Page MenuHomePhabricator

HulaHoop (HulaHoop)Administrator
User

Projects

User Details

User Since
Nov 21 2014, 10:16 PM (211 w, 2 d)
Roles
Administrator

Recent Activity

Wed, Dec 5

HulaHoop added a comment to T878: remove mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 since these allow fingerprinting Whonix users.

My advice is to use a private address range reserved for this purpose by IANA. These will never be used in the future by anyone. Sine we use 10.x.x.x and moved away from 192.x.x.x, this leaves 172.x.x.x

Wed, Dec 5, 12:13 AM · anon-gw-anonymizer-config, Whonix 15, anon-mixmaster, Whonix

Mon, Dec 3

HulaHoop added a comment to T881: remove attempts to hide CPU information from VM in VirtualBox.

There's been research showing that trying to hide CPU information in a virtualizer is futile.

Mon, Dec 3, 7:07 PM · build, VirtualBox, Whonix 15, Whonix, Whonix 14
HulaHoop added a comment to T71: Show desktop clock in local time; keep system in UTC.

I think hiding the clock is a bad idea as a user may want to manually run sdwdate to adjust it if it's out of whack before initiating internet traffic. (This is on non-Qubes versions lacking auto time adjust)

Mon, Dec 3, 6:15 PM · research, whonix-setup-wizard, usability, desktop, Whonix
HulaHoop added a comment to T509: Consider nftables as a replacement for iptables.

https://researchut.com/post/migrating-firewall-to-nftables/

Mon, Dec 3, 6:02 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 28 2018

HulaHoop added a comment to T804: ParrotOS's Firejail Code.

I disagree. Firetools makes administration easier and has a place on both VMs.

Oct 28 2018, 4:49 AM · Whonix 16, Whonix

Oct 13 2018

HulaHoop added a comment to T80: direct SSL certificate pinning for check.torproject.org and torproject.org (curl method).

We can now grab the browser tarball from the TPO onion instead which makes this ticket obsolete. Close if you concur.

Oct 13 2018, 2:47 PM · Whonix, whonixcheck, tb-updater, security
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

Proposed implementations for multi-Tor suggested here:

Oct 13 2018, 12:44 AM · research, Whonix, user documentation
HulaHoop added a comment to T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs.

The short story is that things get worse very quickly, but there is hope.
The analysis below assumes only the adversary that runs guards and not the local adversary like the host OS or the Whonix processes themselves.
In my analysis I assume a hypothetical adversarial guard bandwidth of 10% of the entire network. This is an arbitrary number since we don't know the real number, but it serves to show the trends as we increase the guards per client and number of clients per user. I do the kind of analysis we do in the Conflux[1] paper which is very relevant here, especially Table 3 and its discussion in section 5.2. I update the numbers and extend that analysis for the scenarios you have described.

  1. 1 guard/client, 1 client/user. The adversary (i,e, the compromised guard) will have the ability to observe 10% of the clients and hence 10% users. This is the situation today.
  2. 2 guards/client, 1 client/user. This is worse than 1 above. There is now a 18% probability that only one of the guards is compromised per client and a 1% chance that two guards are compromised per client. The probability of at least one bad guard is hence 19%. There really is not a real distinction between one or two bad guards from the user perspective since in both situations the client will go through a malicious guard in a short period of time, since the guard is picked uniformly at random from the guard set.
  3. 1 guard/client, 2 clients/user. The observable clients again increase to 19% from the base 10% in 1 above. This means that if the user split her app (or group of apps) across the clients then there is a 19% chance that at least one of the app (groups) is compromised. However, for each client there is still only a 10% chance that a malicious guard is present. Is this configuration better than scenario 2 above? Perhaps, but let's look at the following scenario first.
  4. 2 guards/client, 2 clients/user. The observable clients increases to 54%. This means that there is a 54% chance that at least one bad guard is present. This is worse than all the other scenarios above. However, if we fix apps (or groups of apps) to particular clients then we can compare to scenario 2 where the app group/client is analogous and the same analysis holds. Then, for each client there is again a 19% chance that there is a malicious guard present. If we compare to 3 above we can see that if we only use 1 guard/client then we can drop the exposure back down to 10% for that client and hence app group.

