Page MenuHomePhabricator

WhonixProject
ActivePublic

Members (2)

Watchers

  • This project does not have any watchers.

Details

Recent Activity

Wed, May 22

Patrick updated the task description for T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.
Wed, May 22, 6:51 PM · VirtualBox, usability, Whonix
Patrick added a comment to T803: coyIM.

@Patrick were you able to reproduce this?

Wed, May 22, 6:45 PM · anon-meta-packages, Whonix 15, Whonix
HulaHoop added a comment to T901: package and test wiperam for Debian.

https://github.com/AvANa-BBS/freepto-lb/issues/53

Wed, May 22, 7:42 AM · Whonix-Host, Whonix
HulaHoop added a comment to T803: coyIM.

@Patrick were you able to reproduce this? I wasn't

Wed, May 22, 7:37 AM · anon-meta-packages, Whonix 15, Whonix
HulaHoop added a comment to T803: coyIM.

He was a major dev/creator of CoyIM but not the only one.

Wed, May 22, 7:36 AM · anon-meta-packages, Whonix 15, Whonix
HulaHoop added a comment to T817: install jitterentropy by default.

His detailed reply:

Wed, May 22, 7:34 AM · Whonix 15, Debian version 10 codename Buster, Whonix
HulaHoop added a comment to T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.

Accepted as optional feature/usecase. Moved implementation design from protocol level to spice-gtk.

Wed, May 22, 7:33 AM · VirtualBox, usability, Whonix

Thu, May 16

Patrick added a comment to T904: make sure there is no swap by default.

madaidan (madaidan):

madaidan added a comment.

> We need to re-check this for Whonix Host. Since it gets installed using calamares (which handles partitioning) there could be an unwanted swap partition.

I can test it for that too. Where do I download it?
Thu, May 16, 12:16 PM · Whonix, Whonix-Host

Sun, May 12

Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Maybe there is no need. It's just when Tails has a ticket, we should
check it at Whonix too. Thank you for looking into this, too!

Sun, May 12, 5:36 PM · research, Whonix 15, Whonix
madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

The way it is now looks fine. Why would it need to be changed?

Sun, May 12, 2:36 PM · research, Whonix 15, Whonix
madaidan added a comment to T904: make sure there is no swap by default.

We need to re-check this for Whonix Host. Since it gets installed using calamares (which handles partitioning) there could be an unwanted swap partition.

Sun, May 12, 2:34 PM · Whonix, Whonix-Host
madaidan added a comment to T875: fix fail closed mechanism.

Seems quite hacky. What's the root cause for failing?

Sun, May 12, 2:14 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick added a comment to T729: network hardening.

Could you please review this? @HulaHoop

Sun, May 12, 12:56 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick added a comment to T875: fix fail closed mechanism.

Seems quite hacky. What's the root cause for failing?

Sun, May 12, 12:55 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick added a comment to T904: make sure there is no swap by default.

Thanks for testing! Would have been surprising if there was.

Sun, May 12, 12:53 PM · Whonix, Whonix-Host
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

madaidan (madaidan):

madaidan added a comment.

> https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

Wouldn't using a fake machine-id e.g. a bunch of zeroes fix this?
Sun, May 12, 3:21 AM · research, Whonix 15, Whonix

Sat, May 11

madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

Sat, May 11, 7:27 PM · research, Whonix 15, Whonix
Patrick assigned T729: network hardening to madaidan.
Sat, May 11, 1:12 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

Sat, May 11, 9:57 AM · research, Whonix 15, Whonix

Fri, May 10

madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

Fri, May 10, 7:27 PM · research, Whonix 15, Whonix
madaidan added a comment to T729: network hardening.

My pull request enables all of these except martian packet logging which I doubt would be useful on Whonix.

Fri, May 10, 7:18 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
madaidan added a comment to T770: Custom TBB profile for localhost access + Privoxy.

You can create directories in tor-browser_en-US/Browser/TorBrowser/Data/Browser/ called (profile_name).default. Here will be all the configurations for the profile. It should have a custom user.js with proxy settings using privoxy and setting network.proxy.no_proxies_on to 0.

Fri, May 10, 7:15 PM · Whonix
madaidan added a comment to T795: Customized welcome page and bookmarks for I2P / Alt TBB (keyword: homepage).

Alternatively, you could change the home page to the program's interface e.g. 127.0.0.1:7657 for I2P and start the browser with a script that creates a popup box using zenity or similar that tells the user the information.

Fri, May 10, 6:48 PM · html, whonix-welcome-page, Whonix
madaidan added a comment to T875: fix fail closed mechanism.

Maybe disable it just for package upgrades?

Fri, May 10, 6:19 PM · whonix-ws-firewall, whonix-gw-firewall, Whonix
madaidan added a comment to T904: make sure there is no swap by default.

There is none. You can run swapon -s or cat /proc/swaps to verify.

Fri, May 10, 5:55 PM · Whonix, Whonix-Host
madaidan added a comment to T902: disable removable drives auto-mounting - XFCE only.

No, I mean the upstream repository thunar-volman by XFCE developers.

