What is the idea behind using d-i installer for Whonix? Installing Debian & VB and then loading the images?
There is a link on the documentation page labeled “Manually Create Whonix VM Settings, in case you want to restore a backup of .vdi hard disk image files” and linking to https://www.whonix.org/wiki/Manually_Create_Whonix_VM_Settings. Similar instructions would be required when installing using d-i (debian-like installer iso). I don’t think saying “install that iso”, then open a terminal and do ‘VBoxManage setextradata “yourvmname” “VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled” “1”’ etc. would be simpler than using the ova import method.
Providing multiple versions, each for particular users and applications, would be best, I believe. The current OVA version is fine for users who use VMs, or are willing to learn. And the current “build it yourself version” is fine for those with middling Linux skills. But that leaves out potential users who find Tails, or even TBB, too complicated.
I don’t like TBB, because I think that it puts clueless Windows and OS X users at risk. It’s not at all configured for other apps, but it doesn’t prevent them from running, or (as far as I know) even warn users. Tails is also somewhat problematic, because there’s no Tor-userland barrier, and it’s all too easy to save insecurely on USB flash drives.
As I’ve written in < https://www.whonix.org/forum/index.php/topic,65.msg1719.html >, I would love to see a LiveDVD version of Whonix. I believe that it’s doable, and with luck I’ll have a crude hack working within a week or so.
Many interesting opinions until now. To give the future of whonix a direction, I think you have to take a look from all perspectives: the users, the people offering whonix based services, the providers of other tor based solutions and maybe even the authorities.
The users might be the biggest group, people who want to profit from privacy in their more or less honest or legal interest. So greater their need, so bigger the effort they are willing to take. So for the masses the simple tbb or tails are first choice, as you can quickly use them when needed and then change back to normal life - until somebody uses whonix there has to a really professional or ideological need.
None of these examples from above finally represents a desktop os for daily use (that could convince users for that reason), only Qubes takes a very interesting approach in that direction. Finally the user is the weakest point in the equation, most people simply don’t care about or are not aware of privacy, or consider any effort to protect their privacy as useless anyway.
In order to change this whonix has to be or a quick and easy to use solution, or an integrated part of a desktop os (here I talk again about Qubes, forgive me). Even if one of these two ways can be done, there is still missing a corresponding public appearance of whonix as a solution (product).
Second I mentioned the people offering services. The usability of whonix for hosting is practically very low, though technically advanced. It seems to me like building an armored pickup with Ferrari technology - but there are no highways to drive it and let’s pray that no part will ever break. Last but not least there is no clue if you ever drive it safely when it’s loaded… so the step using kvm is extremely important.
Combining this with the user subject, there remains the missing infrastructure - and that would require management. There is missing everything that would make using tor/whonix attractive (besides the dark or legal reasons for privacy). To explain this furthermore would take to long here, still the main reason for that is the lack of opportunities for making profit because of the missing infrastructure. OK, now there is bitcoins and many others, but how about social networking, email, hosting and everything else that makes the web so attractive?
Finally the technology that could be used over the TN already exists: additional protocols, encrypted clouds and I even succeeded to use multipath tcp over tor - the sky is the limit.
As a conclusion I would draw the following image of whonix for a bright future: simplify it dramatically or integrate it with other projects (bundle resources), design and implement the technology for an extended user experience (whonix network;) and offer a commercial solution package (this alone is a highly delicate and complex subject, I will no go further into it now).
Maybe it sounds like SF to you - desn’t to me
In my opinion, the most user friendly way of doing something like this would be hardware only.
I imagine something like a hdmi minipc (or USBstick) plugged into a pc and making the gateway work.
Then the user would have to make all coms (cable our wifi) go through that gateway that would install (and look) as a usb network card.
The only device the I know may resemble my suggestion is this one: http://info-android.com/upload/posts/41/97/2358/11e853fcb195286a95eb0c078bffc11a62e2a894.jpg
but the HDMI plug should be a USB witch is not just an hardware issue.
