[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Whonix Standalone VS Qubes-Whonix


#1

Which project will be the priority?

I do not see any point in the project “Qubes-Whonix”. Large, slow and complex.

Those people (Qubes-Team) just make money on you. They exploit your slave labor.


#2

Qubes-Whonix


#3

How much do they pay you per month? :slight_smile:


#4

Previously, we did not have an alternative and we chose Qubes.
And now we have Whonix Standalone concept.
This is an absolutely normal process. Change of priorities.


#5

The research says otherwise.

http://kkkkkkkkkk63ava6.onion/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers

Non-sequitur. Qubes is free.[quote=“Lana, post:4, topic:3968”]
And now we have Whonix Standalone concept.
[/quote]

Contributions are always welcomed.


#6

Qubes provides security by isolation and Whonix uses security by isolation. Both projects compliment each other.

Qubes is relatively large, but it is not too large. I wouldn’t consider this to be an issue.
Do you have any performance benchmarks for Qubes-Whonix vs. Non-Qubes-Whonix?
I agree that Qubes is complex (a bit too complex for me).
Hardware compatibility is the biggest issue in my opinion because even the best system is useless if you cant get it running.

You could always setup a reasonably secure host system and use VirtualBox or KVM. The Whonix project has only limited resources and a dedicated host operating system is not a priority (it’s more a nice to have if someone wants to do it).

Edit: regarding the priorities of the Whonix project: that’s just my observation, feel free to correct me if I’m wrong.


#7

Lana:

How much do they pay you per month? :slight_smile:

It’s my personal primary operating system.


#9

Those people (Qubes-Team) just make money on you. They exploit your slave labor.

I wouldn’t mind if I made them money because of Whonix. Possibly they get some users / attention / etc. due to Qubes-Whonix integrations and therefore donations and/or other income.

One could also turn that around and complain, I am making money of Qubes. They have also quite a reputation and user base.

It’s a synergy effect. It’s Open Source / Libre Software, cooperation.

Sorry, to say, but concepts are relatively cheap. Implementation is expensive.


#10

Good day,

I’m sorry, but I’ll have to get slightly unfriendly now.

If you recall, in December we had a very similar situation with you: Lana's Linux Security Education

You are blissfully unaware of some of the most basic aspects of CS, development, modern security concepts, cryptography, projects planning, execution, the way the Linux kernel has been designed, as well as open source and what it entails in regard to adopting new features and ideas in general.

Furthermore, you seem to lack even the most basic knowledge needed to even understand some of the things you believe you are able to cover properly. As can be seen by previous discussion in this thread: Own Whonix for ten minutes. you appear to only spent a minuscule amount of time researching the things you try to discuss without knowing any details about them, as can be seen by your attempt to bring projects like Linux from Scratch into this, something I’m assuming you only found via Google a few minutes ago. Furthermore, you didn’t even know anything about basic compilation before I attempted to explain it (though I believe you still don’t know what it is, seeing how/what you write).

Furthermore, if we look back, you did maintain the (unreasonable) believe that the Linux kernel in itself was insecure, something I tried to explain to you though you didn’t reply: Lana’s Linux Security Education

Did you change your opinion on “having to rewrite the kernel in its entirety”?!

Next up, Whonix is an OPEN SOURCE PROJECT. That means, you may use, change, modify and redistribute the source code used by Whonix in a lot of ways. However, you are not, under any circumstances in the position to even assume that any request you have (especially a ridiculous one like this) will be honored. Maybe, if you ask kindly and do a major amount of initial work yourself, we will be able to help you. But I doubt it, seeing how you think having drawn a few boxes with some of the most simple, basic and not in any way new security terms constitutes as a concept.

This is what we call a concept: https://invisiblethingslab.com/resources/2014/Software_compartmentalization_vs_physical_separation.pdf

Extensive, well worded and reasonable as well as easy to follow.

Next up, let’s cover your argument against Qubes. You claim that you:

So? Nobody cares. Even if your “concept” for lack of a better word was better than Qubes (it isn’t) there would still be a reason to maintain compatibility.

Adding to all of that, you COMPLAINT in your “own Whonix in 10 minutes” thread that the Whonix documentation was to long. If you would know even the first thing about CS, coding, forking or cryptography, you wouldn’t even say that as a joke. If you want to modify software, there CANNOT be an extensive enough documentation.

Last but not least, your “concept” is plain bad. Look at Qubes. Look at their source code. Or at least, read the paper I linked above.

Their system is more than “just a host”. It protects from a host of hardware attacks. It protects your networking card. It lets you have multiple Qubes for different things, not just one Workstation and Gateway. It keeps your networking, USB devices, firewall and clipboard separate while still giving you as a user the ability to access all of them, if required.

All of these things are not really a “thing” in your “concept” which is, again, nothing new, just a host running KVM. Because, almost all the things (actually just THREE) you set to “add” to the host add ZERO security for a Whonix-Workstation as that is in any case SEPERATE FROM THE HOST. If you had read our HOMEPAGE, you’d know that. Only OpenVPN would have an effect, as to hide Tor from your ISP.

But that’s not all because:

YOUR “CONCEPT” WEAKENS ITSELF

If you go to all that extent of trying to lock out other programs, why do you then allow SELinux or AppArmor to run Tor? Why do you need it on the host? If you go to all that extent of locking down things, why leave that?

