@torjunkie i have a beta release that was near ready for final publication over the last month. then, a few issues came up.
- vfemail.net has changed their registration process to make it near impossible to register for an account over tor. recaptcha v2 is used in the registration process. on vfemail’s onion, the recaptcha will not appear, thus making registration impossible there. on the clear net, the initial click on the recaptcha box opens a new tab to an ad site. when clicking on it again, it now claims that “too many connections bl blah blah” more often than not and won’t allow registration. i have contacted the admin a number of times over the past month on this but have yet to receive a response. they are usually very good about responding, so i do not know what is happening here.
thus, i am in the process of searching for a new free email service with an onion that does not require any additional shenanigans for registration and has a competent enough admin to keep the domain out of spam blacklists. so far, this has been exceedingly dificult due to various other providers requiring an additional email address for verification. the other issue is that, for the small handful i have found that do not require email address, phone numbers, etc., they are relatively new with entirely unknown admins, which is problematic from a “trust” scenario. (yes, i know. trusting email providers is wrong. “use gpg.” however, some services require an email address for verification and do not implement gpg in that process, which makes them easy to exploit by malicious email admins if their users use the email for services like twitter).
-
tor messenger developer, rather abruptly, announced the end of the project 3 days ago. the beta version of the guide has a completely rewritten chapter on instant messaging using tor messenger. so that has to be redone from scratch. now torn between gajim (for the omemo support) or coyim.
-
virtualbox in debian stretch is in backports repo. after publication of multiple vulnerabilities a couple months ago, the version in stretch-backports is still vulnerable. so, need to redo the guide to use oracle’s debian repo. however, that destroys process of having all operating system updates done via onion servers. i would prefer to use kvm for the guide. however, i have not discovered a simple means to have an immutible core system with kvm that is similar to what the guide implements with virtualbox. if an additional virtual hard drive is added to the whonix vm for storage purposes, and it is excluded from a snapshot, virsh throws an error.