What distro are you using?
Mon, Feb 18
Other imporvements in this thread such as functioning SMTP gateways are also part of this ticket:
God for the time being, if anyone wants to add more there is an outline of what procedures can be done, to add to.
Looks like nothing more to do here.
Since grsecurity is not a thing anymore, closing this as invalid.
Sat, Feb 16
I also noticed the file "~/.tb/first-boot-home-population.done" which suggests that whonix does something on first boot
Fri, Feb 15
To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).
Thu, Feb 14
Sat, Feb 9
Sun, Feb 3
I am slow to review this. Finally got to it. More feedback here:
Sat, Feb 2
I created a user documentation page explaining this feature and when to use it for users to understand.
Not only relevant for retroshare.
Moved to xfce so past comment is irrelevant. Will test Zulu after moving to Buster and add if it works.
@Patrick Was this only relevant for Retroshare?
The concept was documented for operational use. Auto Guard de-duplication considered too complex to deploy and manual checking is enough.
Mixmaster is not present in Buster BTW
Looks like someone beat us to it:
Ready to close if happy.
Middle of the range solution. How does this sound? Confirmed it falls within the private address CIDR:
Thu, Jan 31
My advice is to use a private address range reserved for this purpose by IANA. These will never be used in the future by anyone. Sine we use 10.x.x.x and moved away from 192.x.x.x, this leaves 172.x.x.x
172.16.0.0 – 172.31.255.255
Whonix doesn't ship a list of these.
Jan 23 2019
Use SSL and apt-cacher-ng also during genmkfile inside cowbuilder.
Jan 22 2019
With TPO infrastructure using onions, its now a good idea to switch tb-updater to check for version info and downloads to these more secure mirrors.
Jan 21 2019
Building initiates. I had these deps installed anyhow. Unpinning the CPU resolved some early build error, but now it craps out at RAW image creation. Not really related to your inquiry.
This is now in stretch-testers repository.
Jan 20 2019
postpone to Whonix 15 since cryptsetup has initramfs hooks (small chance of regressions)
Jan 19 2019
Jan 18 2019
Jan 16 2019
Jan 15 2019
Jan 13 2019
Seems so. This one is a context menu option or commandline but it supports a lot more stuff than the original and it pulls in other specialized tools to do the work.
Jan 12 2019
[quote="HulaHoop, post:8, topic:6533, full:true"]
unrar-free is redundant because it supports a smaller feature-set of unar
Jan 11 2019
Onionshare is in Buster.
Jan 6 2019
Jan 4 2019
Done. You can close this ticket once you agree with edits.
Jan 3 2019
What does it mean to “distrust the infrastructure”?
A core tenet of the Qubes philosophy is “distrust the infrastructure,” where “the infrastructure” refers to things like hosting providers, CDNs, DNS services, package repositories, email servers, PGP keyservers, etc. As a project, we focus on securing endpoints instead of attempting to secure “the middle” (i.e., the infrastructure), since one of our primary goals is to free users from being forced to entrust their security to unknown third parties. Instead, our aim is for users to be required to trust as few entities as possible (ideally, only themselves and any known persons whom they voluntarily decide to trust).
Users can never fully control all the infrastructure they rely upon, and they can never fully trust all the entities who do control it. Therefore, we believe the best solution is not to attempt to make the infrastructure trustworthy, but instead to concentrate on solutions that obviate the need to do so. We believe that many attempts to make the infrastructure appear trustworthy actually provide only the illusion of security and are ultimately a disservice to real users. Since we don’t want to encourage or endorse this, we make our distrust of the infrastructure explicit.
Jan 2 2019
Dec 28 2018
From this size comparison on Debian wiki, I think the best and most secure option is the smallest and most minimal one: micro-httpd
Dec 22 2018
We still have the warning on https://www.whonix.org/wiki/Onion_Services.
onion V3 (repo,website,forum…) reported from different sources is down.
Dec 18 2018
Dec 17 2018
GNU-Social i had an account in it:
This is done now:
Dec 15 2018
onion service name must be 16 characters long - can't reach Whonix onion repository