Page MenuHomePhorge

researchExperimental
ActivePublic

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Sun, Nov 26

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

blocker:
Qubes integration
Integrate Whonix firewall with Qubes nftables rule

Sun, Nov 26, 6:28 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Wed, Nov 22

Patrick closed T644: replace tb-updater / curl-prgrs as Resolved.

This was implemented.

Wed, Nov 22, 4:24 AM · bash, research, python, bug, Whonix, tb-updater

Oct 24 2023

Patrick closed T520: install fteproxy by default in Whonix-Gateway when porting to Debian stretch as Invalid.

quote https://forums.whonix.org/t/whonix-16-has-been-released-debian-11-bullseye-based-for-virtualbox-major-release/12297

Oct 24 2023, 12:10 PM · systemd, AppArmor, research, user documentation, enhancement, circumvention, Whonix

May 16 2023

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

https://wiki.nftables.org/wiki-nftables/index.php/Atomic_rule_replacement

May 16 2023, 10:32 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

May 15 2023

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

https://wiki.nftables.org/wiki-nftables/index.php/Scripting

May 15 2023, 6:21 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Some progress.

May 15 2023, 5:23 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

May 9 2023

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

In other words, iptabels is already symlinked to iptabels-nft anyhow. Therefore Whonix is already using iptabels-nft.

May 9 2023, 10:34 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
May 9 2023, 10:23 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Feb 17 2023

Patrick added a comment to T673: document https downgrade sslstrip defenses - wget vs curl vs scurl.

https://forums.whonix.org/t/whonix-linux-installer-development-discussion/15917/20

Feb 17 2023, 10:52 AM · Whonix, user documentation, research, Whonix 14, scurl

Jan 19 2023

Patrick updated the task description for T526: systemd introduces memory protection.
Jan 19 2023, 11:12 AM · sdwdate, Whonix, research
Patrick updated the task description for T526: systemd introduces memory protection.
Jan 19 2023, 11:10 AM · sdwdate, Whonix, research
Patrick updated the task description for T526: systemd introduces memory protection.
Jan 19 2023, 11:02 AM · sdwdate, Whonix, research
Patrick updated the task description for T135: find packages without security support / consider installation of debian-security-support by default.
Jan 19 2023, 10:58 AM · bash, Whonix, research, user documentation, security, usability
Patrick removed a project from T135: find packages without security support / consider installation of debian-security-support by default: Debian version 8 codename Jessie.
Jan 19 2023, 10:57 AM · bash, Whonix, research, user documentation, security, usability

Sep 8 2021

Patrick closed T961: fix USB auto mounting bug / document as Resolved.

https://forums.whonix.org/t/disk-usb-automount-in-kicksecure/8728/31

Sep 8 2021, 3:08 PM · research, bug, Whonix, Whonix 15

Aug 9 2021

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
In T509#20232, @ak88 wrote:

Any updates on this?

Aug 9 2021, 7:13 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
ak88 added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Any updates on this?

Aug 9 2021, 5:22 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Aug 13 2020

Patrick updated the task description for T540: Advanced Attacks Meta Ticket.
Aug 13 2020, 8:33 AM · VirtualBox, KVM, Qubes, security, research, Whonix
Patrick closed T542: Keyboard/Mouse Fingerprinting Defense, a subtask of T540: Advanced Attacks Meta Ticket, as Resolved.
Aug 13 2020, 8:32 AM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 12 2020

HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures as Invalid.

After running a bunch of tcp ping tests, the conclusion is this attack
is not really effective against TCP like ICMP. The latency is much lower
for TCP pings and though it slightly decreases with cpu stress it is not
consistent. Reloading pages in TBB with cpu stress
on/off does not impact latency readings while doing so with tc
attached has massive latency foot prints - implying it will ironically make such attacks much easier in addition to degrading performance.

Aug 12 2020, 4:30 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop closed T530: CPU-induced latency Covert Channel Countermeasures, a subtask of T540: Advanced Attacks Meta Ticket, as Invalid.
Aug 12 2020, 4:30 PM · VirtualBox, KVM, Qubes, security, research, Whonix

Aug 7 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Cyrus recommends adding delays per packet to disrupt inter-packet patterns that remain. The command can be fine tuned as such:

Aug 7 2020, 4:54 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Aug 1 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

The good news is I think I've figured out the equivalent tc-netem command looking the slot parameter in the manual:

Aug 1 2020, 3:42 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

May 30 2020

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Ticket above closed and convo moved to tails-dev.