Fri, May 10, 5:47 PM · Whonix-Host, Whonix
Patrick added a comment to T902: disable removable drives auto-mounting - XFCE only.

madaidan (madaidan):

madaidan added a comment.

> Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

debian/thunar-volman.xml has all the default settings for auto-mounting if that's what you mean.
Fri, May 10, 2:43 AM · Whonix-Host, Whonix

Thu, May 9

madaidan added a comment to T902: disable removable drives auto-mounting - XFCE only.

Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

Thu, May 9, 7:24 PM · Whonix-Host, Whonix
Patrick changed the status of T902: disable removable drives auto-mounting - XFCE only from Open to Review.

Debian buster package thunar-volman (thunar-volman-0.9.1) contains a file debian/thunar-volman.xml

Thu, May 9, 3:31 AM · Whonix-Host, Whonix
Patrick updated subscribers of T902: disable removable drives auto-mounting - XFCE only.
Thu, May 9, 3:21 AM · Whonix-Host, Whonix

Wed, May 8

madaidan added a comment to T902: disable removable drives auto-mounting - XFCE only.

Automounting can be configured in /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.conf

Wed, May 8, 10:27 PM · Whonix-Host, Whonix

Tue, May 7

Patrick updated the task description for T89: Whonix Control Panel.
Tue, May 7, 1:59 PM · Whonix, Apps, enhancement, usability
Patrick updated the task description for T89: Whonix Control Panel.
Tue, May 7, 1:52 PM · Whonix, Apps, enhancement, usability
Patrick updated the task description for T89: Whonix Control Panel.
Tue, May 7, 1:51 PM · Whonix, Apps, enhancement, usability

Sun, May 5

Patrick added a comment to T670: Activating Lockdown.

More kernel hardening:
https://github.com/Whonix/security-misc/pull/5

Sun, May 5, 11:28 PM · Debian version 10 codename Buster, Whonix

Fri, May 3

HulaHoop added a comment to T670: Activating Lockdown.

Related thread on general kernel hardening:

Fri, May 3, 6:14 PM · Debian version 10 codename Buster, Whonix
Patrick added a comment to T895: Proposed Download Directory Structure / download redirects / stable download links / permalinks.

Does this work for you? @tempest

Fri, May 3, 12:13 PM · server-ssh-access-required, website, Whonix
Patrick renamed T895: Proposed Download Directory Structure / download redirects / stable download links / permalinks from Proposed Download Directory Structure / download redirects / stable download links to Proposed Download Directory Structure / download redirects / stable download links / permalinks.
Fri, May 3, 12:13 PM · server-ssh-access-required, website, Whonix
Patrick renamed T895: Proposed Download Directory Structure / download redirects / stable download links / permalinks from Proposed Download Directory Structure to Proposed Download Directory Structure / download redirects / stable download links.
Fri, May 3, 12:08 PM · server-ssh-access-required, website, Whonix
Patrick updated the task description for T670: Activating Lockdown.
Fri, May 3, 6:41 AM · Debian version 10 codename Buster, Whonix

Thu, May 2

Patrick updated the task description for T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.
Thu, May 2, 12:04 PM · VirtualBox, usability, Whonix

Wed, May 1

Patrick added a comment to T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.

HulaHoop (HulaHoop):

HulaHoop added a comment.

https://gitlab.freedesktop.org/spice/spice-protocol/issues/8
Wed, May 1, 2:25 AM · VirtualBox, usability, Whonix
Patrick added a comment to T817: install jitterentropy by default.

user@host:~/jitterentropy-20140131/tests_userspace/timing$ ./jitterentropy-inittest
Pass 10000 - Fail 0 - Rounds 10000

foldtime.O0
foldtime.O2

https://anonfile.com/g8E9mal5n6/foldtime_O2
https://anonfile.com/63H8m6l9nb/foldtime_O0

Wed, May 1, 2:23 AM · Whonix 15, Debian version 10 codename Buster, Whonix
HulaHoop added a comment to T817: install jitterentropy by default.

user@host:~/jitterentropy-20140131/tests_userspace/timing$ ./jitterentropy-inittest
Pass 10000 - Fail 0 - Rounds 10000

Wed, May 1, 2:21 AM · Whonix 15, Debian version 10 codename Buster, Whonix

Tue, Apr 30

HulaHoop added a comment to T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.

https://gitlab.freedesktop.org/spice/spice-protocol/issues/8

Tue, Apr 30, 11:52 PM · VirtualBox, usability, Whonix
Patrick updated the task description for T817: install jitterentropy by default.
Tue, Apr 30, 1:28 PM · Whonix 15, Debian version 10 codename Buster, Whonix
Patrick updated the task description for T817: install jitterentropy by default.
Tue, Apr 30, 1:27 PM · Whonix 15, Debian version 10 codename Buster, Whonix

Fri, Apr 26

Patrick added a comment to T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.
Fri, Apr 26, 12:59 PM · VirtualBox, usability, Whonix

Thu, Apr 25

Patrick triaged T911: xfce theming as Normal priority.
Thu, Apr 25, 12:28 PM · Whonix, Whonix 15
Patrick updated the task description for T720: post feature request for more secure clipboard sharing against VirtualBox and KVM.
Thu, Apr 25, 11:09 AM · VirtualBox, usability, Whonix