Continuing the discussion from disable speaker by default or optional for better security?:
It is a question about right balance between two strategies.
The most security focused approach is:
A)“Whonix” hardened gentoo based - don’t care about any laymen who will fail at usability. A way to run a “project” would be “only use this for myself and don’t bother telling anyone”. Perhaps have a blog post that very few read let alone apply about how to set up that somewhere but then that’s about it.
The most reward focused approach is:
B)Perhaps some proprietary Windows only tool or perhaps even non-security related software or service.
With Whonix the goal is the right balance.
- Protecting some/as many as possible situations in real world.
- Sizable user base. Having two users only isn’t rewarding. Popularity requires usability. Project growth. Impact.
- Popularity leading to review, contributions.
- Don’t let the perfect be the enemy of the good.
- Don’t try to make everyone happy.
- Realism, non-fatalism, reasonability, feasibility, sustainable development.
If one follows mostly strategy
A) then the outcome of that is “only” a guide such as this. I could have used that for myself and then call it a day. Yet, a project, Whonix emerged from that. Without the popularity based approach, people would have never learned about Whonix. People wouldn’t have contributed research, documentation, review and source code. Whonix project certainly contributed inspiration to make create and improved approach of approach
As an analogy, is it useful to have a super secure window while at the same time it’s infeasible to secure the front door. Some argue to do everything to super secure the window even if securing the front door isn’t feasible in foreseeable future. Any security related project naturally attracts people who will argue in favor of security maximalism. Yet, in many cases such as Whonix, these security maximalists wouldn’t have benefited from the research and documentation that was created only as result of non-security maximalists projects which directed focus to the subject.
In case of Whonix, the window could be “compromised VMs communicate through audio output with nearby compromised devices” and the front door could be Tor or Debian (which isn’t using the most security focussed operating system applying as much as compilation hardening flags, kernel hardening, and whatnot by default). There are a lot shortcommings in anonymity/security/privacy which are documented throughout the wiki.
Security maximalism isn’t my thing. Applying it consistently might lead to fatalism, dropping all but Qubes-Whonix or even
I would hope that those who prefer approach
A), those who prefer security / Freedom Software purism, security maximalists can still benefit from the Whonix project (documentation, research, source code, discussion) and encourage them to software fork Whonix. Existence of different views on #project-philosophy is to be expected. Wikipedia writes:
Almost six hundred Linux distributions exist, with close to five hundred out of those in active development. five hundred out of those in active development.
The great thing about Freedom Software is that it encourages cooperation.