This way the two-machines-design is kept only they no longer are virtual.
You may guess I am not an expert, and I am not, this is just a suggestion.[/html]
Hardware solutions could only provide censorship circumvention. Can not providing anonymity alone, due to protocol leaks, i.e. browser tracking / fingerprinting. Hiding IP alone isn’t enough nowadays.
So it would require a hardware device + “you must install this package on your device before you’re ready to go” solution. I don’t think that would Whonix simpler. Unfortunately.[/html]
I’ve got one small idea to help usability – as I’m setting up Whonix for my folks (where I don’t live) so I can then communicate with them anonymously and they can browse freely on sensitive subjects also!
This is it:
The update steps (apt-get) in konsole are a bit much for a windows-usually, 60-something technoklutz! How about including a one-click shortcut with a big nice ‘Update Whonix’ and icon on the Desktop, and instead of (only) giving scary unintelligible instructions to do those commands like WhonixCheck currently instructs, instead say: ‘Updates found! Click on ‘Download Updates’ on the Desktop to stay secure! (Advanced users: do .)’?
I’ve set a simple shortcut to a sh script just doing:
kdesudo apt-get update && kdesudo apt-get dist-upgrade -y
And all it does it gui-prompt for password after clicking on it once! Ease of use indeed will increase security for the mainstream, and anonymity for us ALL – the more people can use Tor and Whonix and encryption and all these tools, the better for all of us and the harder for those who want to take our rights away!
(Btw I’m new to linux too so probably aren’t using state-of-the-art syntax back there :P)
Anyway, thanks for everything you do with Whonix Patrick – it is a just amazing and essential tool for anonymous Internetting!
Btw, is there some ‘whonix suggestion box’ that one can submit simple but useful (anonymous) suggestions for improving the security/privacy/usability of Whonix for dev consideration?
I know thre’s the forum, the wiki and github, but I mean something that doesn’t require an account – just a ‘dropbox’ for sharing helpful suggestions with a simple text submit form and begrudging captcha if need be.
Cos I’ve got another one, and I’m sure I’d have more in the future as I get used to whonix! and that is, removing the maximize button in kde settings, so the user (e.g. your technoklutz folks), can’t accidentally maximize TBB and suddenly make their fingerprint INSANELY unique (cos ofc, it’s too hard to expect not to use JS when they browse! I will, but not having a maximize button by default will help retain anonymity – and power users can always manually resize a window anyway, or add the button back of course!)
Oh, me again, with another small friendly suggestion! You can also double click on titlebar to maximize too, not good for accidental use by a ‘mainstream’ non-technical user and they don’t realise they have a highly unique fingerprint for the rest of that browsing session! (which since this is a persistent vm, could be for a very long time, weeks even – longer, if they ‘save state’ when closing and whonix never needs to be restarted!) I think TBB resets window size when starting up (and probably with ‘New Identity’) but still…it can happen, and it’s an anonymity liability!
So: System Settings, Windows Behavior, Window Behavior, Titlebar Actions, Titlebar double-click: set it to nothing by default![/html]
How are you posting as Guest? Its cool and I wanna do the same.
Whonix resolution is standard for all versions so it shouldn’t leak the host screen size. The resolution info leak should be fixed by TorProject devs by now.
Anonymous bug reporting is an interesting idea. Tails has it under a feature called WhisperBack. Maybe porting it over to Whonix won’t be hard.
Patrick can you create a cypherpunks account on phabricator for anonymous reporting like Tor trac? The new bugtracker is hidden for new comers. Some direct link on the homepage or forum can help them find it.
Me for a third time this time: yeah the above script ended up not actually working. My current revision is:
konsole -e kdesudo apt-get update && sudo apt-get dist-upgrade -y
(I’m learning! probably sudo is not even needed for dist-upgrade but hey it’s improving.)
