Page MenuHomePhabricator
Feed Advanced Search

Yesterday

Patrick added a comment to T998: Whonix without systemD.
In T998#20144, @sanyo wrote:

May I know, what do you think about Whonix vs OpenBSD in terms of security for a headless server without any GUI?

Tue, Jul 7, 11:53 AM · Whonix

Mon, Jul 6

Patrick closed T998: Whonix without systemD as Wontfix.

There's no manual.

Mon, Jul 6, 12:01 PM · Whonix

Thu, Jun 25

Patrick added a comment to T997: All pluggable transports stopped working after 11-06-2020 .

Thanks for the report.

Thu, Jun 25, 11:29 AM · Whonix
Patrick triaged T997: All pluggable transports stopped working after 11-06-2020 as Normal priority.
Thu, Jun 25, 11:29 AM · Whonix

Fri, Jun 19

Patrick added a comment to T996: Readying for Tor Browser 9.5 (June 2).

Tor Browser onion authentication prompt:
https://blog.torproject.org/sites/default/files/inline-images/onion-auth%402x.png

Fri, Jun 19, 10:48 AM · Whonix 15, anon-gw-anonymizer-config, Whonix

Thu, Jun 18

Patrick raised the priority of T800: Migrating from Github from Wishlist to High.

Alternative to github.com now needed.

Thu, Jun 18, 4:38 PM · Whonix
Patrick added a comment to T996: Readying for Tor Browser 9.5 (June 2).

Maybe this is bound per connection similar to ephemeral Tor onion services? In that case, other VMs couldn't re-use it.

Thu, Jun 18, 4:38 PM · Whonix 15, anon-gw-anonymizer-config, Whonix
Patrick closed T996: Readying for Tor Browser 9.5 (June 2) as Resolved.

onion_client_auth_add Flags=Permanent fails with 553 Unable to store creds for

Thu, Jun 18, 4:38 PM · Whonix 15, anon-gw-anonymizer-config, Whonix
Patrick updated subscribers of T996: Readying for Tor Browser 9.5 (June 2).
Thu, Jun 18, 4:38 PM · Whonix 15, anon-gw-anonymizer-config, Whonix
Patrick updated the task description for T996: Readying for Tor Browser 9.5 (June 2).
Thu, Jun 18, 4:38 PM · Whonix 15, anon-gw-anonymizer-config, Whonix
Patrick closed T800: Migrating from Github as Resolved.

https://forums.whonix.org/t/whonix-moving-from-github-to-gitlab/9676

Thu, Jun 18, 4:38 PM · Whonix
Patrick changed the status of T996: Readying for Tor Browser 9.5 (June 2) from Open to testing-in-next-build-required.

Update Tor to 0.4.3.5

Thu, Jun 18, 4:38 PM · Whonix 15, anon-gw-anonymizer-config, Whonix

May 29 2020

Patrick added a comment to T993: improve Windows Hosts / macOS wiki mentions.

The The news report [1] link is nowadays broken. It redirects to another page.

May 29 2020, 3:34 PM · Whonix, Whonix 15, user documentation
Patrick closed T60: USB Image as Invalid.

Indeed. The rest is tracked under component Whonix-Host.

May 29 2020, 2:48 PM · Whonix-Host, Whonix, Platform

May 28 2020

Patrick added a project to T60: USB Image: Whonix-Host.
May 28 2020, 5:40 PM · Whonix-Host, Whonix, Platform

May 22 2020

Patrick added a comment to T991: Update SDW-Date widget tray icons.

There's no ETA.

May 22 2020, 1:18 PM · sdwdate-gui, Whonix

May 19 2020

Patrick closed T992: Make SDW-Date widget in Qubes invokable by single-click, a subtask of T963: Make Whonix GUI usable for high-risk non-technical Qubes users, as Resolved.
May 19 2020, 2:16 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick closed T992: Make SDW-Date widget in Qubes invokable by single-click as Resolved.

And added on top: https://github.com/Whonix/sdwdate-gui/commit/360f52e6cd9fa411b0cb7c9b50a3f3cbb7016b7d

May 19 2020, 2:16 PM · Whonix, sdwdate-gui

May 17 2020

Patrick closed T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on as Resolved.

