Page MenuHomePhabricator
Feed All Stories

Mar 22 2020

onion_knight2 added a comment to T910: anti-forensics / amnesia testing of Whonix-Host in Live mode.

Whonix Live ISO runs without an HDD.
I am not sure what you want to test here? Please precise.

Mar 22 2020, 7:53 PM · Whonix 15, Whonix-Host, Whonix
Patrick reopened T950: set kernel.printk sysctl to prevent kernel info leaks as "Open".

Not fully fixed.

Mar 22 2020, 7:47 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick added a comment to T910: anti-forensics / amnesia testing of Whonix-Host in Live mode.

This ticket was written at a time when there was only grub-live. I.e. install Whonix on hardware (or Debian + grub live). Boot in live mode. Test if that works. If yes, take an hdd image. Boot again into live mode. Then take another hdd image. Compare these hdd images. Do they 100% match or are there differences? Differences: something wrong. No differences: that would be nice.

Mar 22 2020, 6:19 PM · Whonix 15, Whonix-Host, Whonix
Patrick updated the task description for T942: Whonix Host Firewall for Whonix Host.
Mar 22 2020, 6:15 PM · Whonix 15, security, Whonix, Whonix-Host
onion_knight2 added a comment to T910: anti-forensics / amnesia testing of Whonix-Host in Live mode.

Do you mean: starting an installed version in live-mode (not tested, not supported yes) or starting a Whonix-Host iso file?

Mar 22 2020, 6:07 PM · Whonix 15, Whonix-Host, Whonix
onion_knight2 added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Sub pages or sub chapters of 1 wiki page?

Mar 22 2020, 6:02 PM · Whonix 15, Whonix-Host, Whonix
Patrick changed the status of T929: Whonix XFCE Wallpaper / Background Image from Open to testing-in-next-build-required.

https://forums.whonix.org/t/whonix-host-calamares-branding-suggestion/7772/31

Mar 22 2020, 12:52 PM · Whonix 15, Whonix-Host, whonix-xfce-desktop-config, Whonix
Patrick closed T950: set kernel.printk sysctl to prevent kernel info leaks as Invalid.

Thanks!

Mar 22 2020, 12:48 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc

Mar 21 2020

madaidan added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

This issue is fixed now due to the quiet boot parameter. kernel.printk=3 3 3 3 isn't needed anymore.

Mar 21 2020, 6:55 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick triaged T974: Whonix Images Quick Rebuild as Normal priority.
Mar 21 2020, 12:00 PM · Whonix-Host, Whonix, Whonix 15
Patrick edited projects for T904: Whonix-Host Swap Considerations - Swap Partition vs Swap File vs No Swap By default, added: Whonix 16; removed Whonix 15.

Whonix-Host considerations:

Mar 21 2020, 11:48 AM · Whonix 16, Whonix-Host, Whonix
Patrick renamed T942: Whonix Host Firewall for Whonix Host from polish Whonix Host Firewall for Whonix Host to Whonix Host Firewall for Whonix Host.
Mar 21 2020, 11:44 AM · Whonix 15, security, Whonix, Whonix-Host
Patrick closed T908: copy Whonix VM images to Whonix-Host and set up during build as Invalid.

We actually ended up using Whonix KVM and placing images to:

Mar 21 2020, 11:44 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick updated the task description for T908: copy Whonix VM images to Whonix-Host and set up during build.
Mar 21 2020, 11:42 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick updated subscribers of T908: copy Whonix VM images to Whonix-Host and set up during build.
Mar 21 2020, 11:42 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick added a project to T904: Whonix-Host Swap Considerations - Swap Partition vs Swap File vs No Swap By default: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 16, Whonix-Host, Whonix
Patrick added a project to T908: copy Whonix VM images to Whonix-Host and set up during build: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 15, build, VirtualBox, Whonix-Host, Whonix
Patrick added a project to T910: anti-forensics / amnesia testing of Whonix-Host in Live mode: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 15, Whonix-Host, Whonix
Patrick added a project to T928: install xfce4-power-manager on Whonix Host and Kicksecure Host: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 15, whonix-libvirt, live-mode, Whonix-Host, Whonix
Patrick edited projects for T929: Whonix XFCE Wallpaper / Background Image, added: Whonix 15; removed Whonix 16.
Mar 21 2020, 11:39 AM · Whonix 15, Whonix-Host, whonix-xfce-desktop-config, Whonix
Patrick added a project to T942: Whonix Host Firewall for Whonix Host: Whonix 15.
Mar 21 2020, 11:39 AM · Whonix 15, security, Whonix, Whonix-Host
Patrick updated the task description for T942: Whonix Host Firewall for Whonix Host.
Mar 21 2020, 11:34 AM · Whonix 15, security, Whonix, Whonix-Host
Patrick added a project to T969: instructions how to burn Whonix-Host ISO image to DVD or USB: Whonix 15.
Mar 21 2020, 11:33 AM · Whonix 15, Whonix-Host, Whonix
Patrick updated the task description for T958: Write VirtualBox Screen Resolution Bug Report.
Mar 21 2020, 11:31 AM · C Code, upstream, bug, Whonix 15, VirtualBox, Whonix
Patrick changed the status of T970: Whonix-Host hash, gpg, signify, torrent, signature creation script from Open to testing-in-next-build-required.
Mar 21 2020, 11:30 AM · Whonix 15, Whonix, Whonix-Host
Patrick added a comment to T964: mediawiki fixes #3.

