Page MenuHomePhabricator

WhonixProject
ActivePublic

Members (2)

Watchers

  • This project does not have any watchers.

Details

Recent Activity

Yesterday

Patrick updated the task description for T114: Permanent Takedown Attack Defender.
Wed, Jan 23, 11:15 AM · whonixcheck, upstream, enhancement, security, Whonix
Patrick updated the task description for T114: Permanent Takedown Attack Defender.
Wed, Jan 23, 11:14 AM · whonixcheck, upstream, enhancement, security, Whonix
Patrick assigned T580: Document recovery procedure after compromise to HulaHoop.
Wed, Jan 23, 10:09 AM · Whonix, user documentation
Patrick added a comment to T580: Document recovery procedure after compromise.

Let me know the title and place and I'll put something up.

Wed, Jan 23, 9:59 AM · Whonix, user documentation
Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from Open to testing-in-next-build-required.

https://github.com/Whonix/genmkfile/commit/c0d35c24569dea4af1b873c3a89bbf492cd44470
https://github.com/Whonix/Whonix/commit/0c63f16671e2387f1ccf86f791a77657f305f4f7

Wed, Jan 23, 7:32 AM · anon-apt-sources-list, Whonix
Patrick closed T678: tb-updater onion mirros downloads support as Resolved.
Wed, Jan 23, 5:45 AM · security, Whonix 15, Whonix 14, Whonix, tb-updater
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Use SSL and apt-cacher-ng also during genmkfile inside cowbuilder.

Wed, Jan 23, 5:40 AM · anon-apt-sources-list, Whonix

Tue, Jan 22

Patrick changed the status of T678: tb-updater onion mirros downloads support from Open to testing-in-next-build-required.

With TPO infrastructure using onions, its now a good idea to switch tb-updater to check for version info and downloads to these more secure mirrors.

Tue, Jan 22, 8:16 AM · security, Whonix 15, Whonix 14, Whonix, tb-updater
Patrick added projects to T678: tb-updater onion mirros downloads support: Whonix 14, Whonix 15, security.
Tue, Jan 22, 8:12 AM · security, Whonix 15, Whonix 14, Whonix, tb-updater
Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default to deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Tue, Jan 22, 7:33 AM · anon-apt-sources-list, Whonix

Mon, Jan 21

HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Building initiates. I had these deps installed anyhow. Unpinning the CPU resolved some early build error, but now it craps out at RAW image creation. Not really related to your inquiry.

Mon, Jan 21, 10:32 PM · anon-apt-sources-list, Whonix
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

This is now in stretch-testers repository.

Mon, Jan 21, 8:10 AM · anon-apt-sources-list, Whonix
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

https://github.com/Whonix/Whonix/commit/64b5b6133d733b7bb400262199992d116ae8709b
https://github.com/Whonix/Whonix/commit/b83dddec7c191160332bc9233feb6069bb28d435
https://github.com/Whonix/Whonix/commit/d182a2720c8c6a56492fccf45a8bc8c2b2902e67
https://github.com/Whonix/Whonix/commit/abaf332e0d831dc61dbe3ef0f37e701be63a494e
https://github.com/Whonix/Whonix/commit/360cc8f283d3d7ad5f1ef1a2984fa78465187dd9
https://github.com/Whonix/Whonix/commit/ec204c7434efbf985e8526d1d81ff5c9e91e1c44
https://github.com/Whonix/Whonix/commit/5e06301a66e93cbd1253ea7a52af993848a0d099
https://github.com/Whonix/Whonix/commit/0a370cf1c98ed7ac46edfda1371e81b7df314154
https://github.com/Whonix/Whonix/commit/8add221ae13de742c3c615fb7c63ce518a9c99f3
https://github.com/Whonix/Whonix/commit/54483462c12e30ec52d05f7e75537d607d9b3422
https://github.com/Whonix/Whonix/commit/3f087b337903a7e37685b0de464eb0c1ab9fc622
https://github.com/Whonix/Whonix/commit/d035e40127ca922749f6273f6f193db27be19601
https://github.com/Whonix/Whonix/commit/ca3add2343abd5846987400c04fd043082f1a489
https://github.com/Whonix/Whonix/commit/5f88d1d7377ff275679f629539d0de24f57e031e
https://github.com/Whonix/anon-shared-build-apt-sources-tpo/commit/7948da7d5c6e964455375499704851b3ca2cc21d
https://github.com/Whonix/whonix-repository/commit/903f0893182ecdbebd6eacd483f373940573e4bc
https://github.com/Whonix/whonix-legacy/commit/25663b8c9bd91185586ce9e18d07500abb81ca18
https://github.com/Whonix/whonix-initializer/commit/6705fa45965c20612ed40276fc961deb0e40890e