    Taking the above into account we can get good results by keeping the guard set size to 1 and users spin up one client for each app. Then we can achieve at most 10% of apps compromised at *any given time* but not simultaneously. We can call this scenario (which is an extension of scenario 3) the 1 guard/app scenario (1G/A). See the appendix for more tweaks to decrease guard exposure.

    If we want to consider 1G/A, then the next question for your user base is that is it better to either 1) have some portion of your apps compromised at *all* times (scenario 1G/A) or 2) have *all* your apps compromised some portion of the time (scenario 1). Tor tends to bend towards option 2, but then they have not considered the option of multi-client usage since it doesn't improve the situation in a non-compartmentalized setting, unlike the Whonix situation. I believe that option 2 is flawed because you never know if you are in fact currently compromised or not. It might be better to go ahead with assuming that you are compromised and mitigating that compromise to some portion of your network activity than all or nothing, which is what option 1 provides.

    I hope that answers your questions. Please do not hesitate to get in touch again if you would like to discuss further. I think this is a very interesting problem area and would be happy to contribute to improving the situation.

    Best regards, Tariq Elahi

    [1] http://cacr.uwaterloo.ca/techreports/2013/cacr2013-16.pdf

    Appendix We can do better if we allow a user's clients to look at each other's lists to exclude guards that are already picked. The benefit would be that once the bad bandwith has been assigned it can no longer affect subsequent guard selections. However, clients looking at each other's memory space will compromise your vision of process containment. A zero knowledge/oblivious method for comparing guard lists might work to avoid this problem, and indeed the adversarial response will be weak since the best they can do is spread their bad bandwidth over many relays and at best return to the original exposure rate (e.g. 10%) but now with added costs of running many more relays.
Oct 13 2018, 12:42 AM · research, Whonix, user documentation
HulaHoop closed T872: mouse does not work in Whonix-Workstation 14 KVM as Invalid.

Sorry not reproducible on my end. May be related to the fact that you are running a non-standard setup with custom compiled binaries. By running packages from your distro there is a higher chance that bugs are more visible for more people and more likely to be fixed.

Oct 13 2018, 12:37 AM · Whonix, Whonix 14, KVM

Oct 12 2018

HulaHoop closed T869: Install Firejail by default inside Whonix as Resolved.

Closing. duplicate of:

Oct 12 2018, 12:21 AM · Whonix 15, Whonix, firejail
HulaHoop closed T873: Remove Ricochet from Whonix as Invalid.

There is nothing dead about it. I jsut explained this on the forum. It is perfectly workable and openprivacy is owrking on creating a P2P asynchronous chat solution over its protocol.

Oct 12 2018, 12:15 AM · Whonix, Whonix 15
HulaHoop added a comment to T869: Install Firejail by default inside Whonix.

It's on the roadmap but a little far off until ParrotOS changes can be combined with the upstream package. It will make maintenance and turning it on by default much more easier.

Oct 12 2018, 12:12 AM · Whonix 15, Whonix, firejail
HulaHoop added a comment to T872: mouse does not work in Whonix-Workstation 14 KVM.

It could be the VM is confused because apparently there are two types of mice attached. I assumed that by adding virtio-mouse it would override and replace the emulated one. Turns out its not this way and I went ahead and reverted this config which should be effective in the next release.

Oct 12 2018, 12:11 AM · Whonix, Whonix 14, KVM

Oct 4 2018

HulaHoop added a comment to T837: create Whonix project accounts.

@TNTBOMBOM I added a few more sites in a second paragraph first ticket. Please create the accounts when you have time.

