Page MenuHomePhabricator

Patrick (Patrick Schleizer)
a maintainer of WhonixAdministrator

User Details

User Since
Nov 20 2014, 4:36 PM (263 w, 14 h)
Roles
Administrator

Recent Activity

Yesterday

Patrick updated the task description for T941: lock down interpreters / compilers (interpreter lock) (compiler lock).
Thu, Dec 5, 4:16 PM · Whonix, security
Patrick updated the task description for T941: lock down interpreters / compilers (interpreter lock) (compiler lock).
Thu, Dec 5, 4:12 PM · Whonix, security
Patrick renamed T941: lock down interpreters / compilers (interpreter lock) (compiler lock) from lock down interpreters (interpreter lock) to lock down interpreters / compilers (interpreter lock) (compiler lock).
Thu, Dec 5, 4:12 PM · Whonix, security
Patrick updated the task description for T941: lock down interpreters / compilers (interpreter lock) (compiler lock).
Thu, Dec 5, 4:07 PM · Whonix, security
Patrick triaged T942: polish Whonix Host Firewall for Whonix Host as Normal priority.
Thu, Dec 5, 4:04 PM · security, Whonix, Whonix-Host
Patrick renamed T941: lock down interpreters / compilers (interpreter lock) (compiler lock) from lock down interpreters to lock down interpreters (interpreter lock).
Thu, Dec 5, 3:51 PM · Whonix, security
Patrick triaged T941: lock down interpreters / compilers (interpreter lock) (compiler lock) as Normal priority.
Thu, Dec 5, 3:51 PM · Whonix, security
Patrick updated the task description for T940: grub boot password.
Thu, Dec 5, 3:35 PM · security, Whonix, Whonix-Host
Patrick triaged T940: grub boot password as Normal priority.
Thu, Dec 5, 3:22 PM · security, Whonix, Whonix-Host
Patrick updated the task description for T868: mediawiki fixes #2.
Thu, Dec 5, 9:14 AM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Thu, Dec 5, 9:13 AM · Whonix, website
Patrick updated the task description for T771: install magic-wormhole by default / Implementing an Onionshare alternative.
Thu, Dec 5, 6:57 AM · Whonix 14, Whonix, Whonix 15

Mon, Nov 25

Patrick updated the task description for T543: TCP ISNs and Temperature induced clock skews.
Mon, Nov 25, 1:32 PM · C Code, security, Whonix

Sat, Nov 23

Patrick closed T938: request apparmor environment scrubbing whitelist from AppArmor upstream as Resolved.

Awesome!

Sat, Nov 23, 5:53 PM · apparmor-profile-everything, Whonix, AppArmor
Patrick triaged T939: file permissions hardening lockdown as Normal priority.
Sat, Nov 23, 5:25 PM · Whonix, security-misc
Patrick triaged T938: request apparmor environment scrubbing whitelist from AppArmor upstream as Normal priority.
Sat, Nov 23, 5:23 PM · apparmor-profile-everything, Whonix, AppArmor
Patrick added a member for security-misc: madaidan.
Sat, Nov 23, 5:20 PM
Patrick triaged T937: make /boot unreadable for non-root users as Normal priority.
Sat, Nov 23, 5:19 PM · Whonix, security-misc
Patrick closed T936: apparmor-profile-everything breaks Qubes upgrading as Resolved.
Sat, Nov 23, 5:07 PM · apparmor-profile-everything, Qubes, Whonix, AppArmor
Patrick added a project to T936: apparmor-profile-everything breaks Qubes upgrading : apparmor-profile-everything.
Sat, Nov 23, 5:07 PM · apparmor-profile-everything, Qubes, Whonix, AppArmor
Patrick added a member for apparmor-profile-everything: madaidan.
Sat, Nov 23, 5:07 PM
Patrick created apparmor-profile-everything.
Sat, Nov 23, 5:06 PM
Patrick added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

Could you add to git please?

Sat, Nov 23, 4:41 PM · apparmor-profile-everything, Qubes, Whonix, AppArmor
Patrick added a comment to T936: apparmor-profile-everything breaks Qubes upgrading .

Works.

