Tor browser view

naapa · August 21, 2015, 7:02pm

Why is it that tor browser in Whonix is different to other OSes? It’s missing tor circuit view and a few other features. i try to add sandbox 1 feature from here Security Guide - Whonix but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.

i’ve also installed apparmor but running aa-status says I have apparmor running with 0 loaded profiles? is apparmor for tbb good enouggh that javascript and browser vulnerabilities cannot escape? or is it only limited to reading files?

Patrick · August 21, 2015, 7:39pm

Security reasons / open discussion.

Forget about Tor Button’s Open Network Settings:

Indicator for current Circuit Status and Exit IP:

Forum discussion:

AppArmor + No Javascript is better than AppArmor alone. Different levels of defenses. Disabling javascript reduces the attack surface. AppArmor tries to confine eventual exploits.

naapa · August 22, 2015, 6:42am

i see. is there a way to see which 3 nodes are being used within workstation or is that not possible in default state (without modifying config)?

also:

i try to add sandbox 1 feature from here Security Guide - Whonix but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.

How do I make sure I have latest version of tor?

Patrick · August 22, 2015, 7:46pm

i see. is there a way to see which 3 nodes are being used within workstation or is that not possible in default state (without modifying config)?

Unsupported. (https://www.whonix.org/wiki/FAQ#What_do_you_mean_by_unsupported.3F) Because we do not want this. A compromised workstation should not get access to these data for better anonymity. Revealing this information makes some attacks easier.

i try to add sandbox 1 feature from here https://www.whonix.org/wiki/Security_Guide but get the error: Failed to parse/validate config: Invalid transport line. Reading config failed.

As per https://www.whonix.org/wiki/About#Based_on_Debian you may be better of learning how to apply such settings on Debian

How do I make sure I have latest version of tor?

You usually have the recommended stable version if you do regular updates. (https://www.whonix.org/wiki/Security_Guide#Updates) [Installed from deb.torproject.org.]

And stay tuned at least on the important blog so there could be a notification if that was not the case. (Follow Whonix Developments)

Other than that…

dpkg -l | grep tor

Then compare with blog.torproject.org and see what versions are the latest stable.