Page MenuHomePhorge

anon-apt-sources-listProject
ActivePublic

Members (1)

Watchers

  • This project does not have any watchers.
  • View All

Recent Activity

Jan 19 2023

Patrick closed T924: rename to bullseye-security as Resolved.
Jan 19 2023, 10:40 AM · anon-apt-sources-list, Whonix, Debian version 11 codename Bullseye

Dec 8 2022

Patrick closed T812: use onion sources list exclusively for apt-get updating by default as Wontfix.

Not a good idea nowadays due to prolonged DDoS attack on the Tor network. References:

Dec 8 2022, 4:37 PM · anon-apt-sources-list, Whonix

Jul 11 2019

Patrick created T924: rename to bullseye-security.
Jul 11 2019, 7:12 AM · anon-apt-sources-list, Whonix, Debian version 11 codename Bullseye

Feb 14 2019

Patrick closed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion as Resolved.
Feb 14 2019, 6:43 PM · anon-apt-sources-list, Whonix

Jan 23 2019

Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from Open to testing-in-next-build-required.

https://github.com/Whonix/genmkfile/commit/c0d35c24569dea4af1b873c3a89bbf492cd44470
https://github.com/Whonix/Whonix/commit/0c63f16671e2387f1ccf86f791a77657f305f4f7

Jan 23 2019, 6:32 AM · anon-apt-sources-list, Whonix
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Use SSL and apt-cacher-ng also during genmkfile inside cowbuilder.

Jan 23 2019, 4:40 AM · anon-apt-sources-list, Whonix

Jan 22 2019

Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default to deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Jan 22 2019, 6:33 AM · anon-apt-sources-list, Whonix

Jan 21 2019

HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

Building initiates. I had these deps installed anyhow. Unpinning the CPU resolved some early build error, but now it craps out at RAW image creation. Not really related to your inquiry.

Jan 21 2019, 9:32 PM · anon-apt-sources-list, Whonix
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

This is now in stretch-testers repository.

Jan 21 2019, 7:10 AM · anon-apt-sources-list, Whonix
Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.

https://github.com/Whonix/Whonix/commit/64b5b6133d733b7bb400262199992d116ae8709b
https://github.com/Whonix/Whonix/commit/b83dddec7c191160332bc9233feb6069bb28d435
https://github.com/Whonix/Whonix/commit/d182a2720c8c6a56492fccf45a8bc8c2b2902e67
https://github.com/Whonix/Whonix/commit/abaf332e0d831dc61dbe3ef0f37e701be63a494e
https://github.com/Whonix/Whonix/commit/360cc8f283d3d7ad5f1ef1a2984fa78465187dd9
https://github.com/Whonix/Whonix/commit/ec204c7434efbf985e8526d1d81ff5c9e91e1c44
https://github.com/Whonix/Whonix/commit/5e06301a66e93cbd1253ea7a52af993848a0d099
https://github.com/Whonix/Whonix/commit/0a370cf1c98ed7ac46edfda1371e81b7df314154
https://github.com/Whonix/Whonix/commit/8add221ae13de742c3c615fb7c63ce518a9c99f3
https://github.com/Whonix/Whonix/commit/54483462c12e30ec52d05f7e75537d607d9b3422
https://github.com/Whonix/Whonix/commit/3f087b337903a7e37685b0de464eb0c1ab9fc622
https://github.com/Whonix/Whonix/commit/d035e40127ca922749f6273f6f193db27be19601
https://github.com/Whonix/Whonix/commit/ca3add2343abd5846987400c04fd043082f1a489
https://github.com/Whonix/Whonix/commit/5f88d1d7377ff275679f629539d0de24f57e031e
https://github.com/Whonix/anon-shared-build-apt-sources-tpo/commit/7948da7d5c6e964455375499704851b3ca2cc21d
https://github.com/Whonix/whonix-repository/commit/903f0893182ecdbebd6eacd483f373940573e4bc
https://github.com/Whonix/whonix-legacy/commit/25663b8c9bd91185586ce9e18d07500abb81ca18
https://github.com/Whonix/whonix-initializer/commit/6705fa45965c20612ed40276fc961deb0e40890e