Sat, Nov 23, 4:38 PM · apparmor-profile-everything, Qubes, Whonix, AppArmor
Patrick triaged T936: apparmor-profile-everything breaks Qubes upgrading as Normal priority.
Sat, Nov 23, 4:16 PM · apparmor-profile-everything, Qubes, Whonix, AppArmor

Thu, Nov 21

Patrick updated the task description for T470: Whonix home page redesign.
Thu, Nov 21, 8:56 PM · html, Whonix, user documentation
Patrick closed T588: improve Troubleshooting / Test as Resolved.

Good enough.

Thu, Nov 21, 8:55 PM · Whonix, user documentation
Patrick closed T621: Combatting sclockadj's log spam as Resolved.

Not a problem anymore.

Thu, Nov 21, 8:54 PM · Debian version 10 codename Buster, research, Whonix

Sat, Nov 16

Patrick updated the task description for T543: TCP ISNs and Temperature induced clock skews.
Sat, Nov 16, 11:20 AM · C Code, security, Whonix
Patrick added a comment to T543: TCP ISNs and Temperature induced clock skews.
Sat, Nov 16, 11:19 AM · C Code, security, Whonix
Patrick updated the task description for T543: TCP ISNs and Temperature induced clock skews.
Sat, Nov 16, 11:18 AM · C Code, security, Whonix

Fri, Nov 8

Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 4:50 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 4:21 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:59 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:58 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:57 PM · Whonix, website
Patrick closed T809: mediawiki fixes as Resolved.

Migrated remaining task to T868.

Fri, Nov 8, 3:56 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:56 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:53 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:52 PM · Whonix, website
Patrick updated the task description for T868: mediawiki fixes #2.
Fri, Nov 8, 3:51 PM · Whonix, website

Nov 6 2019

Patrick updated subscribers of T362: systemd SystemCallFilter= containment option seccomp hardening.
Nov 6 2019, 3:34 AM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix
Patrick closed T362: systemd SystemCallFilter= containment option seccomp hardening as Resolved.

This was done. If not, please create specific tickets where it isn't done.

Nov 6 2019, 3:34 AM · enhancement, whonixcheck, msgcollector, sdwdate, onion-grater (Control Port Filter Proxy), security, Debian version 9 codename Stretch, systemd, Whonix
Patrick closed T444: test if Ricochet IM instructions are functional as Invalid.

https://www.whonix.org/wiki/Chat#Ricochet_IM

Nov 6 2019, 3:33 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Nov 4 2019

Patrick closed T918: mediawiki extensions to install for better links as Resolved.

Installed. See screenshot on how to use:

Nov 4 2019, 3:33 PM · server-ssh-access-required, website, Whonix

Nov 3 2019

Patrick updated the task description for T935: add Whonix newsletter.
Nov 3 2019, 8:33 AM · Whonix, website
Patrick updated subscribers of T935: add Whonix newsletter.
Nov 3 2019, 8:33 AM · Whonix, website
Patrick triaged T935: add Whonix newsletter as Normal priority.
Nov 3 2019, 8:32 AM · Whonix, website

Oct 25 2019

Patrick closed T934: fix whonix-wiki-html backup / fix scrape-whonix-wiki.sh as Resolved.
Oct 25 2019, 1:38 PM · website, Whonix
Patrick added a comment to T934: fix whonix-wiki-html backup / fix scrape-whonix-wiki.sh.

Sitemap was broken. May be unrelated to https://github.com/WhonixBOT/whonix-wiki-html/blob/master/scrape-whonix-wiki.sh. Just a follow up issue. Not cause. In progress of fixing this.

Oct 25 2019, 12:30 PM · website, Whonix
Patrick triaged T934: fix whonix-wiki-html backup / fix scrape-whonix-wiki.sh as Normal priority.
Oct 25 2019, 12:00 PM · website, Whonix
Patrick triaged T933: fix offline documentation - pdfbook as Normal priority.
Oct 25 2019, 11:53 AM · Whonix, website
Patrick triaged T932: fix Git-Mediawiki whonix-wiki-backup as Normal priority.
Oct 25 2019, 11:50 AM · Whonix, website

Oct 23 2019

Patrick updated the task description for T868: mediawiki fixes #2.
Oct 23 2019, 4:00 PM · Whonix, website

Oct 21 2019

Patrick added a comment to T509: Consider nftables as a replacement for iptables.

NonaSuomy:

Added requested NFTables example from duclicsic #netfilter freenode.

Oct 21 2019, 7:33 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 6 2019

Patrick closed T596: keep an eye on kloak anti keystroke deanonymization tool as Resolved.

