Page MenuHomePhabricator

Needs Triage (1)

Normal (13)

  • No repositories found for this query.

Mon, Feb 18

Patrick added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

Yes.

Mon, Feb 18, 10:47 PM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix
HulaHoop added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

Other imporvements in this thread such as functioning SMTP gateways are also part of this ticket:

Mon, Feb 18, 7:01 PM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix
HulaHoop added a comment to T580: Document recovery procedure after compromise.

God for the time being, if anyone wants to add more there is an outline of what procedures can be done, to add to.

Mon, Feb 18, 6:57 PM · user documentation, Whonix
HulaHoop closed T580: Document recovery procedure after compromise as Resolved.
Mon, Feb 18, 6:57 PM · user documentation, Whonix
Patrick closed T463: Qubes-Whonix-Workstation DispVM Support as Resolved.

Looks like nothing more to do here.

Mon, Feb 18, 9:39 AM · Whonix, Qubes
Patrick closed T409: qubes-whonix-network.service doesn't provide helpful error message when !CONFIG_DUMMY as Invalid.

Since grsecurity is not a thing anymore, closing this as invalid.

Mon, Feb 18, 9:37 AM · grsecurity, Qubes, Whonix
Patrick updated the task description for T466: Qubes sys-whonix does not do its job as Qubes FirewallVM.
Mon, Feb 18, 9:30 AM · iptables, whonix-gw-firewall, Whonix, Qubes

Sat, Feb 16

Patrick closed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Resolved.
Sat, Feb 16, 1:56 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick claimed T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start.

I also noticed the file "~/.tb/first-boot-home-population.done" which suggests that whonix does something on first boot

Sat, Feb 16, 1:54 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
Patrick triaged T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start as Normal priority.
Sat, Feb 16, 9:50 AM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix

Fri, Feb 15

Herald added a project to T894: Tor Browser in whonix-ws-14 based VMs sometimes blocks JavaScript on first start: Whonix.
Fri, Feb 15, 6:20 PM · Whonix 15, Whonix 14, Qubes, tb-updater, Whonix
marmarek added a comment to T709: port Whonix package build process to Qubes package build process.

To build a package with qubes-builder, you need to add Makefile.builder file with just one line: DEBIAN_BUILD_DIRS := debian. This will tell qubes-builder that given repository contains Debian package.
Alternatively, if that would be too much of a problem, it should be easy to add an option that do auto detection (probably just looks for debian directory).

Fri, Feb 15, 12:20 AM · security, Qubes, build, Whonix

Thu, Feb 14

Patrick added projects to T709: port Whonix package build process to Qubes package build process: build, Qubes, security.
Thu, Feb 14, 8:01 PM · security, Qubes, build, Whonix
Patrick updated the task description for T615: use Reproducible Builds Experimental Toolchain by Debian.
Thu, Feb 14, 7:45 PM · Whonix, Verifiable Builds, build
Patrick closed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion as Resolved.
Thu, Feb 14, 7:43 PM · anon-apt-sources-list, Whonix

Sat, Feb 9

Patrick assigned T893: Mouse cursor rarely works on KVM Whonix WS 14.0.1.3.8 to HulaHoop.
Sat, Feb 9, 3:59 PM · KVM, Whonix
Herald added a project to T893: Mouse cursor rarely works on KVM Whonix WS 14.0.1.3.8: Whonix.
Sat, Feb 9, 2:33 PM · KVM, Whonix

Sun, Feb 3

Patrick added a comment to T580: Document recovery procedure after compromise.

I am slow to review this. Finally got to it. More feedback here:

Sun, Feb 3, 10:33 AM · user documentation, Whonix

Sat, Feb 2

HulaHoop closed T544: systemd-socket-proxyd instructions template as Resolved.
Sat, Feb 2, 8:57 PM · Whonix 15, user documentation, design documentation, Whonix
HulaHoop added a comment to T544: systemd-socket-proxyd instructions template.

I created a user documentation page explaining this feature and when to use it for users to understand.

