Page MenuHomePhabricator
Feed Advanced Search

May 20 2017

HulaHoop added a comment to T677: research and document secure downloads using Tor Browser.

I think I found the topic you're paraphrasing which explains the limitations of HSTS:

May 20 2017, 6:59 AM · Whonix, user documentation, research, Whonix 14

May 18 2017

Patrick updated subscribers of T677: research and document secure downloads using Tor Browser.
May 18 2017, 6:17 PM · Whonix, user documentation, research, Whonix 14
Patrick created T677: research and document secure downloads using Tor Browser.
May 18 2017, 2:42 PM · Whonix, user documentation, research, Whonix 14

May 16 2017

Patrick added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

Great research! Now this needs to be documented.

May 16 2017, 5:30 PM · Whonix, user documentation, research, Whonix 14, scurl

May 9 2017

HulaHoop added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

HSTS is a server side opt-in standard meaning it can fail silently if the user does not force a request to use SSL. So its useless by itself.

May 9 2017, 6:44 PM · Whonix, user documentation, research, Whonix 14, scurl
HulaHoop added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

Could you work on this one please? @HulaHoop

May 9 2017, 5:52 PM · Whonix, user documentation, research, Whonix 14, scurl

May 8 2017

Patrick added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

add --remote-name so scurl can be used as wget replacement
https://github.com/Whonix/scurl/commit/9006429ff7f9f39ff4dc367848ff45b690957881

May 8 2017, 2:52 PM · Whonix, user documentation, research, Whonix 14, scurl

May 7 2017

Patrick added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

Could you work on this one please? @HulaHoop

May 7 2017, 3:22 PM · Whonix, user documentation, research, Whonix 14, scurl
Patrick created T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.
May 7 2017, 3:22 PM · Whonix, user documentation, research, Whonix 14, scurl

Apr 25 2017

Patrick changed the status of T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs from Open to Review.

Finally got back to Tariq.

Apr 25 2017, 8:03 PM · research, Whonix, user documentation

Apr 18 2017

HulaHoop closed T523: document identity correlation attacks and defenses / Removing Apache Recommendation as Resolved.

No :)

Apr 18 2017, 4:12 PM · Whonix 14, Whonix, user documentation, research

Apr 14 2017

Patrick added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Great! Anything else to do here?

Apr 14 2017, 1:43 PM · Whonix 14, Whonix, user documentation, research

Apr 13 2017

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

https://www.whonix.org/w/index.php?title=Hidden_Services&diff=prev&oldid=28910

Apr 13 2017, 10:10 PM · Whonix 14, Whonix, user documentation, research

Mar 26 2017

Patrick renamed T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs from resarch: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs to research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.
Mar 26 2017, 7:08 PM · research, Whonix, user documentation
Patrick changed the status of T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs from Review to Open.

Talked to Tariq.

Mar 26 2017, 5:01 PM · research, Whonix, user documentation
Patrick renamed T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs from Multi GW Documentation to resarch: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.
Mar 26 2017, 4:53 PM · research, Whonix, user documentation

Mar 14 2017

Patrick updated the task description for T523: document identity correlation attacks and defenses / Removing Apache Recommendation.
Mar 14 2017, 9:21 PM · Whonix 14, Whonix, user documentation, research

Feb 13 2017

Patrick changed the status of T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs from Open to Review.

Roger mailed Tariq. Now waiting for Tariq's reply.

Feb 13 2017, 7:42 PM · research, Whonix, user documentation

Feb 11 2017

Patrick updated the task description for T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch.
Feb 11 2017, 7:01 AM · systemd, AppArmor, research, user documentation, enhancement, Whonix, circumvention
Patrick removed a project from T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch: Whonix 14.

Not easy. Need to wait for reply from TPO.

