Page MenuHomePhabricator

researchExperimental
ActivePublic

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Sat, May 30

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Ticket above closed and convo moved to tails-dev.

Sat, May 30, 4:33 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Apr 23 2020

Patrick updated subscribers of T961: fix USB auto mounting bug / document.
Apr 23 2020, 4:59 PM · research, bug, Whonix 15, Whonix

Feb 14 2020

Patrick updated the task description for T547: add user documentation for Remote Administration, Keystroke Fingerprinting, Stylometry.
Feb 14 2020, 12:49 PM · research, user documentation, Whonix
Patrick added a project to T547: add user documentation for Remote Administration, Keystroke Fingerprinting, Stylometry: research.
Feb 14 2020, 12:49 PM · research, user documentation, Whonix
Patrick triaged T961: fix USB auto mounting bug / document as Normal priority.
Feb 14 2020, 7:12 AM · research, bug, Whonix 15, Whonix

Dec 23 2019

Patrick triaged T948: /tmp etc. separation through polyinstantiation by using namespaces.conf as Normal priority.
Dec 23 2019, 2:09 PM · research, security-misc, Whonix

Dec 11 2019

marmarek added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

It looks like bpfilter is in rather early stages, and it's few years until we'll see it in Debian.

Dec 11 2019, 3:35 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick renamed T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables from Consider nftables as a replacement for iptables to Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
Dec 11 2019, 2:11 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Or skip nftables and use Berkeley Packet Filter (BPF)?

Dec 11 2019, 2:10 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research
Patrick updated the task description for T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.
Dec 11 2019, 2:09 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Nov 21 2019

Patrick closed T621: Combatting sclockadj's log spam as Resolved.

Not a problem anymore.

Nov 21 2019, 8:54 PM · Debian version 10 codename Buster, research, Whonix

Nov 6 2019

Patrick closed T444: test if Ricochet IM instructions are functional as Invalid.

https://www.whonix.org/wiki/Chat#Ricochet_IM

Nov 6 2019, 3:33 AM · onion-grater (Control Port Filter Proxy), research, Whonix

Oct 21 2019

Patrick added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

NonaSuomy:

Added requested NFTables example from duclicsic #netfilter freenode.

Oct 21 2019, 7:33 AM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 17 2019

HulaHoop added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

Starting with Bullseye nftables will be the default:

Oct 17 2019, 7:29 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research

Oct 15 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

https://redmine.tails.boum.org/code/issues/17156

Oct 15 2019, 9:26 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Oct 13 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Analysis by Cyrus cited here for completion:

Oct 13 2019, 4:18 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Oct 6 2019

HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 10:53 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick updated subscribers of T530: CPU-induced latency Covert Channel Countermeasures.
Oct 6 2019, 9:50 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

Reported build failures:

Oct 6 2019, 9:47 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

When an implementation is decided, let's decide if we can include this in security-misc for use on Linux hosts and Kicksecure. We would need some way in detecting the active NIC since on wireless systems wlan0 is the interface of choice and not eth0

Oct 6 2019, 9:01 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
HulaHoop added a comment to T530: CPU-induced latency Covert Channel Countermeasures.

tc-netem is a utility that is part of the iproute2 package in Debian. It leverages functionality already built into Linux and userspace utilities to simulate networks including packet delays and loss.

Oct 6 2019, 6:04 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix

Aug 11 2019

Patrick updated the task description for T215: install electrum bitcoin thin client by default?.
Aug 11 2019, 2:13 PM · anon-meta-packages, research, Whonix

Aug 9 2019

Patrick added a comment to T215: install electrum bitcoin thin client by default?.

install electrum appimage by default:
https://github.com/Whonix/anon-meta-packages/commit/71d40f5316ee7eb38eb04142d80d23c56a48407b

Aug 9 2019, 11:50 AM · anon-meta-packages, research, Whonix

Jul 6 2019

Patrick added a comment to T600: Integrating Guix/Nix Package Manager.

Any update?

Jul 6 2019, 12:40 PM · Whonix, packaging, research

Jun 27 2019

Patrick updated the task description for T215: install electrum bitcoin thin client by default?.
Jun 27 2019, 12:59 PM · anon-meta-packages, research, Whonix
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Will keep watching what Tails is doing.

Jun 27 2019, 10:33 AM · Whonix 16, research, Whonix
Patrick edited projects for T582: revisit handling of /var/lib/dbus/machine-id, added: Whonix 16; removed Whonix 15.
Jun 27 2019, 10:33 AM · Whonix 16, research, Whonix

May 12 2019

Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Maybe there is no need. It's just when Tails has a ticket, we should
check it at Whonix too. Thank you for looking into this, too!

May 12 2019, 5:36 PM · Whonix 16, research, Whonix
madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

The way it is now looks fine. Why would it need to be changed?

