Page MenuHomePhabricator
Feed Advanced Search

Aug 13 2020

Patrick updated the task description for T540: Advanced Attacks Meta Ticket.
Aug 13 2020, 10:33 AM · VirtualBox, KVM, Qubes, security, research, Whonix
Patrick closed T542: Keyboard/Mouse Fingerprinting Defense, a subtask of T540: Advanced Attacks Meta Ticket, as Resolved.
Aug 13 2020, 10:32 AM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 12 2020

HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures as Invalid.

After running a bunch of tcp ping tests, the conclusion is this attack
is not really effective against TCP like ICMP. The latency is much lower
for TCP pings and though it slightly decreases with cpu stress it is not
consistent. Reloading pages in TBB with cpu stress
on/off does not impact latency readings while doing so with tc
attached has massive latency foot prints - implying it will ironically make such attacks much easier in addition to degrading performance.

Aug 12 2020, 6:30 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures, a subtask of T540: Advanced Attacks Meta Ticket, as Invalid.
Aug 12 2020, 6:30 PM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 7 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Cyrus recommends adding delays per packet to disrupt inter-packet patterns that remain. The command can be fine tuned as such:

Aug 7 2020, 6:54 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

Aug 1 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

The good news is I think I've figured out the equivalent tc-netem command looking the slot parameter in the manual:

Aug 1 2020, 5:42 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

May 30 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Ticket above closed and convo moved to tails-dev.

May 30 2020, 4:33 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

Dec 23 2019

madaidan added a comment to T12: virtualizer: enforce maximum system resources a virtual machine may use.

We should be able to create a drop-in file at /lib/systemd/system/user-.slice.d/ and add something such as

Dec 23 2019, 8:54 PM · Whonix, VMware, Qubes, KVM, VirtualBox, virtualizer

Dec 22 2019

Patrick updated subscribers of T12: virtualizer: enforce maximum system resources a virtual machine may use.

cgroups were mentioned by @madaidan

Dec 22 2019, 9:26 AM · Whonix, VMware, Qubes, KVM, VirtualBox, virtualizer

Nov 23 2019

Patrick closed T936: apparmor-profile-everything breaks Qubes upgrading as Resolved.
Nov 23 2019, 5:07 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
Patrick added a project to T936: apparmor-profile-everything breaks Qubes upgrading : apparmor-profile-everything.
Nov 23 2019, 5:07 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
madaidan added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

https://github.com/Whonix/apparmor-profile-everything/pull/7

Nov 23 2019, 4:44 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
Patrick added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

Could you add to git please?

Nov 23 2019, 4:41 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
Patrick added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

Works.

Nov 23 2019, 4:38 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
madaidan added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

Try adding:

Nov 23 2019, 4:20 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix
Patrick triaged T936: apparmor-profile-everything breaks Qubes upgrading as Normal priority.
Nov 23 2019, 4:16 PM · apparmor-profile-everything, Qubes, AppArmor, Whonix

Oct 15 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

https://redmine.tails.boum.org/code/issues/17156

Oct 15 2019, 9:26 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

Oct 13 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Analysis by Cyrus cited here for completion:

Oct 13 2019, 4:18 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

Oct 6 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 10:53 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
Patrick updated subscribers of T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 9:50 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
Patrick added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Reported build failures:

Oct 6 2019, 9:47 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

When an implementation is decided, let's decide if we can include this in security-misc for use on Linux hosts and Kicksecure. We would need some way in detecting the active NIC since on wireless systems wlan0 is the interface of choice and not eth0

Oct 6 2019, 9:01 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

tc-netem is a utility that is part of the iproute2 package in Debian. It leverages functionality already built into Linux and userspace utilities to simulate networks including packet delays and loss.

Oct 6 2019, 6:04 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research

Jul 27 2019

Patrick added a comment to T912: qubes integration tools missing.

Looks like mine.

