This is a point release.

Download Whonix for VirtualBox:

Alternatively, in-place release upgrade is possible.

Please Donate!

Please Contribute!

This release would not have been possible without the numerous supporters of Whonix!

Notable Changes

• Whonix-Workstation
  • install Monero GUI by default in Whonix-Workstation
  • add links to search engines to whonix-welcome-page
  • upgraded Tor Browser
• Whonix-Gateway
  • fix some anon-connection-wizard “unknown connection tag” messages
  • add new command line tools onion-grater-add / onion-grater-remove which will allow to simplify instructions that require onion-grater configuration changes
  • split most of /usr/share/tor/tor-service-defaults-torrc into /etc/torrc.d drop-in configuration snippets
  • upgraded Tor
• VirtualBox
  • workaround VirtualBox screen resolution too small by default bug
  • make screen resolution 1920x1080 by default for all VMs
  • 3 virtual CPU cores by default. No longer 4 virtual CPU cores by default. This can improve stability. (ticket)
  • upgrade guest addition to VirtualBox 6.1.6
  • enable Debian stable-updates repository by default
  • consolidating Whonix packages
  • install fewer unnedded packages (such as rsyslog, see details)
• Hide verbose output messages during boot. This speeds up the boot. Logs still available in journal.
• Disable proc-hidepid due to pkexec issues.
• change desktop background images to make it harder to confuse Whonix-Gateway for Whonix-Workstation and vice versa
• remove command-not-found from default package installation, since not working out of the box, causing confusing error messages. Not compatible with apt speedup. (Speeding up "apt update" with Acquire::Languages=none and Contents-deb::DefaultEnabled=false - It's so much faster!) See instructions on how to use command-not-found.
• no longer depend on logrotate
• Consistent parsing of /usr/local/etc/name.d for applications by whonix that also parse /etc/name.d. Parsing /rw/config/name.d is still possible for compatibility but will be deprecated.
• fix adduser / no longer writing to /nonexistent
• set environment variable QMLSCENE_DEVICE=softwarecontext (in VirtualBox, and after upgrades in KVM too) to workaround VM specific monero bug
• packages by packages.debian.org upgraded
• other development news
  • Whonix Development News
  • progress on Whonix-Host development

Full difference of all changes

https://github.com/Whonix/Whonix/compare/15.0.0.9.4-developers-only...15.0.1.3.4-developers-only

About Whonix

Whonix is being used by Edward Snowden, journalists such as Micah Lee, used by the Freedom of the Press Foundation and Qubes OS. It has a 8 years history of keeping its users safe from real world attacks. [1]

The split architecture of Whonix relies on leveraging virtualization technology as a sandbox for vulnerable user applications on endpoints. This is a widely known weakness exploited by entities that want to circumvent cryptography and system integrity. Our Linux distribution come with a wide selection of data protection tools and hardened applications for document/image publishing and communications. We are the first to deploy tirdad, which addresses the long known problem of CPU activity affecting TCP traffic properties in visible ways on the network and vanguards, an enhancement for Tor produced by the developers of Tor, which protects against guard discovery and related traffic analysis attacks. Live Mode was recently added. We deliver the first ever solutions for user behavior masking privacy protections such as Kloak. Kloak prevents websites from recognizing who the typist is by altering keystroke timing signatures that are unique to everyone.

In the future we plan to deploy a hardened Linux kernel with the minimal amount of modules needed to get the job done, an apparmor profile for the whole system, as well as LKRG, the Linux Kernel Runtime Guard.

[1]

• https://twitter.com/Snowden/status/1165607338973130752 [archive]
• https://twitter.com/snowden/status/781495273726025728 [archive]
• https://twitter.com/Snowden/status/1175435436501667840 [archive]
• Micah Lee, Journalist and Security Engineer at The Intercept and Advocate for Freedom of the Press, Developer of OnionShare and Tor Browser Launcher. [archive]
• SecureDrop Journalist Workstation environment for submission handling is based on Qubes-Whonix [archive]
• History
• Whonix - Wikipedia [archive]
• https://www.qubes-os.org [archive]
• Whonix Protection against Real World Attacks

Thank you dear Patrick for your hard work! Runs perfectly!

ef86

We appreciate your and the team’s ongoing work!!

A post was merged into an existing topic: Whonix / Kicksecure 15.0.1.4.8 - for VirtualBox - Testers Wanted!