Page MenuHomePhabricator
Feed All Stories

Fri, May 7

Patrick defrocked mycobee.
Fri, May 7, 8:06 AM
Patrick defrocked 0brand.
Fri, May 7, 8:05 AM
Patrick defrocked mig5.
Fri, May 7, 8:05 AM

Mar 21 2021

Patrick added a comment to T993: improve Windows Hosts / macOS wiki mentions.
In T993#20220, @Patrick wrote:

I don't see what else can be done here. This statement is limited to only what was said in this ticket.

Mar 21 2021, 12:20 PM · Whonix, Whonix 15, user documentation
Patrick closed T993: improve Windows Hosts / macOS wiki mentions as Resolved.

I don't see what else can be done here. This statement is limited to only what was said in this ticket.

Mar 21 2021, 12:20 PM · Whonix, Whonix 15, user documentation

Mar 20 2021

Patrick updated the task description for T993: improve Windows Hosts / macOS wiki mentions.
Mar 20 2021, 3:00 PM · Whonix, Whonix 15, user documentation
Patrick updated the task description for T993: improve Windows Hosts / macOS wiki mentions.
Mar 20 2021, 2:58 PM · Whonix, Whonix 15, user documentation
Patrick updated the task description for T993: improve Windows Hosts / macOS wiki mentions.
Mar 20 2021, 2:57 PM · Whonix, Whonix 15, user documentation

Jan 24 2021

Patrick closed T1001: Updates proxy check fails in whonix-ws-15 as Resolved.

Btw this issue tracker is being phased out:
https://www.whonix.org/wiki/Reporting_Bugs#Issue_Tracker

Jan 24 2021, 12:08 PM · bug, Whonix, Whonix 15

Jan 12 2021

Patrick added a comment to T533: iptables block network access until sdwdate succeeded.

I am not sure sdwdate-gui would be a strong enough notification if networking was actually blocked if sdwdate did not succeed yet.

Jan 12 2021, 8:51 AM · Whonix, usability, whonix-ws-firewall, whonix-gw-firewall, iptables, python, security, enhancement, sdwdate-gui, sdwdate
Patrick updated the task description for T533: iptables block network access until sdwdate succeeded.
Jan 12 2021, 4:53 AM · Whonix, usability, whonix-ws-firewall, whonix-gw-firewall, iptables, python, security, enhancement, sdwdate-gui, sdwdate

Jan 9 2021

Patrick closed T133: url_to_unxtime https support, a subtask of T132: port sdwdate to url_to_unixtime, as Resolved.
Jan 9 2021, 3:48 PM · Whonix 10, Whonix, sdwdate
Patrick closed T133: url_to_unxtime https support as Resolved.
Jan 9 2021, 3:48 PM · python, sdwdate, Whonix
Patrick added a comment to T133: url_to_unxtime https support.

This was implemented. Now using python3 requests.

Jan 9 2021, 3:47 PM · python, sdwdate, Whonix
Patrick closed T916: improve sdwdate connectivity check as Resolved.

No longer required. Was implemented through te_pe_tb_check enhancements.

Jan 9 2021, 3:34 PM · whonixcheck, sdwdate-gui, sdwdate, Whonix
Patrick added a comment to T1001: Updates proxy check fails in whonix-ws-15.

https://gitlab.com/whonix/qubes-whonix/-/commit/53ff72ab6ce59cb2c98401fd701ae782ca100e37

Jan 9 2021, 7:43 AM · bug, Whonix, Whonix 15

Jan 8 2021

marmarek added a comment to T1001: Updates proxy check fails in whonix-ws-15.

I've found why sudo asked for password, it wasn't related to security-misc script mentioned earlier. And should be fixed in newer qubes-core-agent package.

Jan 8 2021, 3:28 PM · bug, Whonix, Whonix 15

Jan 5 2021

marmarek added a comment to T1001: Updates proxy check fails in whonix-ws-15.

/usr/lib/qubes-whonix/init/torified-updates-proxy-check is currently only started by /lib/systemd/system/qubes-whonix-torified-updates-proxy-check.service.

Wondering why this is happening. When root uses sudo, pam shouldn't even be involved.

Jan 5 2021, 6:54 PM · bug, Whonix, Whonix 15
Patrick added a comment to T1001: Updates proxy check fails in whonix-ws-15.

