Whonix / Kicksecure 15.0.1.4.8 - for VirtualBox - Point Release!

This is a point release .

Download Whonix for VirtualBox:


Alternatively, in-place release upgrade is possible.


This release would not have been possible without the numerous supporters of Whonix!


Please Donate!


Please Contribute!


Notable Changes

Whonix:

Whonix VirtualBox:

Qubes-Whonix:

Kicksecure:

  • Set hostname to localhost for VM builds. Just a sane default that works with default /etc/hosts without warnings about wrong hostname when using sudo. /etc/hostname is not managed by any configuration package. Feel free to change.
  • Unbreak VirtualBox clearnet DNS settings when not using DNSCrypt.
  • Disable DNSCrypt by default for now due to issues. Potentially re-introduced later as an opt-in package. See Use DNSCrypt by default in Kicksecure? (not Whonix!)

Full difference of all changes

https://github.com/Whonix/Whonix/compare/15.0.1.3.4-developers-only...15.0.1.4.8-developers-only


About Whonix

Whonix is being used by Edward Snowden, journalists such as Micah Lee, used by the Freedom of the Press Foundation and Qubes OS. It has a 8 years history of keeping its users safe from real world attacks. [1]

The split architecture of Whonix relies on leveraging virtualization technology as a sandbox for vulnerable user applications on endpoints. This is a widely known weakness exploited by entities that want to circumvent cryptography and system integrity. Our Linux distribution come with a wide selection of data protection tools and hardened applications for document/image publishing and communications. We are the first to deploy tirdad, which addresses the long known problem of CPU activity affecting TCP traffic properties in visible ways on the network and vanguards, an enhancement for Tor produced by the developers of Tor, which protects against guard discovery and related traffic analysis attacks. Live Mode was recently added. We deliver the first ever solutions for user behavior masking privacy protections such as Kloak. Kloak prevents websites from recognizing who the typist is by altering keystroke timing signatures that are unique to everyone.

In the future we plan to deploy a hardened Linux kernel with the minimal amount of modules needed to get the job done, an apparmor profile for the whole system, as well as LKRG, the Linux Kernel Runtime Guard.


[1]

1 Like

2 posts were split to a new topic: Kicksecure /etc/hostname /etc/hosts