Feb 11 2017, 7:00 AM · systemd, AppArmor, research, user documentation, enhancement, Whonix, circumvention
Patrick updated the task description for T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch.
Feb 11 2017, 6:57 AM · systemd, AppArmor, research, user documentation, enhancement, Whonix, circumvention
Patrick updated the task description for T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch.
Feb 11 2017, 6:53 AM · systemd, AppArmor, research, user documentation, enhancement, Whonix, circumvention

Feb 6 2017

Patrick added a comment to T516: document bitmask.

add option to not modify firewall rules
https://github.com/leapcode/bitmask_client/issues/1021

Feb 6 2017, 8:46 PM · Whonix, research, user documentation
Patrick updated the task description for T516: document bitmask.
Feb 6 2017, 8:40 PM · Whonix, research, user documentation

Feb 5 2017

Patrick removed a project from T516: document bitmask: Whonix 14.

vpnprocess.py error
https://github.com/leapcode/bitmask_client/issues/1020

Feb 5 2017, 9:51 PM · Whonix, research, user documentation
Patrick added a comment to T516: document bitmask.

Part 1 is now documented.

Feb 5 2017, 9:29 PM · Whonix, research, user documentation

Feb 1 2017

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Mailed Roger.

Feb 1 2017, 10:31 PM · research, Whonix, user documentation

Jan 23 2017

Patrick closed T575: KVMify https://www.whonix.org/wiki/Desktop as Resolved.
Jan 23 2017, 12:22 PM · Whonix, user documentation, KVM
Patrick assigned T575: KVMify https://www.whonix.org/wiki/Desktop to HulaHoop.
Jan 23 2017, 12:22 PM · Whonix, user documentation, KVM
HulaHoop added a comment to T575: KVMify https://www.whonix.org/wiki/Desktop.

https://www.whonix.org/w/index.php?title=Desktop&diff=prev&oldid=27954

Jan 23 2017, 1:25 AM · Whonix, user documentation, KVM

Jan 19 2017

Patrick updated subscribers of T64: document vmdk disk shrinking and expanding.
Jan 19 2017, 5:49 PM · Whonix, user documentation
Patrick updated the task description for T64: document vmdk disk shrinking and expanding.
Jan 19 2017, 5:44 PM · Whonix, user documentation

Jan 18 2017

Patrick added a project to T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch: Whonix 14.
Jan 18 2017, 6:58 AM · systemd, AppArmor, research, user documentation, enhancement, Whonix, circumvention

Jan 13 2017

Patrick closed T593: document disk image mounting of VirtualBox vmdk disks as Resolved.

This was done by @TNTBOMBOM:

Jan 13 2017, 10:40 PM · user documentation, research, Whonix, VirtualBox
Patrick assigned T593: document disk image mounting of VirtualBox vmdk disks to TNTBOMBOM.
Jan 13 2017, 10:39 PM · user documentation, research, Whonix, VirtualBox

Jan 12 2017

Patrick edited projects for T521: simplify https://www.whonix.org/wiki/Documentation, added: Whonix 15; removed Whonix 14.
Jan 12 2017, 7:27 PM · Whonix, user documentation, usability

Jan 9 2017

Patrick closed T116: document how to use TBB as "system Tor" inside Whonix-Gateway as Invalid.

Calling this a duplicate of T118.

Jan 9 2017, 12:27 PM · research, user documentation, circumvention, enhancement, Whonix
Patrick changed the status of T73: default socksification of ssh, wget, curl, etc. is confusing for local connections from Open to Review.

run this from .bashrc

Jan 9 2017, 8:34 AM · Whonix 14, user documentation, usability, Whonix
Patrick created T593: document disk image mounting of VirtualBox vmdk disks.
Jan 9 2017, 2:00 AM · user documentation, research, Whonix, VirtualBox
Patrick closed T586: look into Sandboxed Tor Browser as Resolved.

Calling this done.

Jan 9 2017, 1:45 AM · Qubes, security, user documentation, research, Whonix, Whonix 14

Jan 6 2017

TNTBOMBOM closed T453: each documentation page requires an image for previews as Resolved.
Jan 6 2017, 10:36 PM · Whonix, user documentation

Dec 27 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Talked to Roger Dingledine in person of Tor at 33c3 ccc conference. The short summary is, Roger also doesn't know what the advisable trade-off for our [single-gw multiple-ws vs multiple-gw multiple-ws mapped 1:1](https://lists.torproject.org/pipermail/tor-dev/2016-December/011720.html) question is.