Oct 4 2018, 3:12 PM · outreach, Whonix
HulaHoop updated the task description for T837: create Whonix project accounts.
Oct 4 2018, 3:11 PM · outreach, Whonix

Sep 17 2018

HulaHoop renamed T819: persistent / live mode indicator systray - graphical indication on the desktop that system is running in live mode vs persistent mode from persistent / love mode indicator systray - graphical indication on the desktop that system is running in live mode vs persistent mode to persistent / live mode indicator systray - graphical indication on the desktop that system is running in live mode vs persistent mode.
Sep 17 2018, 3:06 AM · live-mode, Whonix

Sep 14 2018

HulaHoop added a comment to T769: Adding zulucrypt to Whonix.

Test out the (LUKS wrapper) Tomb implementation in KDE Vault. Should be around by Buster.

Sep 14 2018, 3:46 AM · Debian version 10 codename Buster

Sep 11 2018

HulaHoop triaged T833: Software to inlcude from backports as Normal priority.
Sep 11 2018, 7:38 PM · anon-apt-sources-list, Whonix 16, Whonix
HulaHoop triaged T832: sdwdate support for GETINFO “current-time/{local,utc}” as Normal priority.
Sep 11 2018, 7:32 PM · sdwdate-server, sdwdate, Whonix

Aug 17 2018

HulaHoop added a comment to T544: systemd-socket-proxyd instructions template.

Template created: https://www.whonix.org/wiki/Template:Systemd-socket-proxyd

Aug 17 2018, 8:39 PM · Whonix 15, user documentation, Whonix, design documentation
HulaHoop added a comment to T803: coyIM.

Offtopic: There is a PR from Algernon for intramfs packages, what s their status?

Aug 17 2018, 5:53 PM · Whonix 15, Whonix
HulaHoop triaged T820: Missing pinentry-qt as Normal priority.
Aug 17 2018, 4:48 PM · Whonix 15, Whonix 14, Whonix, bug

Aug 16 2018

HulaHoop closed T367: Mixmaster GUI Options as Wontfix.

Non-Debian dependencies and non materialization of TUF PyPi makes a secure way to obtain this package impossible.

Aug 16 2018, 5:42 PM · user documentation, research, usability, Whonix
HulaHoop lowered the priority of T560: finish RetroShare over Tor port redirection instructions from Low to Wishlist.
Aug 16 2018, 5:27 PM · Whonix, user documentation
HulaHoop edited projects for T769: Adding zulucrypt to Whonix, added: Debian version 10 codename Buster; removed Whonix 15.
Aug 16 2018, 5:24 PM · Debian version 10 codename Buster
HulaHoop placed T600: Integrating Guix/Nix Package Manager up for grabs.
Aug 16 2018, 5:16 PM · Whonix, packaging, research
HulaHoop placed T772: Managing programs without Tor Socks / DNS Support up for grabs.
Aug 16 2018, 5:15 PM · research

Aug 15 2018

HulaHoop added a comment to T803: coyIM.

Old pull request:
https://github.com/Whonix/anon-meta-packages/pull/8

Aug 15 2018, 7:33 PM · Whonix 15, Whonix

Aug 12 2018

HulaHoop added a comment to T803: coyIM.

Done. Connects successfully even when Transparent TCP/DNS disabled on gateway. So it uses stream isolation out of the box and is ready for prime time.

Aug 12 2018, 7:07 PM · Whonix 15, Whonix

Aug 10 2018

HulaHoop added a comment to T803: coyIM.

So what task remains for this DNS/TransPort leak testing?

Aug 10 2018, 4:38 PM · Whonix 15, Whonix
HulaHoop reopened T596: keep an eye on kloak anti keystroke deanonymization tool as "Open".

He was busy those past few months and thought there was no interest. @Patrick Expect a new release this coming week.

Aug 10 2018, 4:37 PM · Whonix 16, security, Whonix

Aug 9 2018

HulaHoop added a comment to T596: keep an eye on kloak anti keystroke deanonymization tool.

Ping:
https://github.com/vmonaco/kloak/issues/10

Aug 9 2018, 9:37 PM · Whonix 16, security, Whonix

Aug 8 2018

HulaHoop added a comment to T596: keep an eye on kloak anti keystroke deanonymization tool.

