An interesting product that triggers a system wipe if the cable is pulled:
Tue, Jan 7
Tue, Dec 24
Any attempted access of /boot would be logged the same way anyway although it might be good to use that to stop it from showing up in aa-logprof.
Would an audit denyrule for /boot be useful for the sake of audit?
/boot isn't allowed in init-systemd anyway so we don't need to add it to dangerous-files. Apparmor denies access to files that aren't explicitly allowed. The only reason we need to blacklist /lib/modules and not /boot is because we give access to all libraries.
Still need to add /boot to https://github.com/Whonix/apparmor-profile-everything/blob/master/etc/apparmor.d/abstractions/dangerous-files? Currently cannot find it there.
Mon, Dec 23
/boot/ is already unreadable.
Dec 7 2019
Dec 5 2019
Nov 25 2019
Nov 16 2019
Nov 6 2019
This was done. If not, please create specific tickets where it isn't done.
Oct 15 2019
Oct 13 2019
Analysis by Cyrus cited here for completion:
Oct 7 2019
An alternative proposal for editing ISNs without involving the kernel:
Oct 6 2019
Implemented for some time now.
Reported build failures:
When an implementation is decided, let's decide if we can include this in security-misc for use on Linux hosts and Kicksecure. We would need some way in detecting the active NIC since on wireless systems wlan0 is the interface of choice and not eth0
tc-netem is a utility that is part of the iproute2 package in Debian. It leverages functionality already built into Linux and userspace utilities to simulate networks including packet delays and loss.
Apr 23 2019
Apr 6 2019
Apr 5 2019
@Patrick What is the status of integration? Since we have kloak this is also a great defense to have. There is a script on there for packing as a deb:
Mar 28 2019
release kloak v0.2
Mar 1 2019
Many code enhancements were recently added by its author.
Feb 15 2019
To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).
Feb 14 2019
Jan 23 2019
Jan 22 2019
With TPO infrastructure using onions, its now a good idea to switch tb-updater to check for version info and downloads to these more secure mirrors.
Dec 9 2018
Dec 7 2018
Nov 20 2018
Oct 13 2018
We can now grab the browser tarball from the TPO onion instead which makes this ticket obsolete. Close if you concur.
Oct 1 2018
Sep 20 2018
Sep 6 2018
This should be fixed by default in the next build.
linking to forum:
Aug 15 2018
Aug 10 2018
He was busy those past few months and thought there was no interest. @Patrick Expect a new release this coming week.
Aug 9 2018
Aug 8 2018
Why not ping him first? Its a waste of good work otherwise.
Aug 7 2018
Aug 3 2018
Jul 24 2018
Jul 21 2018
Created [way to find out name of gateway from witin VM - qubesdb-read /qubes-gateway-name](https://github.com/QubesOS/qubes-issues/issues/4117) for it.
Jul 18 2018
The easiest way would be to have a new entry for qubesdb-read, in addition to qubes-gateway which holds the IP address.
Something like qubesdb-read /qubes-gateway-name.
Jul 17 2018
For the time being, the vm's whonix gateway is hard coded in two files, the one watching and sending sdwdate satus and the one sending the shutdown notification.
What happens in case of multiple Whonix-Gateway ProxyVMs? I.e. in case of sys-whonix, sys-whonix-two, etc.? How would anon-whonix-two know it has to connect to sys-whonix-two?
Jul 16 2018
Jul 14 2018
We have now a DNS Certification Authority Authorization (CAA) Policy.
Jul 9 2018
From sdwdate log. Clock was right but I got this using a bridge.
Same as T84#14765.
Jul 7 2018
Have run the fuzzer unit test simultaneously in sys-whonix and five anon-vm.