May 30 2020, 2:33 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Apr 23 2020

Patrick updated subscribers of T961: fix USB auto mounting bug / document.
Apr 23 2020, 2:59 PM · research, bug, Whonix, Whonix 15

Feb 14 2020

Patrick updated the task description for T547: add user documentation for Remote Administration, Keystroke Fingerprinting, Stylometry.
Feb 14 2020, 11:49 AM · research, user documentation, Whonix
Patrick added a project to T547: add user documentation for Remote Administration, Keystroke Fingerprinting, Stylometry: research.
Feb 14 2020, 11:49 AM · research, user documentation, Whonix
Patrick triaged T961: fix USB auto mounting bug / document as Normal priority.
Feb 14 2020, 6:12 AM · research, bug, Whonix, Whonix 15

Dec 23 2019

Patrick triaged T948: /tmp etc. separation through polyinstantiation by using namespaces.conf as Normal priority.
Dec 23 2019, 1:09 PM · research, Whonix, security-misc

Dec 11 2019

marmarek added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

It looks like bpfilter is in rather early stages, and it's few years until we'll see it in Debian.

Dec 11 2019, 2:35 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick renamed T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables from Consider nftables as a replacement for iptables to Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
Dec 11 2019, 1:11 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Or skip nftables and use Berkeley Packet Filter (BPF)?

Dec 11 2019, 1:10 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick updated the task description for T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
Dec 11 2019, 1:09 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Nov 21 2019

Patrick closed T621: Combatting sclockadj's log spam as Resolved.

Not a problem anymore.

Nov 21 2019, 7:54 PM · Debian version 10 codename Buster, research, Whonix

Nov 6 2019

Patrick closed T444: test if Ricochet IM instructions are functional as Invalid.

https://www.whonix.org/wiki/Chat#Ricochet_IM

Nov 6 2019, 2:33 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Oct 21 2019

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

NonaSuomy:

Added requested NFTables example from duclicsic #netfilter freenode.

Oct 21 2019, 5:33 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 17 2019

HulaHoop added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Starting with Bullseye nftables will be the default:

Oct 17 2019, 5:29 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 15 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

https://redmine.tails.boum.org/code/issues/17156

Oct 15 2019, 7:26 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Oct 13 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Analysis by Cyrus cited here for completion:

Oct 13 2019, 2:18 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Oct 6 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 8:53 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick updated subscribers of T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 7:50 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Reported build failures:

Oct 6 2019, 7:47 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

When an implementation is decided, let's decide if we can include this in security-misc for use on Linux hosts and Kicksecure. We would need some way in detecting the active NIC since on wireless systems wlan0 is the interface of choice and not eth0

Oct 6 2019, 7:01 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

tc-netem is a utility that is part of the iproute2 package in Debian. It leverages functionality already built into Linux and userspace utilities to simulate networks including packet delays and loss.

Oct 6 2019, 4:04 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Aug 11 2019

Patrick updated the task description for T215: install electrum bitcoin thin client by default?.
Aug 11 2019, 12:13 PM · anon-meta-packages, research, Whonix

Aug 9 2019

Patrick added a comment to T215: install electrum bitcoin thin client by default?.

install electrum appimage by default:
https://github.com/Whonix/anon-meta-packages/commit/71d40f5316ee7eb38eb04142d80d23c56a48407b

Aug 9 2019, 9:50 AM · anon-meta-packages, research, Whonix

Jul 6 2019

Patrick added a comment to T600: Integrating Guix/Nix Package Manager.

Any update?

Jul 6 2019, 10:40 AM · Whonix, packaging, research

Jun 27 2019

Patrick updated the task description for T215: install electrum bitcoin thin client by default?.
Jun 27 2019, 10:59 AM · anon-meta-packages, research, Whonix
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Will keep watching what Tails is doing.

Jun 27 2019, 8:33 AM · Whonix 16, research, Whonix
Patrick edited projects for T582: revisit handling of /var/lib/dbus/machine-id, added: Whonix 16; removed Whonix 15.
Jun 27 2019, 8:33 AM · Whonix 16, research, Whonix