Why not ping him first? Its a waste of good work otherwise.

Aug 8 2018, 4:55 PM · Whonix 16, security, Whonix

Aug 7 2018

HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

In theory, we could make sdwdate provide a local (default) (or optional opt-in server) NTP compatible time provider. Could be useful anyhow. -> sdwdate-server No idea how hard that would be.

And then configure NTP to connect only to that local NTP server.

Aug 7 2018, 8:37 AM · Whonix, C Code, sclockadj, sdwdate
HulaHoop closed T814: find out what the most popular time synchronization daemon is / find out debian's default time synchronization daemon as Resolved.
Aug 7 2018, 8:16 AM · Whonix, Whonix 15, sclockadj, sdwdate
HulaHoop closed T814: find out what the most popular time synchronization daemon is / find out debian's default time synchronization daemon, a subtask of T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock, as Resolved.
Aug 7 2018, 8:16 AM · Whonix, C Code, sclockadj, sdwdate
HulaHoop closed T798: VLC X11 Decoding by default as Resolved.
Aug 7 2018, 8:16 AM · anon-apps-config, Whonix 15, Whonix

Aug 6 2018

HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

The easy way: calculating the offset between local time and the onion average in timesync then using ntpdate's slew option if the offset is less than 0.5s. Otherwise you tell it to step up the time immediately so that you are accurately mimicking the default behavior. However you can force slewing all the time with -B. This way you won't need to touch kernel syscalls as ntpdate should be able to do the operation for you.

Aug 6 2018, 8:28 PM · Whonix, C Code, sclockadj, sdwdate
HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

From what I understand, this code path is only relevant when timesyncd is talking directly with NTP servers and reacting to replies about deltas between local and remote times. There is no way you can call that function from the command line when using timedatectl standalone AFAICT.

Aug 6 2018, 5:46 PM · Whonix, C Code, sclockadj, sdwdate

Aug 3 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Playing devil's advocate here: Ted Ts'o [0] expresses strong skepticism about the efficacy of RNGs that rely on CPU jitter. summary: CPU jitter may not be random as thought to someone who designed the CPU cache and know how its internals "tick" [1]. So while these RNGs may not harm, another solution for RNG-less platforms may be a good idea.

Aug 3 2018, 6:10 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

An interesting implementation to work around early boot entropy scarcity with havegedis to include it in the initrd. May be hackish but could be easier for Marmarek than writing something at the EFI level.

Aug 3 2018, 5:53 AM · security, Qubes, Whonix
HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Done. Asked about Xen too but they may not be familiar with its innards. You may want to contact the Xen devs directly using my message as a template.

Aug 3 2018, 5:34 AM · security, Qubes, Whonix

Aug 2 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

I think its worth asking the hypervisor devs if this applies for the platforms we care about.

Aug 2 2018, 5:33 AM · security, Qubes, Whonix

Jul 31 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

jitterentropy-rng should solve this and is a mainline Linux solution that works the same way haveged does. Please see: https://phabricator.whonix.org/T817

Jul 31 2018, 4:23 AM · security, Qubes, Whonix
HulaHoop triaged T817: install jitterentropy by default as Normal priority.
Jul 31 2018, 4:22 AM · Debian version 10 codename Buster, Whonix

Jul 27 2018

HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

Since we are interested in ntpd's default behavior (for blending in purposes) it turns out that it performs instant clock jumps once the delta difference is excessively large otherwise its slewing algorithm would take forever to adjust the time.

Jul 27 2018, 7:33 PM · Whonix, C Code, sclockadj, sdwdate
HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

It doesn't seem that timedatectl supports gradual time adjustment. Our next best option is ntpd which can do so but cannot coexist with timedatectl - we can only run either but not both. According to popcon, ntpd is the mos widely used time daemon so its the natural choice.