Dec 27 2016, 11:43 PM · research, Whonix, user documentation

Dec 26 2016

Patrick updated the task description for T586: look into Sandboxed Tor Browser.
Dec 26 2016, 1:52 AM · Qubes, security, user documentation, research, Whonix, Whonix 14

Dec 24 2016

Patrick created T588: improve Troubleshooting / Test.
Dec 24 2016, 9:36 PM · user documentation, Whonix
HulaHoop added a comment to T580: Document recovery procedure after compromise.

Let me know the title and place and I'll put something up.

Dec 24 2016, 7:15 PM · Whonix, user documentation
Patrick created T580: Document recovery procedure after compromise.
Dec 24 2016, 1:06 AM · Whonix, user documentation

Dec 16 2016

Patrick reopened T453: each documentation page requires an image for previews as "Open".
Dec 16 2016, 10:47 PM · Whonix, user documentation

Dec 9 2016

Patrick created T575: KVMify https://www.whonix.org/wiki/Desktop.
Dec 9 2016, 10:58 PM · Whonix, user documentation, KVM

Dec 3 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

sent:
https://lists.torproject.org/pipermail/tor-dev/2016-December/011720.html

Dec 3 2016, 7:13 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Go for it.

Dec 3 2016, 4:19 PM · research, Whonix, user documentation

Dec 2 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I think we should post the long draft. I am not convinced, they are offended by longer mails / complexity. That wiki page shows, that we considered each of their sentences and made an effort to reflect on it before asking more questions.

Dec 2 2016, 3:16 PM · research, Whonix, user documentation

Nov 28 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Done. Feel free to discuss it further before posting if needed.

Nov 28 2016, 12:23 AM · research, Whonix, user documentation

Nov 27 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Is https://www.whonix.org/w/index.php?title=Dev%2FMultiple_Whonix-Workstations&type=revision&diff=26455&oldid=26415 in progress or done?

Nov 27 2016, 1:23 AM · research, Whonix, user documentation
Patrick added a project to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs: Whonix 14.
Nov 27 2016, 1:03 AM · research, Whonix, user documentation

Nov 24 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Good in principle however I want to avoid confusion.

multi-gw multi-ws -> single-g/ws 1:1

single-gw with multi-ws while recommending against running multiple VMs for activities of different trust levels / pseudonyms at the same time

Is this the setup I describe where a single ws is rolledback between different activities? If yes then this should be better described.

Nov 24 2016, 11:04 PM · research, Whonix, user documentation

Nov 22 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Good in principle however I want to avoid confusion.

Nov 22 2016, 4:27 AM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Draft ready. Please check/edit.

Nov 22 2016, 2:58 AM · research, Whonix, user documentation

Nov 11 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

OK. I'll think of something but its better if you post so he doesn't get impatient.

Nov 11 2016, 2:46 AM · research, Whonix, user documentation

Nov 9 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Before rushing such a major usability decreasing change, I want to make sure it is really well justified and we are not chasing a ghost.

Nov 9 2016, 2:57 PM · research, Whonix, user documentation

Nov 8 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Before rushing such a major usability decreasing change, I want to make
sure it is really well justified and we are not chasing a ghost.

Nov 8 2016, 3:10 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I will post the new usage advice on the KVM page because some applies for a simple setup.

Nov 8 2016, 1:58 PM · research, Whonix, user documentation

Nov 6 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

HulaHoop added a comment.

For multi-gw setups it might be theoretically an option to have
them manually use the same Tor entry guard?

The solution is much simpler than you imagine. A user would simply
clone the original GW VM after its started and chosen its guard so
they have the same one.

Nov 6 2016, 1:32 AM · research, Whonix, user documentation

Nov 5 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

For multi-gw setups it might be theoretically an option to have them manually use the same Tor entry guard?