Implemented for some time now.

Oct 6 2019, 9:54 PM · Whonix 16, security, Whonix
Patrick updated subscribers of T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 9:50 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Reported build failures:

Oct 6 2019, 9:47 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Sep 28 2019

Patrick added a project to T930: whonix.SdwdateStatus service starts VMs that were killed: sdwdate-gui.
Sep 28 2019, 10:44 AM · sdwdate-gui, Whonix

Sep 23 2019

Patrick updated the task description for T895: Proposed Download Directory Structure / download redirects / stable download links / permalinks.
Sep 23 2019, 10:10 AM · server-ssh-access-required, website, Whonix
Patrick updated the task description for T895: Proposed Download Directory Structure / download redirects / stable download links / permalinks.
Sep 23 2019, 10:09 AM · server-ssh-access-required, website, Whonix

Sep 14 2019

Patrick updated the task description for T89: Whonix Control Panel.
Sep 14 2019, 7:45 PM · Whonix, Apps, enhancement, usability

Aug 31 2019

Patrick triaged T929: Whonix XFCE Wallpaper / Background Image as Normal priority.
Aug 31 2019, 3:50 PM · Whonix 16, whonix-xfce-desktop-config, Whonix
Patrick updated the task description for T919: Whonix Live Branding.
Aug 31 2019, 3:49 PM · live-mode, Whonix
Patrick updated the task description for T919: Whonix Live Branding.
Aug 31 2019, 3:49 PM · live-mode, Whonix
Patrick updated the task description for T919: Whonix Live Branding.
Aug 31 2019, 3:47 PM · live-mode, Whonix

Aug 23 2019

Patrick renamed T900: Installation and setup of Kicksecure tutorials from Installation and setup of Hardened Debian Linux tutorials to Installation and setup of Kicksecure tutorials.
Aug 23 2019, 2:20 PM · user documentation, Whonix

Aug 21 2019

Patrick changed the status of T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on from Open to testing-in-next-build-required.

Should work on manual invocation.

Aug 21 2019, 9:13 AM · Whonix-Host, whonix-libvirt, live-mode, Whonix
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

For the record, this is the diff being generated.

Aug 21 2019, 8:38 AM · Whonix-Host, whonix-libvirt, live-mode, Whonix

Aug 19 2019

Patrick triaged T928: install xfce4-power-manager on Whonix Host and Kicksecure Host as Normal priority.
Aug 19 2019, 4:22 PM · whonix-libvirt, live-mode, Whonix-Host, Whonix
Patrick closed T903: find new name for Hardened Debian and rename it as Resolved.

https://forums.whonix.org/t/hardened-debian-security-focused-linux-distribution-based-on-debian-in-development-feedback-wanted/5943/30?u=patrick

Aug 19 2019, 4:20 PM · Whonix, Whonix-Host
Patrick added projects to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on: whonix-libvirt, Whonix-Host.
Aug 19 2019, 3:47 PM · Whonix-Host, whonix-libvirt, live-mode, Whonix
Patrick claimed T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.
Aug 19 2019, 3:45 PM · Whonix-Host, whonix-libvirt, live-mode, Whonix
Patrick added a comment to T914: Whonix Host Live - enable KVM readonly mode - virt-xml vm-name --edit --disk readonly=on.

By default, the VMs do not start because the virtual disks are not set to readonly. This is only needed when using the ISO though. Might stay this way as long as the user is correctly advised to change to set the disk to readonly mode.

Aug 19 2019, 3:45 PM · Whonix-Host, whonix-libvirt, live-mode, Whonix

Aug 17 2019

Patrick created T927: port to /etc/apparmor.d/abstractions.d in Debian 11 bullseye.
Aug 17 2019, 9:15 AM · Debian version 11 codename Bullseye, Whonix

Aug 16 2019

Patrick updated the task description for T911: xfce theming.
Aug 16 2019, 4:22 PM · Whonix, Whonix 15

Aug 11 2019

Patrick updated the task description for T215: install electrum bitcoin thin client by default?.
Aug 11 2019, 2:13 PM · anon-meta-packages, research, Whonix

Aug 9 2019

Patrick added a comment to T215: install electrum bitcoin thin client by default?.

install electrum appimage by default:
https://github.com/Whonix/anon-meta-packages/commit/71d40f5316ee7eb38eb04142d80d23c56a48407b

Aug 9 2019, 11:50 AM · anon-meta-packages, research, Whonix

Jul 27 2019

Patrick added a project to T803: coyIM: Debian version 11 codename Bullseye.
Jul 27 2019, 1:27 PM · Debian version 11 codename Bullseye, Whonix 16, anon-meta-packages, Whonix
Patrick added a comment to T912: qubes integration tools missing.