Mon, Jan 21, 6:40 AM · anon-apt-sources-list, Whonix

Sun, Jan 20

Patrick updated subscribers of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Sun, Jan 20, 10:02 AM · anon-apt-sources-list, Whonix
Patrick triaged T891: upgrade build_sources/rpi-preferences for Debian 10/ buster as Normal priority.
Sun, Jan 20, 6:13 AM · build, Whonix 15, Whonix, Debian version 10 codename Buster
Patrick updated subscribers of T890: Have cryptsetup installed by default in Whonix.
Sun, Jan 20, 6:06 AM · anon-meta-packages, Whonix, Whonix 15
Patrick lowered the priority of T890: Have cryptsetup installed by default in Whonix from Normal to Low.

postpone to Whonix 15 since cryptsetup has initramfs hooks (small chance of regressions)

Sun, Jan 20, 6:04 AM · anon-meta-packages, Whonix, Whonix 15

Sat, Jan 19

Patrick added a project to T890: Have cryptsetup installed by default in Whonix: Whonix 14.
Sat, Jan 19, 8:41 AM · anon-meta-packages, Whonix, Whonix 15
Patrick added projects to T890: Have cryptsetup installed by default in Whonix: Whonix, anon-meta-packages.
Sat, Jan 19, 8:40 AM · anon-meta-packages, Whonix, Whonix 15

Fri, Jan 18

TNTBOMBOM triaged T890: Have cryptsetup installed by default in Whonix as Normal priority.
Fri, Jan 18, 12:46 PM · anon-meta-packages, Whonix, Whonix 15
TNTBOMBOM triaged T889: Add qtox app to whonix 15 as Normal priority.
Fri, Jan 18, 12:40 PM · Whonix, Whonix 15

Wed, Jan 16

Patrick closed T523: document identity correlation attacks and defenses / Removing Apache Recommendation as Resolved.
Wed, Jan 16, 1:20 PM · Whonix 14, Whonix, user documentation, research

Tue, Jan 15

Patrick updated the task description for T89: Whonix Control Panel.
Tue, Jan 15, 8:48 AM · Whonix, Apps, enhancement, usability

Sun, Jan 13

HulaHoop added a comment to T885: Add MAT2 to Whonix 15 / Debian buster.

Seems so. This one is a context menu option or commandline but it supports a lot more stuff than the original and it pulls in other specialized tools to do the work.

Sun, Jan 13, 2:00 AM · Debian version 10 codename Buster, Whonix, Whonix 15
HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Done

Sun, Jan 13, 1:56 AM · Whonix 14, Whonix, user documentation, research

Sat, Jan 12

Patrick updated subscribers of T885: Add MAT2 to Whonix 15 / Debian buster.
Sat, Jan 12, 7:51 AM · Debian version 10 codename Buster, Whonix, Whonix 15
Patrick renamed T885: Add MAT2 to Whonix 15 / Debian buster from Add MAT2 to Whonix 15/buster to Add MAT2 to Whonix 15 / Debian buster.
Sat, Jan 12, 7:51 AM · Debian version 10 codename Buster, Whonix, Whonix 15
Patrick triaged T888: change Qubes-Whonix default applications from KDE-ish to XFCE-ish as Normal priority.
Sat, Jan 12, 7:50 AM · Whonix, Debian version 10 codename Buster, Whonix 15, anon-meta-packages, qubes-template-whonix, Qubes
Patrick updated subscribers of T883: configure Qubes-Whonix XFCE default start menu entries (whitelisted appmenus).
Sat, Jan 12, 7:48 AM · Whonix 15, qubes-template-whonix, Whonix
Patrick renamed T595: install onionshare by default in Whonix 15 from decide if we should install onionshare by default in Whonix 14 to install onionshare by default in Whonix 15.
Sat, Jan 12, 7:47 AM · Whonix 15, Debian version 10 codename Buster, Whonix, anon-meta-packages, usability
Patrick closed T882: install unrar-free by default as Resolved.