Jul 27 2019, 1:25 PM · Qubes, Whonix

Jul 25 2019

TNTBOMBOM added a comment to T912: qubes integration tools missing.
<?xml encoding="UTF-8" version="1.0"?>
<actions>
<action>
	<icon>utilities-terminal</icon>
	<name>Open Terminal Here</name>
	<unique-id>1555514114536034-1</unique-id>
	<command>exo-open --working-directory %f --launch TerminalEmulator</command>
	<description>Example for a custom action</description>
	<patterns>*</patterns>
	<startup-notify/>
	<directories/>
</action>
<action>
	<icon>folder-copy</icon>
	<name>Copy to VM</name>
	<unique-id>1507455450991127-4</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh copy %F</command>
	<description></description>
	<patterns>*</patterns>
	<directories/>
	<audio-files/>
	<image-files/>
	<other-files/>
	<text-files/>
	<video-files/>
</action>
<action>
	<icon>folder-move</icon>
	<name>Move to VM</name>
	<unique-id>1507455437157027-3</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh move %F</command>
	<description></description>
	<patterns>*</patterns>
	<directories/>
	<audio-files/>
	<image-files/>
	<other-files/>
	<text-files/>
	<video-files/>
</action>
<action>
	<icon>document-open</icon>
	<name>Open in VM</name>
	<unique-id>1507455471075266-5</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh openvm %F</command>
	<description></description>
	<patterns>*</patterns>
	<audio-files/>
	<image-files/>
	<other-files/>
	<text-files/>
	<video-files/>
</action>
<action>
	<icon>gtk-convert</icon>
	<name>Convert in DisposableVM</name>
	<unique-id>1507455488971315-6</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh pdf %F</command>
	<description></description>
	<patterns>*.pdf</patterns>
	<other-files/>
</action>
<action>
	<icon>gtk-convert</icon>
	<name>Convert in DisposableVM</name>
	<unique-id>1507455503129941-7</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh img %F</command>
	<description></description>
	<patterns>*</patterns>
	<image-files/>
</action>
<action>
	<icon>document-open</icon>
	<name>Edit in DisposableVM</name>
	<unique-id>1507455559234996-8</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh opendvm %F</command>
	<description></description>
	<patterns>*</patterns>
	<audio-files/>
	<image-files/>
	<other-files/>
	<text-files/>
	<video-files/>
</action>
<action>
	<icon>document-open</icon>
	<name>View in DisposableVM</name>
	<unique-id>1507455559234997-9</unique-id>
	<command>/usr/lib/qubes/qvm-actions.sh viewdvm %F</command>
	<description></description>
	<patterns>*</patterns>
	<audio-files/>
	<image-files/>
	<other-files/>
	<text-files/>
	<video-files/>
</action>
</actions>
Jul 25 2019, 2:45 PM · Qubes, Whonix

Jun 27 2019

Patrick removed a project from T912: qubes integration tools missing: Whonix 15.
Jun 27 2019, 10:53 AM · Qubes, Whonix
Patrick added a comment to T912: qubes integration tools missing.

Work for me too in new build https://forums.whonix.org/t/qubes-whonix-15-templatevms-debian-buster-based-4-0-1-201906232114-testers-wanted/7601

Jun 27 2019, 10:53 AM · Qubes, Whonix

Jun 21 2019

marmarek added a comment to T912: qubes integration tools missing.

I cannot reproduce. I've installed qubes-template-whonix-15-4.0.1-201905241112, updated it with qubes testing repository enabled and I see all the actions available in thunar.
But I do see some warnings on thunar's stderr, like this:

(Thunar:27375): Gtk-WARNING **: 01:41:41.317: Refusing to add non-unique action 'uca-action-1507455450991127-4' to action group 'ThunarActions'

Looks like actions are added multiple times to /etc/xdg/Thunar/uca.xml, which is later copied to /home/user/.cnfig/Thunar/uca.xml. Relevant code in https://github.com/QubesOS/qubes-core-agent-linux/blob/master/debian/qubes-core-agent-thunar.postinst

Jun 21 2019, 3:50 AM · Qubes, Whonix

Jun 20 2019

Patrick updated subscribers of T912: qubes integration tools missing.

Any idea why these are missing? @marmarek

Jun 20 2019, 4:18 PM · Qubes, Whonix
Patrick added a comment to T912: qubes integration tools missing.
  • Copy to VM
  • Move to VM
  • Create Archive...
Jun 20 2019, 2:03 PM · Qubes, Whonix
Patrick updated the task description for T912: qubes integration tools missing.
Jun 20 2019, 1:56 PM · Qubes, Whonix

Jun 14 2019

Patrick added a comment to T912: qubes integration tools missing.

Might be fixed with upgrades / (over) next Qubes-Whonix images.