Jul 27 2018, 6:22 PM · Whonix, C Code, sclockadj, sdwdate

Jul 25 2018

HulaHoop added a comment to T815: sclockadj fingerprinting defense - set time using sclockadj the same way NTP / sntp / chrony / systemd-timesyncd is changing the clock.

the time could be set with timedatectl by feeding it the time with this command:

Jul 25 2018, 9:20 PM · Whonix, C Code, sclockadj, sdwdate
HulaHoop added a comment to T814: find out what the most popular time synchronization daemon is / find out debian's default time synchronization daemon.

Stretch+ uses systemd-timesyncd by default therefore its the most popular.

Jul 25 2018, 8:38 PM · Whonix, Whonix 15, sclockadj, sdwdate
HulaHoop triaged T813: Onion Vanguard Security plugin as Normal priority.
Jul 25 2018, 2:01 AM · Whonix

Jul 22 2018

HulaHoop added a comment to T600: Integrating Guix/Nix Package Manager.

@ng0 I wrote a proposal draft. Feel free to improve it before I post:

Jul 22 2018, 6:23 PM · Whonix, packaging, research

Jun 30 2018

HulaHoop added a comment to T798: VLC X11 Decoding by default.

https://github.com/Whonix/anon-apps-config/pull/4/commits/295b0702221cb4bc2116379fe0861cc6367bfa22

Jun 30 2018, 11:52 PM · anon-apps-config, Whonix 15, Whonix

Jun 29 2018

HulaHoop added a comment to T801: use libresolv-wrapper rather than functional Whonix-Gateway system DNS resolver?.

Check these alternatives out:

Jun 29 2018, 11:58 PM · Whonix, Whonix 16, research, anon-gw-dns-conf
HulaHoop added a comment to T798: VLC X11 Decoding by default.

OK did so there

Jun 29 2018, 11:34 PM · anon-apps-config, Whonix 15, Whonix

Jun 26 2018

HulaHoop triaged T806: Preload and similar performance tuneups as Normal priority.
Jun 26 2018, 7:20 AM · Whonix
HulaHoop triaged T805: cwtch as Normal priority.
Jun 26 2018, 7:16 AM · Whonix
HulaHoop triaged T804: ParrotOS's Firejail Code as Normal priority.
Jun 26 2018, 7:12 AM · Whonix 16, Whonix

Jun 25 2018

HulaHoop triaged T803: coyIM as Normal priority.
Jun 25 2018, 2:20 PM · Whonix 15, Whonix

Jun 22 2018

HulaHoop triaged T800: Migrating from Github as Normal priority.
Jun 22 2018, 5:13 PM · Whonix
HulaHoop added a comment to T798: VLC X11 Decoding by default.

https://github.com/Whonix/anon-apps-config/pull/3/commits/4a882d8b5573839d0e8bbad1a06da1d448cddba6

Jun 22 2018, 4:42 PM · anon-apps-config, Whonix 15, Whonix

Jun 20 2018

HulaHoop added a comment to T509: Consider nftables as a replacement for iptables.

nftables transition info:

Jun 20 2018, 3:03 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

May 31 2018

HulaHoop added a comment to T798: VLC X11 Decoding by default.

Did a diff between the versions of the file before/after the change and here is the output:

May 31 2018, 2:44 PM · anon-apps-config, Whonix 15, Whonix

May 30 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

Perhaps Qubes guys can have the entropybroker package communicate over the qrexec protocol to seed entropy from a reliable source like Dom0 to the other domains.

May 30 2018, 5:52 AM · security, Qubes, Whonix
HulaHoop triaged T798: VLC X11 Decoding by default as Normal priority.
May 30 2018, 5:44 AM · anon-apps-config, Whonix 15, Whonix
HulaHoop closed T776: Have 'Obey DRM limitations' in Okular unticked by default as Resolved.
May 30 2018, 5:41 AM · Whonix

May 18 2018

HulaHoop added a comment to T727: solve the Xen entropy scarcity problem / implement something like virtio-rng into Xen upstream.