is that visually ok? Requires only one piece of css and one js

Mar 21 2020, 11:06 AM · website, Whonix
Patrick updated the task description for T973: merge duplicate wiki pages?.
Mar 21 2020, 5:33 AM · Whonix, user documentation
Patrick triaged T973: merge duplicate wiki pages? as Normal priority.
Mar 21 2020, 5:33 AM · Whonix, user documentation
JasonJAyalaP added a comment to T964: mediawiki fixes #3.

is that visually ok? Requires only one piece of css and one js

Mar 21 2020, 12:44 AM · website, Whonix

Mar 19 2020

Patrick added a member for WATS: Patrick.
Mar 19 2020, 1:03 PM
Patrick added a member for WATS: mycobee.
Mar 19 2020, 1:03 PM
Patrick empowered mycobee as an administrator.
Mar 19 2020, 1:00 PM
Patrick created WATS.
Mar 19 2020, 12:59 PM

Mar 18 2020

Patrick updated subscribers of T964: mediawiki fixes #3.

remove blockquote extraneous newlines

add this css:

blockquote {
    white-space: inherit;
}

Is that the behavior you expect? I added a third test.

Mar 18 2020, 9:23 AM · website, Whonix
JasonJAyalaP added a comment to T964: mediawiki fixes #3.

mobile menu
is JS an option?

Mar 18 2020, 4:18 AM · website, Whonix

Mar 17 2020

JasonJAyalaP added a comment to T964: mediawiki fixes #3.

remove blockquote extraneous newlines

Mar 17 2020, 11:36 PM · website, Whonix
JasonJAyalaP added a comment to T964: mediawiki fixes #3.

merge template footer into real footer

Mar 17 2020, 11:27 PM · website, Whonix
Patrick updated the task description for T906: encrypt Whonix-Host disk after first boot of Whonix-Host.
Mar 17 2020, 6:13 PM · Whonix, Whonix-Host
Patrick renamed T906: encrypt Whonix-Host disk after first boot of Whonix-Host from encrypt Whonix-Host disk after first boot to encrypt Whonix-Host disk after first boot of Whonix-Host.
Mar 17 2020, 6:12 PM · Whonix, Whonix-Host
Patrick renamed T907: resize Whonix-Host disk at first boot of Whonix-Host from resize disk image at first boot of Whonix Host to resize Whonix-Host disk at first boot of Whonix-Host.
Mar 17 2020, 6:12 PM · Whonix-Host, Whonix
Patrick added a subtask for T909: installing Whonix-Host without installer (calamares): T907: resize Whonix-Host disk at first boot of Whonix-Host.
Mar 17 2020, 6:10 PM · user documentation, Whonix, Whonix-Host
Patrick added a parent task for T907: resize Whonix-Host disk at first boot of Whonix-Host: T909: installing Whonix-Host without installer (calamares).
Mar 17 2020, 6:10 PM · Whonix-Host, Whonix
Patrick added a parent task for T906: encrypt Whonix-Host disk after first boot of Whonix-Host: T909: installing Whonix-Host without installer (calamares).
Mar 17 2020, 6:09 PM · Whonix, Whonix-Host
Patrick added a subtask for T909: installing Whonix-Host without installer (calamares): T906: encrypt Whonix-Host disk after first boot of Whonix-Host.
Mar 17 2020, 6:09 PM · user documentation, Whonix, Whonix-Host
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 17 2020, 6:08 PM · user documentation, Whonix, Whonix-Host
Patrick added a comment to T906: encrypt Whonix-Host disk after first boot of Whonix-Host.

This ticket is only useful if we go for T909. I will update the ticket descriptions now.

Mar 17 2020, 6:07 PM · Whonix, Whonix-Host
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 17 2020, 6:07 PM · user documentation, Whonix, Whonix-Host
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Do you know how to run calamares hook scripts? I think I saw this before but I can't find it anymore. Or we have to invent our own mini calamares module similar to how package calamares-settings-debian invented new calamares modules?

Mar 17 2020, 2:25 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

That sounds good!