/usr/lib/qubes-whonix/init/torified-updates-proxy-check is currently only started by /lib/systemd/system/qubes-whonix-torified-updates-proxy-check.service.

Jan 5 2021, 7:07 AM · bug, Whonix, Whonix 15
marmarek added a project to T1001: Updates proxy check fails in whonix-ws-15: bug.
Jan 5 2021, 6:03 AM · bug, Whonix, Whonix 15
marmarek created T1001: Updates proxy check fails in whonix-ws-15.
Jan 5 2021, 6:03 AM · bug, Whonix, Whonix 15

Dec 9 2020

SimonSelg updated SimonSelg.
Dec 9 2020, 5:06 PM

Oct 26 2020

Patrick updated the task description for T689: use whonixcheck Whonix News to count Whonix users.
Oct 26 2020, 9:54 PM · Whonix 14, Whonix, whonixcheck
Patrick added a comment to T689: use whonixcheck Whonix News to count Whonix users.

documented here:
https://www.whonix.org/wiki/Whonixcheck_Hardening#Prevent_Downloading_Whonix_.E2.84.A2_News_and_Whonix_.E2.84.A2_User_Census_Counting

Oct 26 2020, 9:53 PM · Whonix 14, Whonix, whonixcheck

Sep 28 2020

Patrick closed T950: set kernel.printk sysctl to prevent kernel info leaks as Resolved.

Looks all good and quite in Whonix 15.0.1.5.1.

Sep 28 2020, 4:32 PM · Debian version 11 codename Bullseye, Whonix 15, security-misc, Whonix

Aug 31 2020

Patrick closed T1000: Add Wasabi Bitcoin wallet as Invalid.

We don't use this tracker for new feature requests anymore either as per:
https://www.whonix.org/wiki/Reporting_Bugs

Aug 31 2020, 12:38 PM · Whonix

Aug 30 2020

ratpoison4 created T1000: Add Wasabi Bitcoin wallet.
Aug 30 2020, 4:33 PM · Whonix

Aug 23 2020

sanyo added a comment to T998: Whonix without systemD.

It is important to understand, that systemD is actually much more than simply an init system:

Aug 23 2020, 2:56 PM · Whonix

Aug 13 2020

Patrick updated the task description for T540: Advanced Attacks Meta Ticket.
Aug 13 2020, 10:33 AM · VirtualBox, KVM, Qubes, security, research, Whonix
Patrick closed T542: Keyboard/Mouse Fingerprinting Defense as Resolved.

Shipping kloak in Whonix stable for a few releases already.

Aug 13 2020, 10:32 AM · security, Whonix
Patrick closed T542: Keyboard/Mouse Fingerprinting Defense, a subtask of T540: Advanced Attacks Meta Ticket, as Resolved.
Aug 13 2020, 10:32 AM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 12 2020

HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures as Invalid.

After running a bunch of tcp ping tests, the conclusion is this attack
is not really effective against TCP like ICMP. The latency is much lower
for TCP pings and though it slightly decreases with cpu stress it is not
consistent. Reloading pages in TBB with cpu stress
on/off does not impact latency readings while doing so with tc
attached has massive latency foot prints - implying it will ironically make such attacks much easier in addition to degrading performance.

Aug 12 2020, 6:30 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures, a subtask of T540: Advanced Attacks Meta Ticket, as Invalid.
Aug 12 2020, 6:30 PM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 7 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Cyrus recommends adding delays per packet to disrupt inter-packet patterns that remain. The command can be fine tuned as such:

Aug 7 2020, 6:54 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Aug 1 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

The good news is I think I've figured out the equivalent tc-netem command looking the slot parameter in the manual:

Aug 1 2020, 5:42 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Jul 23 2020

Patrick closed T999: Can't build Whonix from source as Invalid.

Building on anything other than Debian buster is unsupported.

Jul 23 2020, 7:08 PM · Whonix
el-cpu created T999: Can't build Whonix from source.
Jul 23 2020, 6:56 PM · Whonix
Patrick added a comment to T996: Readying for Tor Browser 9.5 (June 2).

553 Unable to store creds for

Did you set ClientOnionAuthDir in torrc (to a directory with "private
enough" permissions)?

Rusty

Jul 23 2020, 1:27 PM · Whonix 15, Whonix, anon-gw-anonymizer-config

Jul 7 2020

sanyo added a comment to T998: Whonix without systemD.