Jun 14 2019, 11:21 AM · Qubes, Whonix
Patrick created T912: qubes integration tools missing.
Jun 14 2019, 11:20 AM · Qubes, Whonix

Apr 14 2019

Patrick closed T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish as Resolved.
Apr 14 2019, 3:30 PM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Apr 6 2019

Patrick closed T879: qvm-service infrastructure does not work with whonix-gw-14 template as Wontfix.

Reducing the number of lingering, unrealistic tickets, therefore closing.

Apr 6 2019, 8:46 PM · Qubes, onion-grater (Control Port Filter Proxy), Whonix
Patrick closed T811: document multiple Qubes TemplateVMs as Resolved.

https://www.whonix.org/wiki/Multiple_Whonix-Workstations#Multiple_Qubes-Whonix_TemplateVMs

Apr 6 2019, 8:38 PM · Whonix, Qubes, user documentation
Patrick lowered the priority of T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream from High to Normal.
Apr 6 2019, 8:22 PM · security, Qubes, Whonix
Patrick changed the status of T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish from Open to testing-in-next-build-required.

https://github.com/Whonix/anon-meta-packages/blob/master/debian/control

Apr 6 2019, 4:44 PM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Feb 18 2019

Patrick closed T463: Qubes-Whonix-Workstation DispVM Support as Resolved.

Looks like nothing more to do here.

Feb 18 2019, 9:39 AM · Whonix, Qubes
Patrick closed T409: qubes-whonix-network.service doesn't provide helpful error message when !CONFIG_DUMMY as Invalid.

Since grsecurity is not a thing anymore, closing this as invalid.

Feb 18 2019, 9:37 AM · grsecurity, Qubes, Whonix
Patrick updated the task description for T466: Qubes sys-whonix does not do its job as Qubes FirewallVM.
Feb 18 2019, 9:30 AM · iptables, whonix-gw-firewall, Qubes, Whonix

Feb 16 2019

Patrick closed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Resolved.
Feb 16 2019, 1:56 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick claimed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start.

I also noticed the file "~/.tb/first-boot-home-population.done" which suggests that whonix does something on first boot

Feb 16 2019, 1:54 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick triaged T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Normal priority.
Feb 16 2019, 9:50 AM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix

Feb 15 2019

marmarek added a comment to T709: port Whonix package build process to Qubes package build process.

To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).

Feb 15 2019, 12:20 AM · security, Qubes, build, Whonix

Feb 14 2019

Patrick added projects to T709: port Whonix package build process to Qubes package build process: build, Qubes, security.
Feb 14 2019, 8:01 PM · security, Qubes, build, Whonix

Jan 12 2019

Patrick triaged T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish as Normal priority.
Jan 12 2019, 7:50 AM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes

Dec 9 2018

Patrick lowered the priority of T389: make sure Qubes-Whonix has no access to clocksource=xen from High to Normal.
Dec 9 2018, 6:53 AM · mgmt, research, security, Qubes, Whonix
Patrick lowered the priority of T879: qvm-service infrastructure does not work with whonix-gw-14 template from Normal to Wishlist.
Dec 9 2018, 5:52 AM · Qubes, onion-grater (Control Port Filter Proxy), Whonix

Dec 7 2018

Patrick removed a project from T530: CPU-induced latency Covert Channel Countermeasures: Whonix 15.
Dec 7 2018, 12:06 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, Whonix, research
Patrick removed a project from T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes): Whonix 15.
Dec 7 2018, 12:06 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick assigned T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes) to troubadour.
Dec 7 2018, 12:06 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick removed a project from T466: Qubes sys-whonix does not do its job as Qubes FirewallVM: Whonix 15.
Dec 7 2018, 12:04 PM · iptables, whonix-gw-firewall, Qubes, Whonix
Patrick closed T545: apt-get Qubes instructions as Resolved.
Dec 7 2018, 11:57 AM · Whonix, Whonix 15, user documentation, Qubes
Patrick removed a project from T397: prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime: Whonix 15.
Dec 7 2018, 11:57 AM · mgmt, Whonix, Qubes, security, bug
Patrick removed a project from T387: Qubes-Whonix-Gateway as ClockVM: Whonix 15.
Dec 7 2018, 11:57 AM · enhancement, security, sdwdate, Whonix, Qubes

Nov 12 2018

Patrick closed T373: Qubes templates: graphical updater (Apper) broken as Resolved.