Awesome!

May 17 2020, 9:21 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

May 16 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

But forgot to add sudo install_package_list+=" debug-misc "...

May 16 2020, 5:05 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

May 15 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Please add your build commands to Whonix wiki Dev/Whonix-Host, then I can add suggestion there how to improve these.

Not sure what you mean here?

May 15 2020, 1:05 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

May 14 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Seems I have quite a flexible notion of "asap" :)...

May 14 2020, 9:11 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.
May 14 2020, 8:58 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick added a comment to T963: Make Whonix GUI usable for high-risk non-technical Qubes users.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created.
May 14 2020, 7:02 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick added a comment to T991: Update SDW-Date widget tray icons.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick Wow, you are FAST!! <3 Thank you!

I did comment on the GitHub commit, with a "Waiting" icon (that Marta from Qubes pinged me on neglecting to include), and a grayscale "Stopped" icon—which will color better in the Qubes Tray UI. If those could make it into the commit, that would be superb.
May 14 2020, 2:01 PM · sdwdate-gui, Whonix

May 13 2020

Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Added upload access also just now. Please try upload image.

May 13 2020, 7:25 PM · Whonix 15, Whonix-Host, Whonix
Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Approved now.

May 13 2020, 7:15 PM · Whonix 15, Whonix-Host, Whonix
Patrick lowered the priority of T963: Make Whonix GUI usable for high-risk non-technical Qubes users from Normal to Wishlist.

I am not a GUI developer at this point so please don't wait for me to implement this. sdwdate-gui is from a time when Whonix had a contributor doing GUI development.

May 13 2020, 3:46 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick added a comment to T991: Update SDW-Date widget tray icons.

Thanks! The new sdwdate-gui icons were committed to sdwdate-gui git master just now.

May 13 2020, 3:37 PM · sdwdate-gui, Whonix
Patrick triaged T992: Make SDW-Date widget in Qubes invokable by single-click as Wishlist priority.
May 13 2020, 3:32 PM · Whonix, sdwdate-gui
Patrick added a subtask for T963: Make Whonix GUI usable for high-risk non-technical Qubes users: T992: Make SDW-Date widget in Qubes invokable by single-click.
May 13 2020, 3:30 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick added a parent task for T992: Make SDW-Date widget in Qubes invokable by single-click: T963: Make Whonix GUI usable for high-risk non-technical Qubes users.
May 13 2020, 3:30 PM · Whonix, sdwdate-gui
Patrick changed Impact from Whonix:triage to Whonix:normal on T991: Update SDW-Date widget tray icons.
May 13 2020, 3:16 PM · sdwdate-gui, Whonix
Patrick triaged T991: Update SDW-Date widget tray icons as Wishlist priority.
May 13 2020, 3:16 PM · sdwdate-gui, Whonix
Patrick added a parent task for T991: Update SDW-Date widget tray icons: T963: Make Whonix GUI usable for high-risk non-technical Qubes users.
May 13 2020, 3:14 PM · sdwdate-gui, Whonix
Patrick added a subtask for T963: Make Whonix GUI usable for high-risk non-technical Qubes users: T991: Update SDW-Date widget tray icons.
May 13 2020, 3:14 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Yes, by all means. Please do.
Generally, most non-controversial (and this one certainly is) wiki edits can be done without prior asking.

May 13 2020, 2:00 PM · Whonix 15, Whonix-Host, Whonix
Patrick added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Excellent!

May 13 2020, 12:13 PM · Whonix 15, Whonix-Host, Whonix

May 12 2020

Patrick updated the task description for T993: improve Windows Hosts / macOS wiki mentions.
May 12 2020, 4:02 PM · Whonix, Whonix 15, user documentation
Patrick triaged T993: improve Windows Hosts / macOS wiki mentions as Normal priority.
May 12 2020, 3:55 PM · Whonix, Whonix 15, user documentation

May 11 2020

Patrick triaged T990: whonixcheck tirdad module load as Normal priority.
May 11 2020, 3:33 PM · Whonix 15, whonixcheck, Whonix
Patrick triaged T989: whonixcheck check systemd journal unit as Normal priority.
May 11 2020, 3:27 PM · Whonix 15, whonixcheck, Whonix