Nov 5 2016, 4:51 PM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

HulaHoop added a comment.

Nice. The Tor guys took notice.

ontopic: While DNS and HS desc caching is one of the things. The original reply implies there are still many other problems - some known and possibly some unknown unknowns. To be absolutely safe we should still recommend for multi-setup with gw snapshots as a catch-all. Inconvenient? yes but better safe than sorry.

> - Caching of DNS, HS descriptors, preemptive circuits, etc.
> - VMs can leak other VM's guards and even entire circuits
>   - easily without a control port filter
>   - perhaps some discovery attacks even with a filter

TASK DETAIL

https://phabricator.whonix.org/T567

EMAIL PREFERENCES

https://phabricator.whonix.org/settings/panel/emailpreferences/

To: HulaHoop
Cc: Patrick, WhonixQubes, entr0py, HulaHoop

Nov 5 2016, 1:50 AM · research, Whonix, user documentation

Nov 4 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Nice. The Tor guys took notice.

Nov 4 2016, 4:41 AM · research, Whonix, user documentation

Nov 3 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Posted:
https://trac.torproject.org/projects/tor/ticket/20555

Nov 3 2016, 5:39 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Good write-up

Nov 3 2016, 1:44 PM · research, Whonix, user documentation

Nov 2 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

stream isolation for DNS and hidden service descriptor cache

Nov 2 2016, 10:47 PM · research, Whonix, user documentation

Nov 1 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

HulaHoop added a comment.

Another reply:

https://lists.torproject.org/pipermail/tor-dev/2016-October/011613.html
Nov 1 2016, 2:47 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Another reply:

Nov 1 2016, 1:07 PM · research, Whonix, user documentation

Oct 27 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I would prefer if you post these questions on tor developer ML since you understand the topic better and it is an important thing we need to know.

Oct 27 2016, 6:39 PM · research, Whonix, user documentation

Oct 26 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I would prefer if you post these questions on tor developer ML since you understand the topic better and it is an important thing we need to know.

Oct 26 2016, 1:07 AM · research, Whonix, user documentation

Oct 25 2016

Patrick added a comment to T73: default socksification of ssh, wget, curl, etc. is confusing for local connections.

Thanks for the feedback!

Oct 25 2016, 11:59 PM · Whonix 14, user documentation, usability, Whonix
entr0py added a comment to T73: default socksification of ssh, wget, curl, etc. is confusing for local connections.

The other option would be to present INFO every time a wrapped command is invoked, but that would probably be too intrusive for anyone other than occasional terminal users.

Oct 25 2016, 9:02 PM · Whonix 14, user documentation, usability, Whonix

Oct 24 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Could you please add all of these pros and cons to that wiki page? Or some /Dev page if too irrelevant for users?

Oct 24 2016, 2:44 PM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

gateways cache DNS entries and descriptors of HS websites visited
which can give away that they were visited before (because of faster
site loading response) even if a single WS is used and is rolled back
to a clean snapshot.

Oct 24 2016, 12:50 AM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Could you please add all of these pros and cons to that wiki page? Or
some /Dev page if too irrelevant for users?

Oct 24 2016, 12:46 AM · research, Whonix, user documentation

Oct 23 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Got an answer: https://lists.torproject.org/pipermail/tor-dev/2016-October/011591.html

Oct 23 2016, 3:11 AM · research, Whonix, user documentation

Oct 21 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Thanks, great!

Oct 21 2016, 10:53 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

https://lists.torproject.org/pipermail/tor-dev/2016-October/011590.html

Oct 21 2016, 10:48 PM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Yes, that seems useful. Please also add the pros and cons we discussed
above.

Oct 21 2016, 5:03 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I wonder how non-long lived, new connections would be trackable by malicious newnym patterns?

Oct 21 2016, 4:44 PM · research, Whonix, user documentation
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Interesting thought!