Apper no longer installed by default.

Nov 12 2018, 8:47 AM · Qubes, usability, enhancement, Whonix
Patrick placed T373: Qubes templates: graphical updater (Apper) broken up for grabs.
Nov 12 2018, 8:43 AM · Qubes, usability, enhancement, Whonix

Sep 20 2018

Patrick added a subtask for T387: Qubes-Whonix-Gateway as ClockVM: T856: whonix TemplateVM time fetching qrexec service.
Sep 20 2018, 11:45 AM · enhancement, security, sdwdate, Whonix, Qubes

Aug 7 2018

Patrick renamed T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes) from make sdwdate-gui Qubes friendly to make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).
Aug 7 2018, 6:45 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick renamed T397: prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime from prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that to prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that / disable Qubes dom0 /etc/qubes-rpc/qubes.SetDateTime.
Aug 7 2018, 6:43 PM · mgmt, Whonix, Qubes, security, bug
Patrick updated the task description for T389: make sure Qubes-Whonix has no access to clocksource=xen.
Aug 7 2018, 6:37 PM · mgmt, research, security, Qubes, Whonix

Aug 3 2018

Patrick added a project to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream: security.
Aug 3 2018, 11:22 AM · security, Qubes, Whonix
Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Done. Asked about Xen too but they may not be familiar with its innards. You may want to contact the Xen devs directly using my message as a template.

https://lists.nongnu.org/archive/html/qemu-devel/2018-08/msg00368.html

Aug 3 2018, 11:21 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Playing devil's advocate here: Ted Ts'o [0] expresses strong skepticism about the efficacy of RNGs that rely on CPU jitter. summary: CPU jitter may not be random as thought to someone who designed the CPU cache and know how its internals "tick" [1]. So while these RNGs may not harm, another solution for RNG-less platforms may be a good idea.

Aug 3 2018, 6:10 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

An interesting implementation to work around early boot entropy scarcity with havegedis to include it in the initrd. May be hackish but could be easier for Marmarek than writing something at the EFI level.

Aug 3 2018, 5:53 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Done. Asked about Xen too but they may not be familiar with its innards. You may want to contact the Xen devs directly using my message as a template.

Aug 3 2018, 5:34 AM · security, Qubes, Whonix

Aug 2 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

I think its worth asking the hypervisor devs if this applies for the platforms we care about.

Aug 2 2018, 5:33 AM · security, Qubes, Whonix

Jul 31 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

jitterentropy-rng should solve this

Jul 31 2018, 6:38 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

jitterentropy-rng should solve this and is a mainline Linux solution that works the same way haveged does. Please see: https://phabricator.whonix.org/T817

Jul 31 2018, 4:23 AM · security, Qubes, Whonix

Jul 24 2018

Patrick closed T788: Qubes-Whonix 14 SaltStack state files required as Resolved.
Jul 24 2018, 11:40 AM · Whonix, Qubes, Whonix 14
Patrick closed T792: make sure qubes-core-admin-addon-whonix gets installed as Resolved.
Jul 24 2018, 11:39 AM · Whonix, Whonix 14, Qubes
Patrick closed T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs as Resolved.
Jul 24 2018, 11:38 AM · Whonix, Qubes, Whonix 14

Jul 21 2018

Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Created way to find out name of gateway from witin VM - qubesdb-read /qubes-gateway-name for it.

Jul 21 2018, 11:38 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 18 2018

marmarek added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

The easiest way would be to have a new entry for qubesdb-read, in addition to qubes-gateway which holds the IP address.
Something like qubesdb-read /qubes-gateway-name.

Jul 18 2018, 12:12 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 17 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

For the time being, the vm's whonix gateway is hard coded in two files, the one watching and sending sdwdate satus and the one sending the shutdown notification.

Jul 17 2018, 11:14 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui
Patrick added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

What happens in case of multiple Whonix-Gateway ProxyVMs? I.e. in case of sys-whonix, sys-whonix-two, etc.? How would anon-whonix-two know it has to connect to sys-whonix-two?

Jul 17 2018, 9:19 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 15 2018

Patrick updated the task description for T811: document multiple Qubes TemplateVMs.
Jul 15 2018, 12:18 PM · Whonix, Qubes, user documentation
Patrick triaged T811: document multiple Qubes TemplateVMs as Normal priority.
Jul 15 2018, 12:16 PM · Whonix, Qubes, user documentation

Jul 7 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Have run the fuzzer unit test simultaneously in sys-whonix and five anon-vm.