May 2 2020

Patrick triaged T988: use linux-perf /perf (performance analysis tools for Linux) and other tools in wats test suite as Normal priority.
May 2 2020, 1:54 PM · Whonix, WATS

Apr 28 2020

Patrick renamed T910: anti-forensics / amnesia testing of Whonix-Host in Live mode from amnesia testing of Whonix-Host in Live mode to anti-forensics / amnesia testing of Whonix-Host in Live mode.
Apr 28 2020, 7:03 PM · Whonix 15, Whonix, Whonix-Host

Apr 23 2020

Patrick closed T970: Whonix-Host hash, gpg, signify, torrent, signature creation script as Resolved.

Works fine in 15.0.1.3.2-developers-only.

Apr 23 2020, 9:37 PM · Whonix 15, Whonix, Whonix-Host
Patrick closed T928: install xfce4-power-manager on Whonix Host and Kicksecure Host as Resolved.

xfce4-power-manager is installed on Whonix-Host in 15.0.1.3.2-developers-only.

Apr 23 2020, 9:37 PM · Whonix 15, whonix-libvirt, live-mode, Whonix, Whonix-Host
Patrick closed T986: Whonix-Host livecheck systray broken as Resolved.

Fixed in 15.0.1.3.2-developers-only.

Apr 23 2020, 9:36 PM · Whonix 15, Whonix-Host, Whonix
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

Setting quiet loglevel=0 in that exact order as per https://github.com/Whonix/security-misc/commit/6485df8126b52a2072824fa442e8d1dd5cb18981 does now hide [sda] Incomplete mode parameter data. However, messages by LKRG are not yet hidden.

Apr 23 2020, 6:40 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick updated subscribers of T961: fix USB auto mounting bug / document.
Apr 23 2020, 4:59 PM · research, bug, Whonix 15, Whonix
Patrick triaged T987: offer rsync over SSH or TLS for download.whonix.org as Normal priority.
Apr 23 2020, 2:42 PM · Whonix, server-ssh-access-required
Patrick reassigned T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on from Patrick to onion_knight2.
echo "options overlay metacopy=on" > /etc/modprobe.d/overlay.conf 
update-initramfs -u
Apr 23 2020, 1:01 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

Apr 21 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Awesome analysis and description!

Apr 21 2020, 6:28 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick changed the status of T986: Whonix-Host livecheck systray broken from Open to testing-in-next-build-required.

Likely fixed in next build already. Updated, relevant code is here:

Apr 21 2020, 6:25 PM · Whonix 15, Whonix-Host, Whonix
Patrick updated subscribers of T986: Whonix-Host livecheck systray broken.
Apr 21 2020, 5:00 PM · Whonix 15, Whonix-Host, Whonix
Patrick triaged T986: Whonix-Host livecheck systray broken as Normal priority.
Apr 21 2020, 5:00 PM · Whonix 15, Whonix-Host, Whonix
Patrick closed T965: install gvfs by default / fix access LUKS encrypted USB drive with Thunar as Resolved.

Not 100% sure it would also be fixed inside VMs.

Apr 21 2020, 11:01 AM · Whonix 15, Whonix, bug
Patrick closed T929: Whonix XFCE Wallpaper / Background Image as Resolved.
Apr 21 2020, 10:57 AM · Whonix 15, Whonix-Host, whonix-xfce-desktop-config, Whonix
Patrick closed T976: Whonix-Host Low RAM Tests as Resolved.

Excellent work. Thanks for researching this!

Apr 21 2020, 10:56 AM · Whonix 15, Whonix-Host, Whonix
Patrick closed T982: use update-initramfs during installation of Whonix-Host as Resolved.
Apr 21 2020, 10:54 AM · Whonix-Host, Whonix, Whonix 15

Apr 19 2020

Patrick added a comment to T932: fix Git-Mediawiki whonix-wiki-backup.

https://github.com/Git-Mediawiki/Git-Mediawiki/issues/70

Apr 19 2020, 8:26 PM · Whonix, website

Apr 16 2020

Patrick added a comment to T984: convert /etc/sysctl.d to /etc/default/grub.d kernel Linux boot cmdline.