A few more questions:

Jul 7 2020, 10:23 PM · Whonix
sanyo added a comment to T998: Whonix without systemD.

Btw, Devuan is almost the same Debian with systemD removed from it.
Devuan even uses the same Debian binary repository with a few substitutions/replacements by its own Devuan packages just to eliminate nasty systemD.

Jul 7 2020, 8:05 PM · Whonix
sanyo updated sanyo.
Jul 7 2020, 7:50 PM
sanyo updated sanyo.
Jul 7 2020, 7:49 PM
Patrick added a comment to T998: Whonix without systemD.
In T998#20144, @sanyo wrote:

May I know, what do you think about Whonix vs OpenBSD in terms of security for a headless server without any GUI?

Jul 7 2020, 11:53 AM · Whonix

Jul 6 2020

sanyo added a comment to T998: Whonix without systemD.

May I know, what do you think about Whonix vs OpenBSD in terms of security for a headless server without any GUI?

Jul 6 2020, 8:29 PM · Whonix
sanyo added a comment to T998: Whonix without systemD.

I guess it shall not be any harder to port Whonix to Devuan than porting it to original Debian.

Jul 6 2020, 8:26 PM · Whonix
Patrick closed T998: Whonix without systemD as Wontfix.

There's no manual.

Jul 6 2020, 12:01 PM · Whonix

Jul 5 2020

sanyo updated the task description for T998: Whonix without systemD.
Jul 5 2020, 8:36 PM · Whonix
sanyo updated the task description for T998: Whonix without systemD.
Jul 5 2020, 8:34 PM · Whonix
sanyo triaged T998: Whonix without systemD as Wishlist priority.
Jul 5 2020, 8:33 PM · Whonix

Jun 25 2020

Patrick added a comment to T997: All pluggable transports stopped working after 11-06-2020 .

Thanks for the report.

Jun 25 2020, 11:29 AM · Whonix
Patrick triaged T997: All pluggable transports stopped working after 11-06-2020 as Normal priority.
Jun 25 2020, 11:29 AM · Whonix

Jun 24 2020

leh6r0 added a comment to T997: All pluggable transports stopped working after 11-06-2020 .

More useful information from my tests: When I setup obfs4 using the Anon-Connection-Wizard the previous obfs4 that I used worked fine. Unfortunately I can't setup snowflake from it.

Jun 24 2020, 1:51 PM · Whonix

Jun 23 2020

leh6r0 renamed T997: All pluggable transports stopped working after 11-06-2020 from Snowflake stopped working after 11-06-2020 to All pluggable transports stopped working after 11-06-2020 .
Jun 23 2020, 10:55 AM · Whonix

Jun 21 2020

leh6r0 added a comment to T997: All pluggable transports stopped working after 11-06-2020 .

Don't know if this is indicative of anything but after I add -log snowflake-client.log -log-to-state-dir at the end of the ClientTransportPlugin snowflake line in /usr/local/etc/torrc.d/50_user.conf I obtain the following error:

Jun 21 2020, 10:34 AM · Whonix
leh6r0 created T997: All pluggable transports stopped working after 11-06-2020 .
Jun 21 2020, 10:21 AM · Whonix

Jun 19 2020

Patrick added a comment to T996: Readying for Tor Browser 9.5 (June 2).

Tor Browser onion authentication prompt:
https://blog.torproject.org/sites/default/files/inline-images/onion-auth%402x.png

Jun 19 2020, 10:48 AM · Whonix 15, Whonix, anon-gw-anonymizer-config

Jun 18 2020

HulaHoop added a comment to T996: Readying for Tor Browser 9.5 (June 2).

What Tor related apps are broken without support for this?

Jun 18 2020, 8:03 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick raised the priority of T800: Migrating from Github from Wishlist to High.

Alternative to github.com now needed.

Jun 18 2020, 4:38 PM · Whonix
Patrick added a comment to T996: Readying for Tor Browser 9.5 (June 2).

Maybe this is bound per connection similar to ephemeral Tor onion services? In that case, other VMs couldn't re-use it.

Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
rustybird added a comment to T996: Readying for Tor Browser 9.5 (June 2).

https://github.com/adrelanos/anon-gw-anonymizer-config/commit/97ff68a6c49ecef3e79ab10e1a930a4f5e13198d#commitcomment-39671373

Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick closed T996: Readying for Tor Browser 9.5 (June 2) as Resolved.

onion_client_auth_add Flags=Permanent fails with 553 Unable to store creds for

Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick updated subscribers of T996: Readying for Tor Browser 9.5 (June 2).
Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick updated the task description for T996: Readying for Tor Browser 9.5 (June 2).
Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick closed T800: Migrating from Github as Resolved.

https://forums.whonix.org/t/whonix-moving-from-github-to-gitlab/9676

Jun 18 2020, 4:38 PM · Whonix
rustybird added a comment to T996: Readying for Tor Browser 9.5 (June 2).

Maybe this is bound per connection similar to ephemeral Tor onion services?

Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
Patrick changed the status of T996: Readying for Tor Browser 9.5 (June 2) from Open to testing-in-next-build-required.

Update Tor to 0.4.3.5

Jun 18 2020, 4:38 PM · Whonix 15, Whonix, anon-gw-anonymizer-config

May 30 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Ticket above closed and convo moved to tails-dev.

May 30 2020, 4:33 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

May 29 2020

rustybird renamed T996: Readying for Tor Browser 9.5 (June 2) from Readying for Tor Browser 9.5 (July 2) to Readying for Tor Browser 9.5 (June 2).
May 29 2020, 6:59 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
rustybird triaged T996: Readying for Tor Browser 9.5 (June 2) as High priority.
May 29 2020, 6:59 PM · Whonix 15, Whonix, anon-gw-anonymizer-config
russsaidwords updated russsaidwords.
May 29 2020, 5:25 PM
Patrick added a comment to T993: improve Windows Hosts / macOS wiki mentions.

The The news report [1] link is nowadays broken. It redirects to another page.

May 29 2020, 3:34 PM · Whonix, Whonix 15, user documentation
Patrick closed T60: USB Image as Invalid.

Indeed. The rest is tracked under component Whonix-Host.

May 29 2020, 2:48 PM · Whonix-Host, Whonix, Platform
onion_knight2 added a comment to T60: USB Image.

Should we close this ticket since Whonix-Host is precisely a "usb stick with whonix installed and ready to boot", already available as an ISO image, even if still in early stage?

May 29 2020, 9:53 AM · Whonix-Host, Whonix, Platform

May 28 2020

madaidan added a comment to T993: improve Windows Hosts / macOS wiki mentions.

More points that should be removed:

May 28 2020, 9:46 PM · Whonix, Whonix 15, user documentation
Patrick added a project to T60: USB Image: Whonix-Host.
May 28 2020, 5:40 PM · Whonix-Host, Whonix, Platform

May 22 2020

Patrick added a comment to T991: Update SDW-Date widget tray icons.

There's no ETA.

May 22 2020, 1:18 PM · Whonix, sdwdate-gui

May 20 2020

marmarek added a comment to T991: Update SDW-Date widget tray icons.

That is a question to @Patrick , he is managing Whonix repositories.

May 20 2020, 1:54 PM · Whonix, sdwdate-gui
ninavizz added a comment to T991: Update SDW-Date widget tray icons.

@marmarek When do things ship in Qubes updates, from the Whonix dev repo (per Patrick's comment above)? Sorry, trying to coordinate with our training and documentation peeps for the Workstation—not "eager" just needing to manage other ppl's expectations.

May 20 2020, 1:15 AM · Whonix, sdwdate-gui

May 19 2020

Patrick closed T992: Make SDW-Date widget in Qubes invokable by single-click, a subtask of T963: Make Whonix GUI usable for high-risk non-technical Qubes users, as Resolved.
May 19 2020, 2:16 PM · usability, sdwdate, sdwdate-gui, Whonix
Patrick closed T992: Make SDW-Date widget in Qubes invokable by single-click as Resolved.

And added on top: https://github.com/Whonix/sdwdate-gui/commit/360f52e6cd9fa411b0cb7c9b50a3f3cbb7016b7d

May 19 2020, 2:16 PM · Whonix, sdwdate-gui

May 18 2020

HulaHoop closed T994: Briar Desktop as Invalid.

Ticket moved to forum

May 18 2020, 6:07 PM · Whonix
HulaHoop closed T995: Dino IM as Invalid.