Sat, Feb 2, 8:56 PM · Whonix 15, user documentation, design documentation, Whonix
Patrick added a comment to T544: systemd-socket-proxyd instructions template.

Not only relevant for retroshare.

Sat, Feb 2, 9:35 AM · Whonix 15, user documentation, design documentation, Whonix
Patrick added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

Sounds good!

Sat, Feb 2, 9:19 AM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix
HulaHoop added a comment to T769: Adding zulucrypt to Whonix.

Moved to xfce so past comment is irrelevant. Will test Zulu after moving to Buster and add if it works.

Sat, Feb 2, 3:49 AM · Debian version 10 codename Buster
HulaHoop added a comment to T544: systemd-socket-proxyd instructions template.

@Patrick Was this only relevant for Retroshare?

Sat, Feb 2, 3:48 AM · Whonix 15, user documentation, design documentation, Whonix
HulaHoop closed T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs as Resolved.

The concept was documented for operational use. Auto Guard de-duplication considered too complex to deploy and manual checking is enough.

Sat, Feb 2, 3:47 AM · research, Whonix, user documentation
HulaHoop added a comment to T892: Mixmaster replacement remailer stat lists.

Mixmaster is not present in Buster BTW

Sat, Feb 2, 3:45 AM · Whonix
HulaHoop closed T892: Mixmaster replacement remailer stat lists as Invalid.

Looks like someone beat us to it:

Sat, Feb 2, 3:43 AM · Whonix
HulaHoop added a comment to T580: Document recovery procedure after compromise.

Ready to close if happy.

Sat, Feb 2, 3:39 AM · user documentation, Whonix
HulaHoop added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

Middle of the range solution. How does this sound? Confirmed it falls within the private address CIDR:

Sat, Feb 2, 3:36 AM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix

Thu, Jan 31

Patrick added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

My advice is to use a private address range reserved for this purpose by IANA. These will never be used in the future by anyone. Sine we use 10.x.x.x and moved away from 192.x.x.x, this leaves 172.x.x.x

172.16.0.0 – 172.31.255.255

https://en.wikipedia.org/wiki/Private_network

Thu, Jan 31, 12:15 PM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix
Patrick changed the status of T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users from testing-in-next-build-required to Open.
Thu, Jan 31, 12:06 PM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix
Patrick added a comment to T892: Mixmaster replacement remailer stat lists.

Whonix doesn't ship a list of these.

Thu, Jan 31, 7:45 AM · Whonix
HulaHoop updated the task description for T892: Mixmaster replacement remailer stat lists.
Thu, Jan 31, 2:20 AM · Whonix
HulaHoop triaged T892: Mixmaster replacement remailer stat lists as Normal priority.
Thu, Jan 31, 2:17 AM · Whonix

Wed, Jan 23

Patrick updated the task description for T114: Permanent Takedown Attack Defender.
Wed, Jan 23, 11:15 AM · whonixcheck, upstream, enhancement, security, Whonix
Patrick updated the task description for T114: Permanent Takedown Attack Defender.
Wed, Jan 23, 11:14 AM · whonixcheck, upstream, enhancement, security, Whonix
Patrick assigned T580: Document recovery procedure after compromise to HulaHoop.
Wed, Jan 23, 10:09 AM · user documentation, Whonix
Patrick added a comment to T580: Document recovery procedure after compromise.

Let me know the title and place and I'll put something up.

Wed, Jan 23, 9:59 AM · user documentation, Whonix
Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from Open to testing-in-next-build-required.

https://github.com/Whonix/genmkfile/commit/c0d35c24569dea4af1b873c3a89bbf492cd44470
https://github.com/Whonix/Whonix/commit/0c63f16671e2387f1ccf86f791a77657f305f4f7

Wed, Jan 23, 7:32 AM · anon-apt-sources-list, Whonix
Patrick closed T678: tb-updater onion mirros downloads support as Resolved.
Wed, Jan 23, 5:45 AM · security, Whonix 15, Whonix 14, tb-updater, Whonix