But wait, there is more! Because, and I cannot write this in a large enough font:

YOUR “CONCEPT” ACTUALLY HARMS SECURITY SEVERLY MAKING ATTACKS ON THE HOST EASIER!

You simply said “lets “lock down” everything not related to Tor/VM” right? Well, you also would lock down UPDATES! Great job! Makes the host a very easy target. And, as you probably know, once you have the host, it’s over…

I am very sorry if that was a bit mean now, but you see, I can somewhat tell when a user lacks the knowledge or ability to understand certain topics. Now, that is completely fine, we are after all here to learn. However, when a user displays not only a fundamental lack of basic knowledge, but also a massive amount of unjustified arrogance, thinks he/she has any right to tell maintainers of an OPEN project what to do and how to do it and is completely unwilling to educate him/herself, learn anything or accept the input from others, that is when even I am starting to become a bit impatient.

Have a nice day,

Ego


#11

Ego,

You do not understand anything.

Updates on the host will be allowed. And on guests.
We will not block the tor-traffic only on the host (and OpenVPN).

No one will use the host, they will not even see it. So no need “super hardware protections”. And we will not use Tor on the host.

USB-disks are blocked. The problem is solved.


#12

Patrick,

What do you think about the project?


#13

My initiative ^^


#14

In addition, we will remove DE from GateWay.
Users will see: “Enter login:”.
Everything will work in the background.

Or they will see image:
“Do not touch anything here!” and red skulls with bones (tolerant variant).


#15

Good day,

Why isn’t that included in your “concept” then? Are you saying it wasn’t written properly? Because if you write “Everything”, you should mean everything. Otherwise YOU ARE WRONG.

Your “concept” talks about Tor as an Application via AppArmor/SELinux. Please look at the image you uploaded before claiming anything else.

Great joke. Because no attacker would ever plug in a USB device, attack via Ethernet, SD-Card, etc. Or attack the host in any other way. Just because you cannot see the host, doesn’t mean it isn’t there. It can (and will) still be attacked. Simple as that.

Why isn’t that in your “concept” then? That’s the question you should maybe consider thinking about. Perhaps because you have no idea how real concepts for real security systems are made? Because that is the case.

Because with designs there is a simple rule: If you don’t include it, you can’t claim that it will be there.

And you did not include blocking USB. Simple as that.

Right. So what you are saying is that on the Gateway we should have a policie of:

  • Do not update.
  • Do not use the Gateway for a Hidde Service.
  • Do not use the Gateway for Tor specific settings.
  • Do not in any way even think about using bridges.
  • Do not use it to Restart, Reload or otherwise modify your connections.
  • Do not use Arm to analyze your traffic.

Please just spent FIVE MINUTES to at least look at what the Gateway does. There is a reason we show it. It is required for a major amount of Whonix’s features and if a user wouldn’t see it with a DE, he would have a much harder time adding bridges to access Tor in areas which prohibit it, as well as providing hidden services and many other things.

Adding to that, what about the kernel? What about your previous opinion on that? Or any of the other things you apperantly ignored in my previous post. Are you perhaps not able to reply to those because you either don’t know how or you already realized you are wrong?

Have a nice day,

Ego


#16

Lana:

Patrick,

What do you think about the project?

@Ego is doing a good and patient job replying here. Since I am busy and
have nothing to add to it, I am not replying here. (Or in any similar
thread in a similar situation.)


#17

Ego,

Stop being justified.

We will forbid everything and will resolve only some things. (hardware)
+temp enables

You’re finding fault with the little things.
Image - Prototype of the concept.

You did not understand anything about Gateway.
Updates are allowed.
Professionals can change options. And noobs cant.
Our OS will automatically bypass the gov- and company-firewalls and similar things.


#18

Good day,

I am guessing that is a typo, as anything else would make even less sense.

There are no “little things” when it comes to security. Especially since there are alternatives. After over three decades of cryptography, a “Prototype of the concept” MUST cover everything AND be BETTER then what is available at the moment.

If you want this to truly be a reality you HAVE TO be MUCH BETTER then Qubes and cover ALL SITUATIONS in your protoype. Otherwise it isn’t worth anything.

Really? Cause I use it. And you wrote:

You must have a clear position. Don’t change your opinion litterally every post.

How?

There is a reason bridges change daily and ARE NOT AUTOMATED but distributed via mail and social media.

If you find a way to automatically bypass advanced censorship meassures which require bridges, you’d be smarter than thousand of CS, cryptography and censorship experts around the planet.

Have a nice day,

Ego


#19

I appreciate your efforts to educate @Lana. @Ego

A s long as you enjoy it, keep doing it. @Ego

I am however not sure @Lana is trolling.

meek seems to work quite good atm, however it has its issues. (Security: all traffic going through amazon or google. Costs: too expensive to enable for everyone.)

Snowflake - work in progress - seems to squash these issues.

It’s not perfect, but it looks like a perfect concept (meaning expensive to block, i.e. “block amazon, google”) seems doable.


#20

CPU model and capabilities.
Qubes: Not hidden.
VirtualBox: Not hidden.
KVM: Hidden


#21

Ego trolls me.

He doesn’t understand what a prototype and concept is.
He treats everything in his own way.
Maybe he’s drinking.