Jan 21 2019, 5:40 AM · anon-apt-sources-list, Whonix

Jan 20 2019

Patrick updated subscribers of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Jan 20 2019, 9:02 AM · anon-apt-sources-list, Whonix

Dec 28 2018

Patrick added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Dec 28 2018, 9:32 AM · anon-apt-sources-list, Whonix
HulaHoop added a comment to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Dec 28 2018, 12:04 AM · anon-apt-sources-list, Whonix

Dec 22 2018

Patrick added a comment to T812: use onion sources list exclusively for apt-get updating by default.

onion V3 (repo,website,forum…) reported from different sources is down.
https://forums.whonix.org/t/onion-v3-for-whonix-website-repo-down/5693/8

Dec 22 2018, 10:51 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.
Dec 22 2018, 10:50 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.
Dec 22 2018, 10:49 AM · anon-apt-sources-list, Whonix
Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org and use https by default to deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default.
Dec 22 2018, 10:47 AM · anon-apt-sources-list, Whonix

Dec 15 2018

Patrick added a comment to T812: use onion sources list exclusively for apt-get updating by default.

onion service name must be 16 characters long - can't reach Whonix onion repository
https://forums.whonix.org/t/onion-service-name-must-be-16-characters-long-cant-reach-whonix-onion-repository/6484

Dec 15 2018, 7:21 AM · anon-apt-sources-list, Whonix

Dec 7 2018

Patrick removed a project from T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion: Whonix 15.
Dec 7 2018, 11:02 AM · anon-apt-sources-list, Whonix
Patrick removed a project from T812: use onion sources list exclusively for apt-get updating by default: Whonix 15.
Dec 7 2018, 11:00 AM · anon-apt-sources-list, Whonix

Nov 8 2018

Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from testing-in-next-build-required to Open.

Reverted. Main reason:
https://forums.whonix.org/t/https-ssl-tls-by-default-broke-apt-cacher-ng-apt-package-caching-during-build/6276

Nov 8 2018, 11:32 AM · anon-apt-sources-list, Whonix
Patrick changed the status of T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from Open to testing-in-next-build-required.
Nov 8 2018, 9:02 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Nov 8 2018, 8:56 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Nov 8 2018, 8:46 AM · anon-apt-sources-list, Whonix
Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Nov 8 2018, 8:45 AM · anon-apt-sources-list, Whonix
Patrick renamed T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion from deb.debian.org instead of us.debian.org to deb.debian.org instead of us.debian.org and use https by default.
Nov 8 2018, 8:44 AM · anon-apt-sources-list, Whonix

Oct 17 2018

Patrick renamed T812: use onion sources list exclusively for apt-get updating by default from use onion sources list for apt-get updating by default to use onion sources list exclusively for apt-get updating by default.
Oct 17 2018, 11:08 AM · anon-apt-sources-list, Whonix

Sep 25 2018

Patrick updated the task description for T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion.
Sep 25 2018, 11:46 AM · anon-apt-sources-list, Whonix

Sep 15 2018

Patrick added projects to T833: Software to inlcude from backports: Whonix 16, anon-apt-sources-list.
Sep 15 2018, 12:54 PM · anon-apt-sources-list, Whonix 16, Whonix

Aug 6 2018

Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.
Aug 6 2018, 6:43 PM · anon-apt-sources-list, Whonix
Patrick updated the task description for T812: use onion sources list exclusively for apt-get updating by default.
Aug 6 2018, 6:40 PM · anon-apt-sources-list, Whonix

Jul 19 2018

Patrick renamed T812: use onion sources list exclusively for apt-get updating by default from use onion sources list for apt-get updating by deafult to use onion sources list for apt-get updating by default.
Jul 19 2018, 7:02 AM · anon-apt-sources-list, Whonix
Patrick added a project to T812: use onion sources list exclusively for apt-get updating by default: anon-apt-sources-list.
Jul 19 2018, 6:55 AM · anon-apt-sources-list, Whonix

