Funding available. Anyone up to implement this?

I am not sure sdwdate-gui would be a strong enough notification if networking was actually blocked if sdwdate did not succeed yet.

No longer required. Was implemented through te_pe_tb_check enhancements.

There's no ETA.

That is a question to @Patrick , he is managing Whonix repositories.

@marmarek When do things ship in Qubes updates, from the Whonix dev repo (per Patrick's comment above)? Sorry, trying to coordinate with our training and documentation peeps for the Workstation—not "eager" just needing to manage other ppl's expectations.

And added on top: https://github.com/Whonix/sdwdate-gui/commit/360f52e6cd9fa411b0cb7c9b50a3f3cbb7016b7d

Whonix. I'll ask @marmarta if she can help here.

@marmarek Is this a Qubes or Whonix thing?

@Patrick No biggie wrt the paid developer to implement. I like your idea on the Qubes GitHub ticket, of posting an article on the website. I'll email you separately, to coordinate on that. Said website post, I'd like to accomplish two things: one, solicit user input on any/all UX work. Two, put out the call for paid GUI dev work.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick Wow, you are FAST!! <3 Thank you!

I did comment on the GitHub commit, with a "Waiting" icon (that Marta from Qubes pinged me on neglecting to include), and a grayscale "Stopped" icon—which will color better in the Qubes Tray UI. If those could make it into the commit, that would be superb.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created. The above was just a shared idea, to kickoff the conversation. My apologies for not being clear on that. I would like to work on a parallel proposal to get the development work done, to improve all of the Whonix GUI stuff; the time-sync widget menu, and the windows that enable deeper settings control.

@Patrick Wow, you are FAST!! <3 Thank you!

I am not a GUI developer at this point so please don't wait for me to implement this. sdwdate-gui is from a time when Whonix had a contributor doing GUI development.

Thanks! The new sdwdate-gui icons were committed to sdwdate-gui git master just now.

So... keeping an eye on user-needs as the priority driving this story: the list of "What needs doing" is ordered, below, as I see it:

Excellent proposal!

We're not using KDE anymore and sdwdate-gui is enabled by default.

Created way to find out name of gateway from witin VM - qubesdb-read /qubes-gateway-name for it.

In T534#16397, @troubadour wrote:

The easiest way would be to have a new entry for qubesdb-read, in addition to qubes-gateway which holds the IP address.
Something like qubesdb-read /qubes-gateway-name.

For the time being, the vm's whonix gateway is hard coded in two files, the one watching and sending sdwdate satus and the one sending the shutdown notification.

What happens in case of multiple Whonix-Gateway ProxyVMs? I.e. in case of sys-whonix, sys-whonix-two, etc.? How would anon-whonix-two know it has to connect to sys-whonix-two?

Have run the fuzzer unit test simultaneously in sys-whonix and five anon-vm.

Update, after my post in the forum.
https://forums.whonix.org/t/testers-wanted-blocking-networking-until-sdwdate-finished-status-of-sdwdate-gui/5372/3

A new Tor controller GUI.

Added the relevant icon in show_message (after resizing the sdwdate icons from mediawiki, the original are huge).

Some progress here.

If possible: it should only show Tor restart gui / anon-connection-wizard if these are installed. Otherwise not show such a menu entry.

Have pushed an updated version with Restart Tor and Anon Connection Wizard commands from the menu, so you can have an idea of the look and feel. This is of course not written in stone. The standalone restart-tor-gui was updated for testing. https://github.com/troubadoour/restart-tor-gui

In T534#15447, @troubadour wrote:

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Implemented some defensive code against qubes-dband qubes-qrexec-agent just in case. Now if one or both of those services stop, it just ensures that the sdwdate-gui programs don't crash, and that's it.

Only small issues for now.

In T534#15444, @troubadour wrote:

sdwdate-gui-qubes will be shortly ready for packaging.

There are files for the gateway, files for the workstations, none for non-qubes environment. At this stage, for review, it would be easier to make a standalone package before merging in sdwdate-gui.

It was actually easier to merge directly, if only for the new user sdwdate-gui created in postint.

sdwdate-gui-qubes will be shortly ready for packaging.

Json handling looks fine. Not sure about using the data loaded from there - for example if self.message require sanitization. AFAIR some Qt widgets support html formatting, so it may be undesirable to allow that.

Relevant code excerpt sdwdate.

In T534#15425, @marmarek wrote:

In T534#15424, @troubadour wrote:

Probably no. But I,m not an expert in security or attacks.

pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

How do you ensure that? Normally pickle.load would gladly deserialize any object, even if that results in executing code inside of it. See https://docs.python.org/3/library/pickle.html
Better use json or such if really a structure (rather than a single value) is needed.

What happens if a workstation is killed, and then later restarted?

In T534#15424, @troubadour wrote:

Probably no. But I,m not an expert in security or attacks.

pickle load deserialize an object, in our case a DICTionary. Anything not in that form would raise an exception.

Probably no. But I,m not an expert in security or attacks.

In T534#15415, @troubadour wrote:

Then //pickle.load status-file

In T534#15420, @troubadour wrote:

Update.

The submenu commands are implemented. Looks nice and handy.

The submenu commands are implemented. Looks nice and handy.

>>! In T534#15414, @marmarek wrote:

troubadour

For now, the qrexec commands are issued from the workstations sdwdate-gui,
for practical reasons, the main one being that it's easy to restart sdwdate from there.
Obviously they'll have to be in sdwdate.

Patrick

Possibly, yes. Necessarily, maybe not. Keeping all the "if Qubes then"
logic outside of sdwdate may also be an option.

That would help a lot. There are not that many "if Qubes then" in sdwdate -- actually we also check if we are not in sys-whonix --, but when it comes to run the qrexec command in sdwdate, the problem begins. Have tried all sort of things to get the call, Popen or even os.system command working in sdwdate, to no avail, although call works in many other places.

Obviously they'll have to be in sdwdate. They are some issues regarding the format of the argument in qrexec-client-vm sys-whonix whonix.test+"[argument]" when it reaches the target vm. It's sanitized, no problem there, it can be parsed, but it's truncated at 51 bytes, which limits what we can pass.

Awesome progress! :)

Some progress on this one. A summary without literature.

Playing with tags.

In T533#13328, @Patrick wrote:

Note to self: try to disable and see if konsole and kwrite are still functional in timesync-fail-closed mode.

## TODO: temporary - https://phabricator.whonix.org/T533#10288
$iptables_cmd -A OUTPUT -m iprange --dst-range "127.0.0.1" -j ACCEPT

https://github.com/Whonix/whonix-ws-firewall/blob/master/usr/bin/whonix_firewall#L318

In T534#13990, @Patrick wrote:

@marmarek is there some qubesdb-read to find out from anon-whonix that its NetVM is sys-whonix?

(Required to qrexec target variable. Trying to cover the case where one is using multiple Whonix-Gateway's.)

@marmarek is there some qubesdb-read to find out from anon-whonix that its NetVM is sys-whonix?

We have someone working on this now. Some thoughts on the design...

Note to self: try to disable and see if konsole and kwrite are still functional in timesync-fail-closed mode.

Awesome! Merged. Doesn't break it. Will test it in my next developers build.

should fix it. I am setting it to "Sdwdate".

One mistake fixed.

This unfortunately has quite a chance to have messed up an argument an introduce a regression.

In T598#12266, @Patrick wrote:

I'll check in the next developers-only build.