Something like that. Maybe covering all of /etc/sysctl.conf and
/etc/sysctl.d folder to GRUB_CMDLINE_LINUX expansion.

Apr 16 2020, 10:47 PM · Debian version 11 codename Bullseye, Whonix
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

Even kernel parameter quiet loglevel=3 rd.systemd.show_status=auto rd.udev.log_priority=3
(from https://wiki.archlinux.org/index.php/Silent_boot)
does not hide [sda] Incomplete mode parameter data.

Apr 16 2020, 4:02 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick updated the task description for T911: xfce theming.
Apr 16 2020, 3:34 PM · whonix-xfce-desktop-config, Whonix, Whonix 15
Patrick renamed T946: test sdwdate apparmor profile and remove complain mode from test sdwdate apparmor profile and set to complain mode to test sdwdate apparmor profile and remove complain mode.
Apr 16 2020, 3:32 PM · sdwdate, Whonix, Whonix 15
Patrick updated subscribers of T955: review hardened kernel config.
Apr 16 2020, 3:32 PM · Whonix, hardened-kernel
Patrick removed a project from T955: review hardened kernel config: Whonix 15.

I can't work on this. Please go for T977.

Apr 16 2020, 3:31 PM · Whonix, hardened-kernel
Patrick removed a project from T960: hardened kernel Debian packaging and APT integration - hkapt: Whonix 15.

T977 more important for now.

Apr 16 2020, 3:30 PM · hardened-kernel, Whonix
Patrick changed the status of T966: fix pkexec from Open to testing-in-next-build-required.

https://github.com/Whonix/security-misc/commit/72be31e870057b035651c1b5a7e9a9db149e9d25
https://github.com/Whonix/security-misc/commit/442931529121e9e402e7ac56e27df3dcec43167b
https://github.com/Whonix/security-misc/commit/b3ce18f0f9f1da0552a4a1bd882a5b5dda13626e
https://github.com/Whonix/security-misc/commit/8851c9ed29e79d2ef5df9c7b7086878e69b90bd4

Apr 16 2020, 3:29 PM · bug, Whonix 15, Whonix
Patrick triaged T985: consider post Whonix News that recommends VirtualBox users reducing number of virtual CPUs to 3 as Normal priority.
Apr 16 2020, 3:24 PM · Whonix 15, Whonix, VirtualBox
Patrick updated the task description for T950: set kernel.printk sysctl to prevent kernel info leaks.
Apr 16 2020, 2:07 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick updated the task description for T950: set kernel.printk sysctl to prevent kernel info leaks.
Apr 16 2020, 2:04 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

https://github.com/Whonix/security-misc/commit/8d2e4b68dcae87b27f519196488e0ed7e8b95ef2

Apr 16 2020, 2:01 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

kernel.printk = 3 3 3 3

Apr 16 2020, 1:29 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick updated the task description for T950: set kernel.printk sysctl to prevent kernel info leaks.
Apr 16 2020, 11:37 AM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick renamed T981: Whonix-Host Tor configuration and anon-connection-wizard (ACW); ipv6 disable; ipv4 forward disable from Whonix-Host Tor configuration and anon-connection-wizard (ACW) to Whonix-Host Tor configuration and anon-connection-wizard (ACW); ipv6 disable; ipv4 forward disable.
Apr 16 2020, 11:34 AM · Whonix 15, Whonix-Host, Whonix, anon-connection-wizard
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.

And of course these messages are attributed to whatever Whonix issue someone is having.

Apr 16 2020, 11:30 AM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
Patrick triaged T984: convert /etc/sysctl.d to /etc/default/grub.d kernel Linux boot cmdline as Normal priority.
Apr 16 2020, 11:29 AM · Debian version 11 codename Bullseye, Whonix

Apr 15 2020

Patrick updated the task description for T983: connect to public Tor network by default.
Apr 15 2020, 7:27 PM · Whonix-Host, Whonix 15, anon-connection-wizard, Whonix
Patrick updated the task description for T983: connect to public Tor network by default.
Apr 15 2020, 7:18 PM · Whonix-Host, Whonix 15, anon-connection-wizard, Whonix
Patrick triaged T983: connect to public Tor network by default as Normal priority.
Apr 15 2020, 7:16 PM · Whonix-Host, Whonix 15, anon-connection-wizard, Whonix
Patrick triaged T982: use update-initramfs during installation of Whonix-Host as Normal priority.
Apr 15 2020, 6:36 PM · Whonix-Host, Whonix, Whonix 15