Jul 5 2018

Patrick added a project to T721: deb.debian.org instead of us.debian.org and use https (SSL, TLS) by default / fix build --connection onion: anon-apt-sources-list.
Jul 5 2018, 3:34 PM · anon-apt-sources-list, Whonix

Mar 7 2018

Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.
Mar 7 2018, 12:11 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 21 2018

Patrick closed T399: Switch Debian links in sources.list to .onion as Resolved.
Jan 21 2018, 12:21 PM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Mar 2 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

https://github.com/Whonix/qubes-whonix/commit/afcdbbaa6bc46d06b4dca4a37c60079d1d6305c8

Mar 2 2017, 4:44 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Mar 1 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

pkg-systemd-maintainers question - [Install] for static systemd unit file?:
http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/2017-March/014376.html

Mar 1 2017, 8:50 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick changed the status of T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; from Open to Review.
In T610#11827, @Patrick wrote:

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Good question. Would work either way. I guess simpler for both whonix-gw
and whonix-ws to have this minimal redirection inside the qubes-whonix
package.

Mar 1 2017, 8:23 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#12427, @Patrick wrote:

We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.

Acquire::tor::proxy "socks5h://apt-transport-tor@127.0.0.1:9050";

(From reading zless /usr/share/doc/apt-transport-tor/README.md.gz.)

I was considering to change the port from 9050 to another one, but I am vary of this. It might look better but would also make the implementation more complicated. (Another Tor SocksPort. Not redirect 9050 from TemplateVM to gateway but another port.) Without any actual benefit.

Mar 1 2017, 12:52 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Feb 21 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.

Feb 21 2017, 9:11 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 22 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Jan 22 2017, 12:38 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 21 2017

marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Perhaps it's better to implement this rather minimally inside the https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple one socat listener port 9050 only redirection from whonix-gw TemplateVM to sys-whonix?
Jan 21 2017, 10:15 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?

In Qubes Whonix case, I think this is the easiest thing to do, for both whonix-ws and whonix-gw. Both have other mechanism to prevent updating over clearnet, so IMHO no real reason for using tor+http.

Jan 21 2017, 10:19 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?

Jan 21 2017, 12:12 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 19 2017

Patrick reopened T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as "Open".

I am glad I tagged you for this ticket. This can use scrutiny indeed. Haven't thought of that yet.

Jan 19 2017, 2:50 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

What about tor-over-tor issue here? And starting tor in template by having apt-transport-tor installed? Are those issues mitigated somehow else?

Jan 19 2017, 12:18 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

https://github.com/Whonix/Whonix/commit/2fed0f35b060b12160b1cbb475b3c74cd2075c74

Jan 19 2017, 12:07 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 18 2017

Patrick updated subscribers of T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Jan 18 2017, 1:43 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.

https://github.com/Whonix/anon-apt-sources-list/commit/9c85a9f2486f8c19ee96ba98e3dc3ce3b5a3ad77
https://github.com/Whonix/whonix-repository/commit/1584d14065cf4f14fcce77e9d387552e21c45711
https://github.com/Whonix/anon-apt-sources-list/commit/48fbc20a43b85dbe18aa07fabb0a93f1ee02fe69
https://github.com/Whonix/anon-meta-packages/commit/7cf8cf4e50b72a570de54fad10f912af73e3cf3d
https://github.com/Whonix/Whonix/commit/f2d5ac58d8c043e94ad10c7470b3a3c89875d35b
https://github.com/Whonix/Whonix/commit/77162abafc2a71ee51817b6c1f574eb6d97ed444
https://github.com/Whonix/Whonix/commit/921fc44efe75d96b18af27cf4f26479e68e259cf

Jan 18 2017, 1:43 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14