Oct 21 2016, 5:28 AM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I thought of something else. Using a single Gateway can link activities of two different Workstations even if they are on separate internal networks because the malicious WS can send NEWNYMs in som pattern which causes the traffic coming from the other clean WS to change exits at will. So while the identity of the user is not unmasked the entire purpose of the setup (multiple unlinked identities) is defeated.

Oct 21 2016, 1:53 AM · research, Whonix, user documentation

Oct 12 2016

Patrick updated the task description for T73: default socksification of ssh, wget, curl, etc. is confusing for local connections.
Oct 12 2016, 11:03 PM · Whonix 14, user documentation, usability, Whonix
Patrick added a comment to T73: default socksification of ssh, wget, curl, etc. is confusing for local connections.

Ideally for usability after the user run into some torsocks warning message, a tooltip or konsole message would offer help. But I don't think terminals support that feature.

Oct 12 2016, 11:02 PM · Whonix 14, user documentation, usability, Whonix

Oct 11 2016

HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

vailla Debian 8 same result. After reading about similar setups I think there is more needed to get this working:

Oct 11 2016, 8:48 PM · research, Whonix, user documentation
Patrick changed the status of T557: no longer install apparmor-notify by default from Open to Review.

https://github.com/Whonix/anon-meta-packages/commit/4385dbdd54f68b0855cbc20574b9faa2d2f8a83e

Oct 11 2016, 8:24 PM · user documentation, usability, AppArmor, Whonix, Whonix 14
Patrick renamed T557: no longer install apparmor-notify by default from no longer install aa-notify by default to no longer install apparmor-notify by default.
Oct 11 2016, 8:23 PM · user documentation, usability, AppArmor, Whonix, Whonix 14

Oct 9 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

I'd replicate this setup using plain Debian first. Multi ws's that are
connected to one gw using multiple internal network interfaces. The ws's
should not be able to reach clearnet [no ip forwarding in Linux by
default] but you should be able to ping the gateway from the ws since no
Whonix stuff (no firewall) interferes.

Oct 9 2016, 6:24 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Any ideas for what else I can try?

Oct 9 2016, 4:58 PM · research, Whonix, user documentation

Oct 8 2016

Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

Not worth the effort when an extra GW solves the problem and runs with very little resources.

Oct 8 2016, 7:06 PM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

The firewall works as expected according to xtrace. So we can conclude its something else. Probably too difficult to find out. Not worth the effort when an extra GW solves the problem and runs with very little resources.

Oct 8 2016, 6:22 PM · research, Whonix, user documentation
Patrick added a comment to T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay.

Did not notice this answer before making my first answer.

Oct 8 2016, 1:40 AM · Whonix, user documentation, research
Patrick added a comment to T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay.

HulaHoop (HulaHoop):

HulaHoop added a comment.

I didn't mean running everybody as a relay by default. That would be a bad idea because:
Oct 8 2016, 1:37 AM · Whonix, user documentation, research
HulaHoop closed T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay as Resolved.

Oh I see. It is already documented. My bad. closing

Oct 8 2016, 12:26 AM · Whonix, user documentation, research
HulaHoop added a comment to T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay.

I didn't mean running everybody as a relay by default. That would be a bad idea because:

Oct 8 2016, 12:24 AM · Whonix, user documentation, research

Oct 7 2016

Patrick added a comment to T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay.

0. Check with TPO if this is a good idea at all.

Oct 7 2016, 11:44 PM · Whonix, user documentation, research
Patrick added a comment to T569: Consider documenting how to turn Whonix-Gateway into a Tor Relay.

Hosting a (private) (obfuscated) bridge or (exit) relay

Oct 7 2016, 11:38 PM · Whonix, user documentation, research
Patrick added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

HulaHoop (HulaHoop):

HulaHoop added a comment.

I tried testing this by creating a second internal network connected ot the GW. And it does not seem to work though I'm sure with a bit of troubleshooting it will get there.

Some points:

- Its 50_user no .conf - the ending creates a second file.
Oct 7 2016, 7:43 PM · research, Whonix, user documentation