Apr 14 2020

Patrick updated the task description for T978: add Whonix-Host EFI booting support.
Apr 14 2020, 8:47 PM · Whonix 15, Whonix, Whonix-Host

Apr 13 2020

Patrick renamed T974: Whonix Images Quick Rebuild from Whonix Images Quick Refresh to Whonix Images Quick Rebuild.
Apr 13 2020, 9:20 PM · Whonix-Host, Whonix 15, Whonix
Patrick renamed T974: Whonix Images Quick Rebuild from Whonix Image Quick Refresh to Whonix Images Quick Refresh.
Apr 13 2020, 9:18 PM · Whonix-Host, Whonix 15, Whonix
Patrick updated the task description for T974: Whonix Images Quick Rebuild.
Apr 13 2020, 9:18 PM · Whonix-Host, Whonix, Whonix 15
Patrick triaged T981: Whonix-Host Tor configuration and anon-connection-wizard (ACW); ipv6 disable; ipv4 forward disable as Normal priority.
Apr 13 2020, 8:07 PM · Whonix 15, Whonix-Host, anon-connection-wizard, Whonix
Patrick closed T975: Replace Debian mentions in /etc/motd and /etc/issue as Resolved.
Apr 13 2020, 7:56 PM · Whonix 15, Whonix-Host, Whonix

Apr 10 2020

Patrick updated subscribers of T976: Whonix-Host Low RAM Tests.
Apr 10 2020, 11:31 PM · Whonix 15, Whonix-Host, Whonix

Apr 8 2020

Patrick edited projects for T980: Kicksecure handing of /etc/hosts /etc/hostname /etc/machine-id, added: Kicksecure; removed Whonix.
Apr 8 2020, 1:45 PM · Kicksecure
Patrick triaged T980: Kicksecure handing of /etc/hosts /etc/hostname /etc/machine-id as Normal priority.
Apr 8 2020, 1:45 PM · Kicksecure
Patrick created Kicksecure.
Apr 8 2020, 1:43 PM

Apr 7 2020

Patrick added a comment to T947: Qubes-Whonix eth1 static networking.

marmarek (Marek Marczykowski-Górecki):

Have you checked how it behaves with multiple Whonix Gateways?
Apr 7 2020, 11:27 PM · Whonix, Whonix 15

Apr 3 2020

Patrick added a comment to T947: Qubes-Whonix eth1 static networking.

qvm-prefs sys-whonix ip 10.152.152.10 works great so far. Will test more. And call for testers.

Apr 3 2020, 10:15 PM · Whonix, Whonix 15
Patrick added a comment to T947: Qubes-Whonix eth1 static networking.

How can I undo qvm-prefs sys-whonix ip 10.152.152.10 back to default?

Apr 3 2020, 8:44 PM · Whonix, Whonix 15

Mar 30 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

[1] There is currently no trigger (systemd unit file) to execute /usr/lib/whonix-libvirt/persistent-mode-to-read-write.

Mar 30 2020, 5:27 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick updated the task description for T977: hardened-kernel outreach.
Mar 30 2020, 4:55 PM · outreach, hardened-kernel, Whonix
Patrick triaged T979: co-install grub-efi-amd64 and grub-pc by default on Whonix-Host ISO as Normal priority.
Mar 30 2020, 4:29 PM · Whonix 15, Whonix-Host, Whonix
Patrick updated the task description for T973: merge duplicate wiki pages?.
Mar 30 2020, 1:19 PM · Whonix, user documentation
Patrick updated the task description for T973: merge duplicate wiki pages?.
Mar 30 2020, 1:17 PM · Whonix, user documentation

Mar 29 2020

Patrick triaged T978: add Whonix-Host EFI booting support as Normal priority.
Mar 29 2020, 10:54 AM · Whonix 15, Whonix-Host, Whonix