Mar 17 2020, 1:29 PM · Whonix 15, Whonix-Host, Whonix
Patrick renamed T904: Whonix-Host Swap Considerations - Swap Partition vs Swap File vs No Swap By default from make sure there is no swap by default to Whonix-Host Swap Considerations - Swap Partition vs Swap File vs No Swap By default.
Mar 17 2020, 1:25 PM · Whonix 16, Whonix-Host, Whonix
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

I don't know. Not implemented yet. Currently installed (persistent) Whonix-Host does not have live-boot option.

Mar 17 2020, 1:19 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a project to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on: Whonix 15.
Mar 17 2020, 1:14 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

https://www.whonix.org/wiki/Whonix-Host is probably a good place to write all documentation.

Mar 17 2020, 1:10 PM · Whonix 15, Whonix-Host, Whonix
onion_knight2 added a comment to T906: encrypt Whonix-Host disk after first boot of Whonix-Host.

Should we consider closing this task since Calamares installer provides the option of full disk encryption?

Mar 17 2020, 12:59 PM · Whonix, Whonix-Host
Patrick triaged T970: Whonix-Host hash, gpg, signify, torrent, signature creation script as Normal priority.
Mar 17 2020, 12:18 PM · Whonix 15, Whonix, Whonix-Host
Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Not sure. For now just https://www.whonix.org/wiki/Whonix-Host to get started.

Mar 17 2020, 10:01 AM · Whonix 15, Whonix-Host, Whonix

Mar 16 2020

onion_knight2 added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Where do you want me to write the documentation? In the Whonix wiki?

Mar 16 2020, 9:51 PM · Whonix 15, Whonix-Host, Whonix
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

I think that is only here:
https://github.com/Whonix/Whonix/blob/master/build-steps.d/1800_copy_vms_into_raw#L35

Mar 16 2020, 4:47 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick assigned T969: instructions how to burn Whonix-Host ISO image to DVD or USB to onion_knight2.
Mar 16 2020, 8:27 AM · Whonix 15, Whonix-Host, Whonix
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

I agree that a solution would probably to run some kind of script at the end of the Calamares installtion to revert ro to rw.

Mar 16 2020, 8:22 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

There are two read-only parameters:

Mar 16 2020, 12:20 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

Mar 15 2020

onion_knight2 added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

I could help with this task once it's ready (soon hopefully).

Mar 15 2020, 10:07 PM · Whonix 15, Whonix-Host, Whonix
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

I guess images will be set to kvm images read-only when booted in live iso mode (and probably live mode too). But once installed, images are still set to live mode. That would be probably kvm images read-only is set when run in iso live mode, cached in RAM and then installed to local disk?

Mar 15 2020, 9:45 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Good catch! Merged.

Mar 15 2020, 9:13 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Fixed by adding

Mar 15 2020, 5:22 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

I added whoami in the script and it confirmed it runs as root.

Mar 15 2020, 4:44 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Yes, it should be run by root. Maybe it is run by root but somehow the changes don't take place as they should. More debugging could help.

Mar 15 2020, 3:09 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Pretty sure it is run by root.

Mar 15 2020, 2:37 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

It seems that https://github.com/Whonix/whonix-libvirt/blob/master/usr/lib/whonix-libvirt/live-mode-to-read-only is not ran by root. Thus it cannot get the virsh list --all (returns void) nor change the VM xml configuration file.

Mar 15 2020, 1:51 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

Mar 13 2020

Patrick added a comment to T909: installing Whonix-Host without installer (calamares).

It is possible to automatize grml-debootstrap with full-disk encryption. Nothing too hard. I could hack together a semi-working bash script after a couple of hours of online documentation.

Mar 13 2020, 7:49 AM · user documentation, Whonix, Whonix-Host

Mar 12 2020

onion_knight2 added a comment to T909: installing Whonix-Host without installer (calamares).

It is possible to automatize grml-debootstrap with full-disk encryption. Nothing too hard. I could hack together a semi-working bash script after a couple of hours of online documentation.

Mar 12 2020, 11:26 PM · user documentation, Whonix, Whonix-Host
Patrick added a project to T929: Whonix XFCE Wallpaper / Background Image: Whonix-Host.
Mar 12 2020, 3:14 PM · Whonix 15, Whonix-Host, whonix-xfce-desktop-config, Whonix
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 12 2020, 2:52 PM · user documentation, Whonix, Whonix-Host
Patrick triaged T969: instructions how to burn Whonix-Host ISO image to DVD or USB as Normal priority.
Mar 12 2020, 2:51 PM · Whonix 15, Whonix-Host, Whonix
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 12 2020, 2:47 PM · user documentation, Whonix, Whonix-Host
Patrick renamed T909: installing Whonix-Host without installer (calamares) from instructions how to copy Whonix Host image to disk to installing Whonix-Host without installer (calamares).
Mar 12 2020, 2:46 PM · user documentation, Whonix, Whonix-Host
Patrick added a comment to T909: installing Whonix-Host without installer (calamares).