May 12 2019, 2:36 PM · Whonix 16, research, Whonix
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

madaidan (madaidan):

madaidan added a comment.

> https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

Wouldn't using a fake machine-id e.g. a bunch of zeroes fix this?
May 12 2019, 3:21 AM · Whonix 16, research, Whonix

May 11 2019

madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

https://lists.ubuntu.com/archives/apparmor/2016-February/009371.html says it is used for various things so it might break some things.

May 11 2019, 7:27 PM · Whonix 16, research, Whonix
Patrick added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

May 11 2019, 9:57 AM · Whonix 16, research, Whonix

May 10 2019

madaidan added a comment to T582: revisit handling of /var/lib/dbus/machine-id.

Would it cause any issues if the machine-id was just deleted or replaced with a bunch of 0s?

May 10 2019, 7:27 PM · Whonix 16, research, Whonix

Apr 6 2019

Patrick closed T801: use libresolv-wrapper rather than functional Whonix-Gateway system DNS resolver? as Invalid.

Unfortunately, not possible.

Apr 6 2019, 8:32 PM · Whonix, Whonix 16, research, anon-gw-dns-conf

Feb 2 2019

HulaHoop closed T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs as Resolved.

The concept was documented for operational use. Auto Guard de-duplication considered too complex to deploy and manual checking is enough.

Feb 2 2019, 3:47 AM · research, Whonix, user documentation

Jan 16 2019

Patrick closed T523: document identity correlation attacks and defenses / Removing Apache Recommendation as Resolved.
Jan 16 2019, 1:20 PM · Whonix 14, Whonix, user documentation, research

Jan 13 2019

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Done

Jan 13 2019, 1:56 AM · Whonix 14, Whonix, user documentation, research

Jan 6 2019

Patrick added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

https://www.whonix.org/wiki/Onion_Services#Step_1:_Install_Server_Software needs update.

Jan 6 2019, 8:24 AM · Whonix 14, Whonix, user documentation, research

Jan 4 2019

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Done. You can close this ticket once you agree with edits.

Jan 4 2019, 5:58 PM · Whonix 14, Whonix, user documentation, research

Jan 2 2019

Patrick added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

Sounds good!

Jan 2 2019, 1:54 PM · Whonix 14, Whonix, user documentation, research

Dec 28 2018

HulaHoop added a comment to T523: document identity correlation attacks and defenses / Removing Apache Recommendation.

From this size comparison on Debian wiki, I think the best and most secure option is the smallest and most minimal one: micro-httpd

Dec 28 2018, 8:31 PM · Whonix 14, Whonix, user documentation, research

Dec 22 2018

Patrick reopened T523: document identity correlation attacks and defenses / Removing Apache Recommendation as "Open".

We still have the warning on https://www.whonix.org/wiki/Onion_Services.

Dec 22 2018, 12:01 PM · Whonix 14, Whonix, user documentation, research

Dec 9 2018

Patrick lowered the priority of T389: make sure Qubes-Whonix has no access to clocksource=xen from High to Normal.
Dec 9 2018, 6:53 AM · mgmt, research, security, Whonix, Qubes

Dec 7 2018

Patrick removed a project from T530: CPU-induced latency Covert Channel Countermeasures: Whonix 15.
Dec 7 2018, 12:06 PM · virtualizer, VMware, VirtualBox, KVM, Qubes, security, research, Whonix
Patrick removed a project from T444: test if Ricochet IM instructions are functional: Whonix 15.
Dec 7 2018, 12:05 PM · onion-grater (Control Port Filter Proxy), research, Whonix
Patrick removed a project from T567: research: Single Tor-Gateway with Multiple Workstations vs Multiple Tor-Gateways mapped 1:1 to Workstation VMs: Whonix 15.
Dec 7 2018, 12:04 PM · research, Whonix, user documentation
Patrick removed a project from T694: Gajim as default messenger: Whonix 15.
Dec 7 2018, 12:02 PM · Whonix, research
Patrick removed a project from T772: Managing programs without Tor Socks / DNS Support: Whonix 15.
Dec 7 2018, 12:00 PM · research

Dec 3 2018

HulaHoop added a comment to T71: Show desktop clock in local time; keep system in UTC.

I think hiding the clock is a bad idea as a user may want to manually run sdwdate to adjust it if it's out of whack before initiating internet traffic. (This is on non-Qubes versions lacking auto time adjust)

Dec 3 2018, 6:15 PM · research, whonix-setup-wizard, usability, desktop, Whonix
HulaHoop added a comment to T509: Consider nftables / Berkeley Packet Filter (BPF) as a replacement for iptables.

https://researchut.com/post/migrating-firewall-to-nftables/

Dec 3 2018, 6:02 PM · iptables, vpn-firewall, whonix-ws-firewall, whonix-gw-firewall, Whonix, refactoring, research