You can probably use virtio-rng since Qubes now runs on HVM mode and uses QEMU

May 18 2018, 3:20 PM · security, Qubes, Whonix
HulaHoop added a comment to T600: Integrating Guix/Nix Package Manager.

If you would have read the chat content (which I assume you didn't), you would see some insight into the problems and what possible solutions there are.

May 18 2018, 3:18 PM · Whonix, packaging, research

May 16 2018

HulaHoop closed T602: OnionMail as Wontfix.

Project looks dead no recent releases.

May 16 2018, 2:41 PM · Whonix 15, research, Whonix
HulaHoop added a comment to T544: systemd-socket-proxyd instructions template.

All socat mentions here with 7 results, less if we want the relevant pages only: https://www.whonix.org/w/index.php?title=Special%3ASearch&profile=default&fulltext=Search&search=socat

May 16 2018, 2:09 PM · Whonix 15, user documentation, Whonix, design documentation
HulaHoop added a comment to T544: systemd-socket-proxyd instructions template.

@Patrick seems self explanatory. How are we doing on RAM use? Is it any more or less efficient than socat after you cut down the number of spawned instances?

May 16 2018, 2:04 PM · Whonix 15, user documentation, Whonix, design documentation
HulaHoop closed T696: 32-bit OpenJDK on 64-bit Stretch as Wontfix.

I went ahead and reverted clflush restrictions to open the way for I2P by default without extra fiddling needed.

May 16 2018, 2:01 PM · user documentation, Whonix
HulaHoop added a comment to T776: Have 'Obey DRM limitations' in Okular unticked by default.

Done:

May 16 2018, 1:58 PM · Whonix

May 12 2018

HulaHoop added a comment to T776: Have 'Obey DRM limitations' in Okular unticked by default.

Interesting backstory about this anti-feature in Debian. Nonetheless I've found a solution.

May 12 2018, 2:50 AM · Whonix
HulaHoop added a comment to T776: Have 'Obey DRM limitations' in Okular unticked by default.

Interesting backstory about this anti-feature in Debian. Nonetheless I've found a solution.

May 12 2018, 2:45 AM · Whonix

May 8 2018

HulaHoop triaged T795: Customized welcome page and bookmarks for I2P / Alt TBB (keyword: homepage) as Normal priority.
May 8 2018, 6:15 PM · html, whonix-welcome-page, Whonix
HulaHoop triaged T794: wiki template / broken gpg command updated as Normal priority.
May 8 2018, 1:43 AM · Whonix, user documentation

Apr 29 2018

HulaHoop added a comment to T114: Permanent Takedown Attack Defender.

The public tahoeLAFS introducer is dormant:
https://tahoe-lafs.org/pipermail/tahoe-dev/2018-April/009913.html

Apr 29 2018, 4:39 PM · whonixcheck, upstream, enhancement, security, Whonix

Mar 22 2018

HulaHoop added a comment to T600: Integrating Guix/Nix Package Manager.

A switch to /opt/ seems like a great compromise that can shut up the FHS zealots. Is this something the Guix guys can do or is it for the adopting distro to handle?

Mar 22 2018, 1:33 PM · Whonix, packaging, research

Mar 19 2018

HulaHoop added a comment to T600: Integrating Guix/Nix Package Manager.

Awesome progress thanks for the updates :) Right, the advantage of Guix is precisely that it doesn't follow FHS. Its worth trying to ask for an exception from upstream no matter how slim the chances - at least there's more of a chance than never asking at all.

Mar 19 2018, 10:15 PM · Whonix, packaging, research

Mar 2 2018

HulaHoop updated the task description for T775: I2P Integration.
Mar 2 2018, 5:00 PM · Whonix, research
HulaHoop triaged T775: I2P Integration as Normal priority.
Mar 2 2018, 4:32 PM · Whonix, research

Mar 1 2018

HulaHoop triaged T774: [Revised] Clock Drift Correction Proposal as Normal priority.
Mar 1 2018, 6:42 PM · KVM, Whonix, research
HulaHoop added a comment to T550: Clock Drift Detection.

