Page MenuHomePhabricator

Whonix Image Quick Refresh
Open, NormalPublic

Description

Idea that needs to be thought through.

Sane to rebuild the same Whonix version git tag? Just re-build and re-upload?

Advantages:

  • an easy, doable way to create "fresher" official Whonix stable downloads

This would be updated:

  • updated packages from packages.debian.org
    • this will be automatically the case (since we're not building from snapshot.debian.org)
  • updated Tor Browser
    • user/developer that rebuilds needs to set tbb_version which is already supported by package tb-updater
    • just need to make sure that environment variable is passed from the build script to the update-torbrowser script

The following things would not be done:

  • call for testers
  • write release announcement
  • update version numbers

...which would safe a lot maintenance work.

Disadvantages:

  • There would be multiple official ova / iso versions of Whonix stored by different people. Same version number but different hashes and different software versions (packages.debian.org, deb.torproject.org, Tor Browser) but same Whonix software versions.
  • Somewhat nontransparent.

Non-Issues:

  • gpg signature verification. Since creation of gpg signatures (and sanity tests) are automated users can always verify gpg signatures.

Details

Impact
Normal

Event Timeline

Patrick triaged this task as Normal priority.Sat, Mar 21, 12:00 PM
Patrick created this task.