[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Whonix VirtualBox 15.0.0.8.7 - Testers Wanted! - vanguards; TCP ISN Leak Protection; Extensive Hardening! 🔥

Testers Wanted!

Download the Testers-Only version of Whonix for VirtualBox:


Alternatively, in-place release upgrade is possible upgrade using Whonix testers repository.


Highlights


This release would not have been possible without the numerous supporters of Whonix!


Please Donate!


Please Contribute!


Notable Changes


Full difference of all changes

diff too large for github to show, therefore split into two:


About Whonix

Whonix is being used by Edward Snowden, journalists such as Micah Lee, used by the Freedom of the Press Foundation and Qubes OS. It has a 7 years history of keeping its users safe from real world attacks. [1]

The split architecture of Whonix relies on leveraging virtualization technology as a sandbox for vulnerable user applications on endpoints. This is a widely known weakness exploited by entities that want to circumvent cryptography and system integrity. Our Linux distribution come with a wide selection of data protection tools and hardened applications for document/image publishing and communications. We are the first to deploy tirdad, which addresses the long known problem of CPU activity affecting TCP traffic properties in visible ways on the network and vanguards, an enhancement for Tor produced by the developers of Tor, which protects against guard discovery and related traffic analysis attacks. Live Mode was recently added. We deliver the first ever solutions for user behavior masking privacy protections such as Kloak. Kloak prevents websites from recognizing who the typist is by altering keystroke timing signatures that are unique to everyone.

In the future we plant to deploy a hardened Linux kernel with the minimal amount of modules needed to get the job done, an apparmor profile for the whole system, as well as LKRG, the Linux Kernel Runtime Guard, which kills whole classes of kernel exploits.


[1]

5 Likes

Hi! I saw on Whonix Gateway the “tor Arm” i cannot find. Recommend install it by apt-get tor-arm ?

Thank You Very Good Work

Arm deprecated name , the new name for the same tool is nyx.

2 Likes

One issue was reported in the VirtualBox version. Whonix-Gateway cannot upgrade. The kernel upgrade freezes the VM. Likely a too low default RAM issue. Related:


2 Likes

Yes. Even reducing DKMS parallel_jobs=1 does not help.

Had to increase Whonix-Gateway to 1280 MB. Otherwise VirtualBox guest additions kernel modules would fail to compile.

Related:

2 Likes

Hi all. I am get this Error when try open “Web Browser” on Whonix XFCE Workstation.

I will do a new extraction today and test it again (maybe some failure, because I am using VMWare (Debian USB 3.0 / + USB2.0 BootKey)

Interesting. I didn’t expect that using a different virtualizer could result in that specific issue. This issue doesn’t happen in VirtualBox.

VMware is unsupported. Therefore won’t fix.

2 Likes

Attention. I am not Using Whonix on VMWARE.
Use Debian in VMWARE and than Run Virtual box (on Debian environment) and yes Whonix (VirtualBox)!
Hell MAchine :slight_smile:

I see.

Nested virtualization is rather unpopular and not tested by any Whonix developers as far as I am aware. More so when mixing virtualizers (VMware + VirtualBox). You might be literally the only person in this universe doing this. I recommend to stick to more common setups of Whonix.

Also https://www.whonix.org/wiki/Free_Support_Principle might apply - would Debian XFCE in a VirtualBox VM run which itself runs nested in VMware? This might very well cause similar issues.

1 Like

I will give feedback :wink:
Until now, I am testing with “test” password with ‘sudo passwd root’
Whonix Gateway permit test password. no good :frowning:
But on user no

hellresistor via Whonix Forum:

I will give feedback :wink:
Until now, I am testing with “test” password with ‘sudo passwd root’
Whonix Gateway permit test password. no good :frowning:
Whonix Workstation not permit test password. are good. :wink:

Are you suggesting pam-cracklib?

See also:

1 Like

Yes, It’s that! :blush:

Update about “Hell VMs” are good a little slow, because of USB2.0 controller as defined on VMWare machine( Debian Host) . I am using a USB Boot key … well … I need run PLPBT.iso (boot loader image to get USB on VM). with USB 3 controller enabled box, the PLPBT.iso won’t detect USB :wink: (VM into VM into VM into … :crazy_face: :crazy_face: )

Update:

I am using this Version!

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]