i was trying to c is there going to be any connection between 2 different whonix versions, so they have connected and the connection was normal.
so i was asking, dont u think its kinda un-safe for this to happen ? because if any hacking attempts to the uploading server of whonix, i dont think he need much effort to compromise the newest whonix version. he just want to c an old version of whonix and discovering an exploitation in it and upload it again (so we r making things much easier to him for that).
note: i know u gonna say that everyone should check his version witha gpg key (even the newest one) and shouldnt trust the server.
but as whonix is getting updated which mean also the security is getting much sophisticated and making it harder and time consuming to the hackers to done that on the newest version code.
also with this connection mean even if we reach whonix 20 it still connected with whonix 9 (i wonder if the crackers wouldnt take this advantage to compromise whonix regular users in the future).
They’re compatible at the moment. No security issues as far I can see. Maybe some day ports will change, hopefully not, but for now they’re compatible. The only unsafe thing that could happen if old versions are deprecated and therefore rotting.
Other improvements to increase download security are complicated TODO that need code:
so dont u think that each version of whonix should has its own compatibility ?,
i know maybe putting lock connected for each whonix version might get even worse than leaving them like this (because it reminds me with WPS in the modems firmwares).
but i think the solution should be with whonix built communications better than connection versions lock.
No, at first, I am not convinced of this. I think imposing extraneous restrictions in a Libre Software project is inappropriate, will generate confusion, bad feelings. Old versions will notify, that they’ve been deprecated by whonixcheck. If users ignore it and keep using them, it’s their freedom. I don’t think it would be appropriate to restrict it. And if they keep using it for a sjprt time, an old workstation behind a newer gateway because they want to upgrade it, more power to them.
Imagine how you would feel if
- you deleted your old Whonix-Gateway 9
- got a Whonix-Gateway 10
- want to upgrade an old Whonix-Workstation from 9 to 10
- it won’t work, you come to the forum and are told, you must get Whonix-Gateway 9 again.
Would sound kinda strange, no?
However, I might be convinced if others, especially contributors make this argument or if convincing arguments are made.
so far i can agree with u regarding ppl choices , and i dont want to argue about something which has the title of “might happen” , we can make notes that each pair should be downloaded together (or thats what the links should contain or we make 2 lists of each whonix versions …etc). but like i said its not about the argument of accepting this idea or not , but all i want to say that, we r making ease to the hackers who use this type of hacking.
in the end , u know what is the best for whonix anonymous users.