[quote="HulaHoop, post:8, topic:6533, full:true"]
unrar-free is redundant because it supports a smaller feature-set of unar
[/quote]

Sat, Jan 12, 7:47 AM · Whonix 14, Whonix 15, Whonix
Patrick added a project to T886: add grub-live: live-mode.
Sat, Jan 12, 7:34 AM · live-mode, Debian version 10 codename Buster, Whonix 15, Whonix
Patrick renamed T771: install magic-wormhole by default / Implementing an Onionshare alternative from Implementing an Onionshare alternative to install magic-wormhole by default / Implementing an Onionshare alternative.
Sat, Jan 12, 7:26 AM · Whonix 14, Whonix, Whonix 15
Patrick added a project to T771: install magic-wormhole by default / Implementing an Onionshare alternative: Whonix 14.
Sat, Jan 12, 7:25 AM · Whonix 14, Whonix, Whonix 15
Patrick changed the status of T771: install magic-wormhole by default / Implementing an Onionshare alternative from Open to testing-in-next-build-required.
Sat, Jan 12, 7:25 AM · Whonix 14, Whonix, Whonix 15
Patrick edited projects for T595: install onionshare by default in Whonix 15, added: Debian version 10 codename Buster, Whonix 15; removed Debian version 9 codename Stretch, Whonix 14.
Sat, Jan 12, 7:12 AM · Whonix 15, Debian version 10 codename Buster, Whonix, anon-meta-packages, usability

Fri, Jan 11

HulaHoop reopened T595: install onionshare by default in Whonix 15 as "Open".

Onionshare is in Buster.
https://packages.debian.org/buster/onionshare

Fri, Jan 11, 7:46 PM · Whonix 15, Debian version 10 codename Buster, Whonix, anon-meta-packages, usability

Sun, Jan 6

Patrick added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

https://www.whonix.org/wiki/Onion_Services#Step_1:_Install_Server_Software needs update.

Sun, Jan 6, 8:24 AM · Whonix 14, Whonix, user documentation, research

Fri, Jan 4

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Done. You can close this ticket once you agree with edits.

Fri, Jan 4, 5:58 PM · Whonix 14, Whonix, user documentation, research

Thu, Jan 3

Patrick lowered the priority of T800: Migrating from Github from Normal to Wishlist.
Thu, Jan 3, 1:23 PM · Whonix
Patrick updated subscribers of T800: Migrating from Github.
Thu, Jan 3, 1:22 PM · Whonix
Patrick added a comment to T800: Migrating from Github.

What does it mean to “distrust the infrastructure”?

A core tenet of the Qubes philosophy is “distrust the infrastructure,” where “the infrastructure” refers to things like hosting providers, CDNs, DNS services, package repositories, email servers, PGP keyservers, etc. As a project, we focus on securing endpoints instead of attempting to secure “the middle” (i.e., the infrastructure), since one of our primary goals is to free users from being forced to entrust their security to unknown third parties. Instead, our aim is for users to be required to trust as few entities as possible (ideally, only themselves and any known persons whom they voluntarily decide to trust).

Users can never fully control all the infrastructure they rely upon, and they can never fully trust all the entities who do control it. Therefore, we believe the best solution is not to attempt to make the infrastructure trustworthy, but instead to concentrate on solutions that obviate the need to do so. We believe that many attempts to make the infrastructure appear trustworthy actually provide only the illusion of security and are ultimately a disservice to real users. Since we don’t want to encourage or endorse this, we make our distrust of the infrastructure explicit.

Thu, Jan 3, 1:22 PM · Whonix

Wed, Jan 2

Patrick added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Sounds good!

Wed, Jan 2, 1:54 PM · Whonix 14, Whonix, user documentation, research
Patrick triaged T887: make TBB usable as "system Tor", so latest Tor and pluggable transports can be used on Whonix-Gateway as Normal priority.
Wed, Jan 2, 1:52 PM · Whonix

Fri, Dec 28

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

From this size comparison on Debian wiki, I think the best and most secure option is the smallest and most minimal one: micro-httpd

Fri, Dec 28, 8:31 PM · Whonix 14, Whonix, user documentation, research
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Fri, Dec 28, 10:32 AM · anon-apt-sources-list, Whonix
HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Fri, Dec 28, 1:04 AM · anon-apt-sources-list, Whonix

Dec 22 2018

Patrick reopened T523: document identity correlation attacks and defenses / Removing Apache Recommendation as "Open".

We still have the warning on https://www.whonix.org/wiki/Onion_Services.

Dec 22 2018, 12:01 PM · Whonix 14, Whonix, user documentation, research
Patrick added a comment to T812: use onion sources list exclusively for apt-get updating by default.

onion V3 (repo,website,forum…) reported from different sources is down.
https://forums.whonix.org/t/onion-v3-for-whonix-website-repo-down/5693/8

Dec 22 2018, 11:51 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.
Dec 22 2018, 11:50 AM · anon-apt-sources-list, Whonix