Jul 7 2018, 10:26 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jul 5 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Update, after my post in the forum.
https://forums.whonix.org/t/testers-wanted-blocking-networking-until-sdwdate-finished-status-of-sdwdate-gui/5372/3

Jul 5 2018, 9:35 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Jun 13 2018

Patrick updated the task description for T788: Qubes-Whonix 14 SaltStack state files required.
Jun 13 2018, 9:33 AM · Whonix, Qubes, Whonix 14

Jun 7 2018

Patrick updated the task description for T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
Jun 7 2018, 4:37 AM · Whonix, Qubes, Whonix 14

May 30 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

That's technically too late during boot process. See ticket discussion
above.

May 30 2018, 10:29 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Perhaps Qubes guys can have the entropybroker package communicate over the qrexec protocol to seed entropy from a reliable source like Dom0 to the other domains.

May 30 2018, 5:52 AM · security, Qubes, Whonix

May 22 2018

Patrick added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Asked. Unfortunately not so.

May 22 2018, 4:32 AM · security, Qubes, Whonix

May 18 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

You can probably use virtio-rng since Qubes now runs on HVM mode and uses QEMU

May 18 2018, 3:20 PM · security, Qubes, Whonix

May 9 2018

Patrick renamed T792: make sure qubes-core-admin-addon-whonix gets installed from qubes-template-whonix-gw should depend on qubes-core-admin-addon-whonix to make sure qubes-core-admin-addon-whonix gets installed.
May 9 2018, 12:39 PM · Whonix, Whonix 14, Qubes

May 8 2018

Patrick renamed T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs from qvm-features-request whonix-ws 1 to qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
May 8 2018, 9:48 PM · Whonix, Qubes, Whonix 14

May 5 2018

Patrick updated the task description for T792: make sure qubes-core-admin-addon-whonix gets installed.
May 5 2018, 3:32 PM · Whonix, Whonix 14, Qubes
Patrick updated the task description for T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs.
May 5 2018, 3:27 PM · Whonix, Qubes, Whonix 14

Apr 28 2018

Patrick triaged T792: make sure qubes-core-admin-addon-whonix gets installed as Normal priority.
Apr 28 2018, 10:03 AM · Whonix, Whonix 14, Qubes
Patrick triaged T791: qubes-core-admin-addon-whonix / qvm-features-request whonix-ws=1 / add anon-vm tag to whonix-ws-based VMs as Normal priority.
Apr 28 2018, 9:58 AM · Whonix, Qubes, Whonix 14

Apr 12 2018

Patrick triaged T788: Qubes-Whonix 14 SaltStack state files required as High priority.
Apr 12 2018, 3:05 PM · Whonix, Qubes, Whonix 14

Apr 6 2018

Patrick closed T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix as Resolved.
In T641#15836, @unman wrote:

Installation of pulseaudio-qubes is now included in the 13-14 upgrade guide under Qubes-Whonix instructions.

Apr 6 2018, 8:34 AM · Whonix 14, Whonix, anon-meta-packages, Qubes

Apr 4 2018

unman added a comment to T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.

@Patrick
Installation of pulseaudio-qubes is now included in the 13-14 upgrade guide under Qubes-Whonix instructions.

Apr 4 2018, 5:27 PM · Whonix 14, Whonix, anon-meta-packages, Qubes

Mar 7 2018

Patrick renamed T641: Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix from install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix to Qubes R4: install pulseaudio-qubes in Whonix 14 for audio support / pulseaudio and vlc should not be installed in sys-whonix.
Mar 7 2018, 1:46 AM · Whonix 14, Whonix, anon-meta-packages, Qubes

Mar 4 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

A new Tor controller GUI.

Mar 4 2018, 11:03 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 16 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Added the relevant icon in show_message (after resizing the sdwdate icons from mediawiki, the original are huge).

Feb 16 2018, 11:18 PM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui

Feb 15 2018

troubadour added a comment to T534: make sdwdate-gui Qubes friendly (sdwdate-gui-qubes).

Some progress here.

Feb 15 2018, 12:55 AM · Whonix, python, Qubes, usability, security, enhancement, sdwdate, sdwdate-gui