Looks like mine.

Jul 27 2019, 1:25 PM · Whonix, Qubes

Jul 25 2019

Patrick added a project to T926: TBB removed obfs3 support But still in ACW: graphical user interface.
Jul 25 2019, 5:10 PM · graphical user interface, python, anon-connection-wizard, Whonix
Patrick added a project to T926: TBB removed obfs3 support But still in ACW: python.
Jul 25 2019, 5:10 PM · graphical user interface, python, anon-connection-wizard, Whonix
Patrick added a project to T926: TBB removed obfs3 support But still in ACW: anon-connection-wizard.
Jul 25 2019, 5:09 PM · graphical user interface, python, anon-connection-wizard, Whonix
Patrick edited projects for T921: Installing git-all will delete some Whonix packages , added: Whonix; removed anon-meta-packages, Whonix 16.
Jul 25 2019, 5:08 PM · Whonix
Patrick updated the task description for T921: Installing git-all will delete some Whonix packages .
Jul 25 2019, 5:08 PM · Whonix
Patrick added a comment to T921: Installing git-all will delete some Whonix packages .

remove qubes-core-agent dependency on initscripts
https://github.com/QubesOS/qubes-issues/issues/5133

Jul 25 2019, 5:08 PM · Whonix

Jul 21 2019

Patrick added a comment to T925: whonixcheck false positive in check_journal.

Done in git master.

Jul 21 2019, 6:29 PM · Whonix
Patrick added a comment to T925: whonixcheck false positive in check_journal.

Sounds good?

Jul 21 2019, 6:07 PM · Whonix
Patrick added a comment to T925: whonixcheck false positive in check_journal.
journal keeps metadata about each message, so it's possible to avoid it with `journalctl -p err -b` (I've added `-b` to avoid listing messages from previous boot).
Jul 21 2019, 3:11 PM · Whonix

Jul 19 2019

Patrick placed T896: Hidden onion services GUI in sys-whonix up for grabs.
Jul 19 2019, 10:47 AM · qubes-whonix, usability, Whonix
Patrick added a comment to T896: Hidden onion services GUI in sys-whonix.

https://forums.whonix.org/t/focus-on-whonix-core-development/5036

Jul 19 2019, 10:47 AM · qubes-whonix, usability, Whonix

Jul 16 2019

Patrick added a comment to T913: bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time.

Can you give some more context here?

Jul 16 2019, 12:42 AM · whonix-base-files, live-mode, Whonix, Whonix 15

Jul 15 2019

Patrick updated the task description for T913: bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time.
Jul 15 2019, 6:23 PM · whonix-base-files, live-mode, Whonix, Whonix 15

Jul 14 2019

Patrick updated the task description for T913: bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time.
Jul 14 2019, 9:29 AM · whonix-base-files, live-mode, Whonix, Whonix 15
Patrick updated subscribers of T913: bug: not all files form /etc/skel are copied to /home/user / create user "user" at boot time.
Jul 14 2019, 8:42 AM · whonix-base-files, live-mode, Whonix, Whonix 15

Jul 11 2019

Patrick created T924: rename to bullseye-security.
Jul 11 2019, 9:12 AM · anon-apt-sources-list, Whonix, Debian version 11 codename Bullseye

Jul 8 2019

Patrick closed T631: re-enable tor-controlport-filter.service systemd hardening as Resolved.
Jul 8 2019, 9:49 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Removed a few. Would not start without openat, so kept.

Jul 8 2019, 9:49 PM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Yay, we have ProtectSystem=strict now.

Jul 8 2019, 1:06 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)
Patrick added a comment to T631: re-enable tor-controlport-filter.service systemd hardening.

Can we exclude ExecStartPre=/usr/lib/onion-grater-merger from systemd hardening?

Jul 8 2019, 12:53 AM · Whonix 15, Whonix, enhancement, systemd, onion-grater (Control Port Filter Proxy)