix clearnet repo to have its traffic routed thru Tor by adding tor+http://deb.whonix.org…
1 Like