Why is it that tor browser in Whonix is different to other OSes? It’s missing tor circuit view and a few other features. i try to add sandbox 1 feature from here Security Guide - Whonix but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.
i’ve also installed apparmor but running aa-status says I have apparmor running with 0 loaded profiles? is apparmor for tbb good enouggh that javascript and browser vulnerabilities cannot escape? or is it only limited to reading files?
AppArmor + No Javascript is better than AppArmor alone. Different levels of defenses. Disabling javascript reduces the attack surface. AppArmor tries to confine eventual exploits.
i see. is there a way to see which 3 nodes are being used within workstation or is that not possible in default state (without modifying config)?
also:
i try to add sandbox 1 feature from here Security Guide - Whonix but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.
i see. is there a way to see which 3 nodes are being used within workstation or is that not possible in default state (without modifying config)?
Unsupported. (https://www.whonix.org/wiki/FAQ#What_do_you_mean_by_unsupported.3F) Because we do not want this. A compromised workstation should not get access to these data for better anonymity. Revealing this information makes some attacks easier.
i try to add sandbox 1 feature from here https://www.whonix.org/wiki/Security_Guide but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.
As per https://www.whonix.org/wiki/About#Based_on_Debian you may be better of learning how to apply such settings on Debian
How do I make sure I have latest version of tor?
You usually have the recommended stable version if you do regular updates. (https://www.whonix.org/wiki/Security_Guide#Updates) [Installed from deb.torproject.org.]
And stay tuned at least on the important blog so there could be a notification if that was not the case. (Follow Whonix ™ Developments)
Other than that…
dpkg -l | grep tor
Then compare with blog.torproject.org and see what versions are the latest stable.