No disk encryption?

Mar 12 2020, 2:45 PM · user documentation, Whonix, Whonix-Host
onion_knight2 added a comment to T909: installing Whonix-Host without installer (calamares).

No disk encryption?

Mar 12 2020, 10:13 AM · user documentation, Whonix, Whonix-Host
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 12 2020, 9:40 AM · user documentation, Whonix, Whonix-Host
Patrick updated subscribers of T909: installing Whonix-Host without installer (calamares).
Mar 12 2020, 9:40 AM · user documentation, Whonix, Whonix-Host
Patrick updated the task description for T909: installing Whonix-Host without installer (calamares).
Mar 12 2020, 9:39 AM · user documentation, Whonix, Whonix-Host
Patrick changed the status of T928: install xfce4-power-manager on Whonix Host and Kicksecure Host from Open to testing-in-next-build-required.

https://github.com/Whonix/anon-meta-packages/commit/9550d47959e37cb8cca508e169c121dc65cde342

Mar 12 2020, 9:34 AM · Whonix 15, whonix-libvirt, live-mode, Whonix-Host, Whonix
Patrick updated the task description for T928: install xfce4-power-manager on Whonix Host and Kicksecure Host.
Mar 12 2020, 9:30 AM · Whonix 15, whonix-libvirt, live-mode, Whonix-Host, Whonix
Patrick changed the status of T919: Whonix Live Branding from Open to testing-in-next-build-required.

https://forums.whonix.org/t/whonix-host-calamares-branding-suggestion/7772/8

Mar 12 2020, 9:29 AM · Whonix, live-mode
Patrick closed T819: persistent / live mode indicator systray - graphical indication on the desktop that system is running in live mode vs persistent mode as Resolved.
Mar 12 2020, 9:29 AM · live-mode, Whonix
Patrick lowered the priority of T907: resize Whonix-Host disk at first boot of Whonix-Host from Normal to Wishlist.
Mar 12 2020, 9:12 AM · Whonix-Host, Whonix

Mar 11 2020

Patrick triaged T968: Bullseye: live-boot needs GRUB_DISABLE_LINUX_UUID="true" parameter in /etc/grub.d/11_linux_live as Normal priority.
Mar 11 2020, 2:14 PM · Debian version 11 codename Bullseye, live-mode, Whonix

Mar 7 2020

Patrick changed the status of T965: install gvfs by default / fix access LUKS encrypted USB drive with Thunar from Open to Review.

Will come in Whonix 15.0.0.9.4 and above.

Mar 7 2020, 1:17 PM · Whonix 15, bug, Whonix
Patrick updated the task description for T958: Write VirtualBox Screen Resolution Bug Report.
Mar 7 2020, 1:46 AM · C Code, upstream, bug, Whonix 15, VirtualBox, Whonix

Mar 6 2020

Patrick updated subscribers of T965: install gvfs by default / fix access LUKS encrypted USB drive with Thunar.
Mar 6 2020, 5:36 PM · Whonix 15, bug, Whonix
Patrick renamed T965: install gvfs by default / fix access LUKS encrypted USB drive with Thunar from fix access LUKS encrypted USB drive with Thunar to install gvfs by default / fix access LUKS encrypted USB drive with Thunar.
Mar 6 2020, 5:35 PM · Whonix 15, bug, Whonix

Mar 5 2020

Patrick updated the task description for T964: mediawiki fixes #3.
Mar 5 2020, 3:45 PM · website, Whonix
Patrick updated the task description for T868: mediawiki fixes #2.
Mar 5 2020, 3:40 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Mar 5 2020, 3:40 PM · Whonix, website

Mar 4 2020

Patrick updated the task description for T960: hardened kernel Debian packaging and APT integration - hkapt.
Mar 4 2020, 12:25 PM · hardened-kernel, Whonix

Mar 3 2020

Patrick updated the task description for T964: mediawiki fixes #3.
Mar 3 2020, 9:15 AM · website, Whonix
Patrick updated the task description for T964: mediawiki fixes #3.
Mar 3 2020, 9:13 AM · website, Whonix

Mar 2 2020

madaidan triaged T967: Test disabling EFI_VARS in hardened-host-kernel as Normal priority.
Mar 2 2020, 6:19 PM · hardened-kernel, Whonix

Feb 29 2020

Patrick added a comment to T634: write draft for stackable wrappers on debian-devel.
Feb 29 2020, 12:08 PM · Whonix, upstream
Patrick closed T913: bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time as Resolved.

Works well in Non-Qubes-Whonix. Solution was this one:

Feb 29 2020, 8:26 AM · whonix-base-files, live-mode, Whonix, Whonix 15