Moved ticket to forum

May 18 2020, 6:05 PM · Whonix
HulaHoop triaged T995: Dino IM as Normal priority.
May 18 2020, 3:36 PM · Whonix
HulaHoop created T994: Briar Desktop.
May 18 2020, 3:32 PM · Whonix

May 17 2020

Patrick closed T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on as Resolved.

Awesome!

May 17 2020, 9:21 PM · Whonix 15, Whonix-Host, whonix-libvirt, live-mode, Whonix
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Yes, worth it. I guess lots of people are going to try Whonix-Host inside a virtual machine before considering installation on real hardware. That's why I even would like to have ability to run Whonix-Host inside VirtualBox.

Please post new tickets in forums as per:
https://forums.whonix.org/t/abolishing-whonix-phabricator-issue-tracker-moving-issue-tracking-to-forums-migrating-phabricator-whonix-org-to-forums-whonix-org/7112

May 17 2020, 8:54 PM · Whonix 15, Whonix-Host, whonix-libvirt, live-mode, Whonix
marmarek added a comment to T992: Make SDW-Date widget in Qubes invokable by single-click.

Whonix. I'll ask @marmarta if she can help here.

May 17 2020, 12:27 AM · Whonix, sdwdate-gui

May 16 2020

ninavizz updated subscribers of T992: Make SDW-Date widget in Qubes invokable by single-click.

@marmarek Is this a Qubes or Whonix thing?

May 16 2020, 8:59 PM · Whonix, sdwdate-gui
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

But forgot to add sudo install_package_list+=" debug-misc "...

May 16 2020, 5:05 PM · Whonix 15, Whonix-Host, whonix-libvirt, live-mode, Whonix

May 15 2020

onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Just built 15.0.1.3.6-developers-only

May 15 2020, 11:42 AM · Whonix 15, Whonix-Host, whonix-libvirt, live-mode, Whonix
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Great! Will try to build tomorrow and report back... asap :)

May 15 2020, 1:11 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Please add your build commands to Whonix wiki Dev/Whonix-Host, then I can add suggestion there how to improve these.

Not sure what you mean here?

May 15 2020, 1:05 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

That's probably because of T950. You'd need to remove both:

quiet loglevel=0

I see. But I won't lose time trying to debug this particular build, I will just try a new one and see if the problem persists. Had some problems with lack of space on the VM I am building with, maybe related. Not worth debugging if it's a one time thing. We'll see.

May 15 2020, 12:05 AM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode

May 14 2020

Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Seems I have quite a flexible notion of "asap" :)...

May 14 2020, 9:11 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T950: set kernel.printk sysctl to prevent kernel info leaks.
May 14 2020, 8:58 PM · Debian version 11 codename Bullseye, Whonix 15, Whonix, security-misc
ninavizz added a comment to T963: Make Whonix GUI usable for high-risk non-technical Qubes users.

@Patrick No biggie wrt the paid developer to implement. I like your idea on the Qubes GitHub ticket, of posting an article on the website. I'll email you separately, to coordinate on that. Said website post, I'd like to accomplish two things: one, solicit user input on any/all UX work. Two, put out the call for paid GUI dev work.

May 14 2020, 7:21 PM · usability, sdwdate, Whonix, sdwdate-gui
Patrick added a comment to T963: Make Whonix GUI usable for high-risk non-technical Qubes users.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick I am currently working on a funding proposal, to get the UX work required to get production-ready handoffs to a developer, created.
May 14 2020, 7:02 PM · usability, sdwdate, Whonix, sdwdate-gui
onion_knight2 added a comment to T969: instructions how to burn Whonix-Host ISO image to DVD or USB.

Done, as well as further additions.

May 14 2020, 4:54 PM · Whonix 15, Whonix, Whonix-Host
onion_knight2 added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

Seems I have quite a flexible notion of "asap" :)...

May 14 2020, 4:47 PM · Whonix 15, Whonix-Host, whonix-libvirt, Whonix, live-mode
Patrick added a comment to T991: Update SDW-Date widget tray icons.

ninavizz (nina eleanor alter):

ninavizz added a comment.

@Patrick Wow, you are FAST!! <3 Thank you!

I did comment on the GitHub commit, with a "Waiting" icon (that Marta from Qubes pinged me on neglecting to include), and a grayscale "Stopped" icon—which will color better in the Qubes Tray UI. If those could make it into the commit, that would be superb.
May 14 2020, 2:01 PM · Whonix, sdwdate-gui