NB for the record: with qemu-ga a guest can still shut itself off via crafted input to the agent. So besides removing timer access to the guest, there was no other advantage to removing ACPI.

Mar 1 2018, 6:13 PM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T550: Clock Drift Detection.

Actually we don't have to suspend the guest. Execution of any command on the host after resume is enough to create a uniqu event in the qemu-ga's log file.

Mar 1 2018, 4:34 AM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T550: Clock Drift Detection.

The proper and direct way to use virsh to communicate with guest agent:

Mar 1 2018, 12:53 AM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T550: Clock Drift Detection.

The YAJL parser used in libvirt is tiny, modern (written in2007) and has no CVEs. It is an SAX type event-driven parser unlike the vulnerable, top-down recursive descent type that was used in QEMU.

Mar 1 2018, 12:03 AM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix

Feb 28 2018

HulaHoop added a comment to T550: Clock Drift Detection.

https://wiki.libvirt.org/page/Qemu_guest_agent

Feb 28 2018, 11:39 PM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T550: Clock Drift Detection.

It turns out the QEMU guest agent warning was not relevant to those who use libvirt. With libvirt a safe parser is used. Breakouts can only happen if a process on the host is designed to parse guest input because there is no way to control that otherwise it should be safe for our uses. This potentially simplifies the design in many respects but a host package will still be needed. I will update the task list.

Feb 28 2018, 8:40 PM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T550: Clock Drift Detection.

https://www.redhat.com/archives/libvirt-users/2018-February/msg00083.html
[libvirt-users] QEMU guest-agent safety in hostile VM?

Feb 28 2018, 7:40 PM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix
HulaHoop added a comment to T114: Permanent Takedown Attack Defender.

*Most recet info on test grid can be found from their freenode IRC channel

Feb 28 2018, 7:18 PM · whonixcheck, upstream, enhancement, security, Whonix
HulaHoop edited projects for T769: Adding zulucrypt to Whonix, added: Whonix 15; removed Whonix.
Feb 28 2018, 4:32 PM · Debian version 10 codename Buster
HulaHoop triaged T773: Shipping Mumble VoIP as Normal priority.
Feb 28 2018, 4:29 PM · Whonix
HulaHoop edited projects for T772: Managing programs without Tor Socks / DNS Support, added: Whonix 15; removed Whonix.
Feb 28 2018, 4:23 PM · research
HulaHoop triaged T772: Managing programs without Tor Socks / DNS Support as Normal priority.
Feb 28 2018, 4:22 PM · research
HulaHoop triaged T771: Implementing an Onionshare alternative as Normal priority.
Feb 28 2018, 4:12 PM · Whonix, Whonix 15
HulaHoop triaged T770: Custom TBB profile for localhost access + Privoxy as Normal priority.
Feb 28 2018, 4:07 PM · Whonix
HulaHoop triaged T769: Adding zulucrypt to Whonix as Low priority.
Feb 28 2018, 3:45 PM · Debian version 10 codename Buster

Feb 27 2018

HulaHoop added a comment to T114: Permanent Takedown Attack Defender.

Asked the devs some questions about integration:

Feb 27 2018, 6:34 PM · whonixcheck, upstream, enhancement, security, Whonix
HulaHoop added a comment to T114: Permanent Takedown Attack Defender.

Whonix project metadata could be distributed using Tahoe-LAFS - a redundant, encrypted storage array accessible over Tor. Instructions to users about alternative download mechanisms of the project's code and documentation can be passed thru this channel.

Feb 27 2018, 2:33 AM · whonixcheck, upstream, enhancement, security, Whonix

Feb 14 2018

HulaHoop added a comment to T550: Clock Drift Detection.

Yes there are less moving parts especially when multiple WSs share a GW. Some way to exempt timesync traffic from the WS would be needed though.

Feb 14 2018, 1:12 AM · Whonix-Host, VirtualBox, KVM, sdwdate, Whonix