In T803#18478, @HulaHoop wrote:

@Patrick were you able to reproduce this?

https://github.com/AvANa-BBS/freepto-lb/issues/53

@Patrick were you able to reproduce this? I wasn't

He was a major dev/creator of CoyIM but not the only one.

His detailed reply:

Accepted as optional feature/usecase. Moved implementation design from protocol level to spice-gtk.

madaidan (madaidan):

madaidan added a comment.

> We need to re-check this for Whonix Host. Since it gets installed using calamares (which handles partitioning) there could be an unwanted swap partition.

I can test it for that too. Where do I download it?

Maybe there is no need. It's just when Tails has a ticket, we should
check it at Whonix too. Thank you for looking into this, too!

The way it is now looks fine. Why would it need to be changed?

We need to re-check this for Whonix Host. Since it gets installed using calamares (which handles partitioning) there could be an unwanted swap partition.

Seems quite hacky. What's the root cause for failing?

Could you please review this? @HulaHoop

Seems quite hacky. What's the root cause for failing?

Thanks for testing! Would have been surprising if there was.

madaidan (madaidan):

madaidan added a comment.

> https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

Wouldn't using a fake machine-id e.g. a bunch of zeroes fix this?

https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

In T582#18461, @madaidan wrote:

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

My pull request enables all of these except martian packet logging which I doubt would be useful on Whonix.

You can create directories in tor-browser_en-US/Browser/TorBrowser/Data/Browser/ called (profile_name).default. Here will be all the configurations for the profile. It should have a custom user.js with proxy settings using privoxy and setting network.proxy.no_proxies_on to 0.

Alternatively, you could change the home page to the program's interface e.g. 127.0.0.1:7657 for I2P and start the browser with a script that creates a popup box using zenity or similar that tells the user the information.

Maybe disable it just for package upgrades?

There is none. You can run swapon -s or cat /proc/swaps to verify.

No, I mean the upstream repository thunar-volman by XFCE developers.

• https://git.xfce.org/xfce/thunar-volman/tree/
• https://github.com/xfce-mirror/thunar-volman

madaidan (madaidan):

madaidan added a comment.

> Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

debian/thunar-volman.xml has all the default settings for auto-mounting if that's what you mean.

Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

Debian buster package thunar-volman (thunar-volman-0.9.1) contains a file debian/thunar-volman.xml

Automounting can be configured in /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.conf

More kernel hardening:
https://github.com/Whonix/security-misc/pull/5

Related thread on general kernel hardening:

Does this work for you? @tempest