usability, popularity vs security, Freedom Software purism

No, just some enthusiastic writing from an enthusiastic user :slight_smile: But you are right, let’s stay on point.

Agreed. But then if we are talking about potential jail time, then additional measures are to be taken, such as encrypted USB disks, using bridges to connect to Tor, maybe connecting to public Wifi spots (although might not be a good idea in certain circumstances).

What I mean is that if it really is a question of life or death you surely need to be very up-to-date with OPSEC and anonymity topics, merely installing Whonix on Windows and expecting it to cover all your needs out of the box is unrealistic.

Thanks for the concrete examples.

  • Tor Browser: good point, maybe open a new topic (don’t know if it has been already discussed recently or not)?

  • The default clipboard sharing is Whonix VMs is the worst safety-wise (bi-directional sharing) → can be disabled very easily. In KVM, disabled by default.

  • The speakers in Whonix VMs are enabled by default, allowing malware to leak information to external infected devices → it’s being currently discussed, so nothing definitive here as I understand:

Valid points. If you have the skills and time, I am sure your contribution to the first point would be very valuable. As for the forums, I am afraid there is nothing we can do as long as we use discourse.

A majority of people will go for the easy path. That’s understandable and their own choice. This could also be achievable within Whonix, but it requires some commitment. But it is possible, and documented. So I think we agree it’s the user choice eventually. And yes, Whonix is probably not for everybody or lazy users, but there is nothing that inherently prevents it from being used by anybody.

Regarding resources allocation, I think it really depends on who does what. If @Patrick or other core (and skilled) developers would devote half their time to documenting file permissions in Linux, then yeah that would be pretty bad I guess :slight_smile: But if that would be me, or another regular user, that wouldn’t be a waste of resources, don’t you agree?

my bad, must have missed this!