It means grandpa only has to double-click on it, be prompted for password by the nice friendly kde window, watch the terminal text zoom past and learn something, and just let it do its thing until it automatically closes off – but of course, you’d be able to make an even nicer GUI progress bar tool for updating that doesn’t even show the terminal![/html]
Such an update tool would be desirable. There are quite some technical challenges implementing one. Those are documented here:
when i first heared i thought that the whonix workstation runs inside the whonix gateway. its maybe not as flexible as other setups but its a simple one and it allows to ship as 1 file. nested vms can also have a security advantage if 2 different virtualization tools are bing used.
User friendliness should not be the goal, rather thorough documentation should be the goal. Whatever technology has the best documentation thrives. Example: Arch Linux is so well documented its becoming its own standard amongst the Linux community, Debian is another example, packing great documentation, its probably running most of the worlds servers, as well as being the foundation of almost every major linux distro! Projects that do not provide excellent documentation are the ones that fall off the map. Dont cater to user friendliness, rather make the user knowledgable of the technology with excellent documentation, then the technology is friendly to them.
A small recommendation: Add ‘Whonix Forums Search’ (v3) to TorBrowser’s search providers.
(For a user, it is as easy as navigating to forum, clicking search icon, and then clicking the green plus sign in the Tor Browser search bar, to add it as a provider.)
This has the obvious advantage of making it that much easier to find support (I know the landing page for torbrowser has a link to forum).
Also, this adds a layer of security, searching the v3 onion directly. Rather than possibly using google, or duckduckgo’s clearnet search.
As far as recommendations for 2019 (5 years from OP). . .
personally, I would like a lighter install, without KDE, and something more along the lines of a net install, with the ability to add packages at install time.
You could have your bare metal base version, and then your fully loaded user friendly version with all the defaults installed.
For the fully loaded version, here are a list of some of my installed packages:
KeePassX v2 (alrernate)
Electrum Bitcoin Wallet
Electrum Litecoin Wallet
Electrum Cash Wallet (BCH)
I would also like to see Namecoin integration wherever possible.
I know zuluCrypt has been discussed, which I have installed but haven’t used. But I really like Tomb, and would love to see it packaged with Whonix.
Also, Cryptomator + Nextcloud is really useful for keeping folders sync’d across multiple Workstations.
Referring to this?
Interesting idea. I don’t think it could be added to Tor Browser by default.
Probably a user added option. I have to say I never thought of doing that.
Too long list , not used by all users.
i think the vision of Whonix goals should be the simplest best programs for anonymity.
e.g for not useful choices:-
signal-desktop = very bad app for anonymity , not even customized for it. kinda good with seucrity.
e.g for Debatable choices (ofcourse not recommended to add all of them)
Riot or Tox or Ring ?
e.g for not useful for all users
all cryptocurrencies services
e.g for not ready yet to use apps for anonymity
TorMessenger -> Still Beta
BitMessage -> Still Beta , not active sine 2 years
these choices r not recommended to be install as default applications, but sure any user can use them inside whonix by his choice.
Whonix vision for the applications:-
1- must be installed through debian package
2- active and stable development
3- meant to be for anonymous communications
4- no fishy company/developers behind it
5- for sure it must be fully opened source with source code availability
Yes, I saw the convo about disabling JS.
Maybe on the whonix landing page in ToprBrowser, there could be a note or link to quickly and easily add Whonix Forum Search to list of browser search providers. I find it very useful for quickly finding solutions to Whonix problems.
Well, of course. I didn’t say they should all be added to the defaults. I was just giving some ideas about what I personally use.
Agreed. No need for 20 chat clients, most of which use XMPP (and therefore redundant)
It’s not good unless you know how to provide an anonymous phone number, that you can anonymous keep control of.
I think Tails packages Electrum, right? I think that should be included in Whonix as well. At least for BTC,
Whonix vision is good.