Page MenuHomePhabricator

whonix-repositoryProject
ActivePublic

Members (1)

Watchers

  • This project does not have any watchers.

Recent Activity

Mar 7 2018

Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.
Mar 7 2018, 1:11 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick closed T475: move to whonix.org repository as Resolved.
Mar 7 2018, 12:46 AM · Whonix 14, whonix-legacy, whonix-repository, Whonix

Jan 21 2018

Patrick closed T399: Switch Debian links in sources.list to .onion as Resolved.
Jan 21 2018, 1:21 PM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Mar 2 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

https://github.com/Whonix/qubes-whonix/commit/afcdbbaa6bc46d06b4dca4a37c60079d1d6305c8

Mar 2 2017, 5:44 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Mar 1 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

pkg-systemd-maintainers question - [Install] for static systemd unit file?:
http://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/2017-March/014376.html

Mar 1 2017, 9:50 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick changed the status of T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; from Open to Review.
In T610#11827, @Patrick wrote:

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Good question. Would work either way. I guess simpler for both whonix-gw
and whonix-ws to have this minimal redirection inside the qubes-whonix
package.

Mar 1 2017, 9:23 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#12427, @Patrick wrote:

We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.

Acquire::tor::proxy "socks5h://apt-transport-tor@127.0.0.1:9050";

(From reading zless /usr/share/doc/apt-transport-tor/README.md.gz.)

I was considering to change the port from 9050 to another one, but I am vary of this. It might look better but would also make the implementation more complicated. (Another Tor SocksPort. Not redirect 9050 from TemplateVM to gateway but another port.) Without any actual benefit.

Mar 1 2017, 1:52 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Feb 21 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

We should probably also set a socks user name for better Tor stream isolation. (IsolateSOCKSAuth) I am considering to add this to the uwt package.

Feb 21 2017, 10:11 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 22 2017

Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

marmarek (Marek Marczykowski-Górecki):

marmarek added a comment.

Perhaps it's better to implement this rather minimally inside the
https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple
one socat listener port 9050 only redirection from whonix-gw
TemplateVM to sys-whonix?

You're talking about whonix-gw template here, right? And still cover
whonix-ws with
https://phabricator.whonix.org/tag/anon-ws-disable-stacked-tor/?

Jan 22 2017, 1:38 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 21 2017

marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Perhaps it's better to implement this rather minimally inside the https://phabricator.whonix.org/tag/qubes-whonix/ package? A simple one socat listener port 9050 only redirection from whonix-gw TemplateVM to sys-whonix?
Jan 21 2017, 11:15 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?

In Qubes Whonix case, I think this is the easiest thing to do, for both whonix-ws and whonix-gw. Both have other mechanism to prevent updating over clearnet, so IMHO no real reason for using tor+http.

Jan 21 2017, 11:19 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
In T610#11722, @Patrick wrote:

I haven't updated whonix_repository_uri= in https://github.com/Whonix/qubes-template-whonix/blob/master/whonix-gateway/04_install_qubes_post.sh to onion yet. I guess there we should use onion plus Acquire::BlockDotOnion "false";?

Jan 21 2017, 1:12 AM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 19 2017

Patrick reopened T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as "Open".

I am glad I tagged you for this ticket. This can use scrutiny indeed. Haven't thought of that yet.

Jan 19 2017, 3:50 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
marmarek added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

What about tor-over-tor issue here? And starting tor in template by having apt-transport-tor installed? Are those issues mitigated somehow else?

Jan 19 2017, 1:18 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick added a comment to T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.

https://github.com/Whonix/Whonix/commit/2fed0f35b060b12160b1cbb475b3c74cd2075c74

Jan 19 2017, 1:07 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Jan 18 2017

Patrick updated subscribers of T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Jan 18 2017, 2:43 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick closed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; as Resolved.

https://github.com/Whonix/anon-apt-sources-list/commit/9c85a9f2486f8c19ee96ba98e3dc3ce3b5a3ad77
https://github.com/Whonix/whonix-repository/commit/1584d14065cf4f14fcce77e9d387552e21c45711
https://github.com/Whonix/anon-apt-sources-list/commit/48fbc20a43b85dbe18aa07fabb0a93f1ee02fe69
https://github.com/Whonix/anon-meta-packages/commit/7cf8cf4e50b72a570de54fad10f912af73e3cf3d
https://github.com/Whonix/Whonix/commit/f2d5ac58d8c043e94ad10c7470b3a3c89875d35b
https://github.com/Whonix/Whonix/commit/77162abafc2a71ee51817b6c1f574eb6d97ed444
https://github.com/Whonix/Whonix/commit/921fc44efe75d96b18af27cf4f26479e68e259cf

Jan 18 2017, 2:43 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick renamed T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false"; from should use http+tor / apt-transport-tor rather than Acquire::BlockDotOnion "false"; to use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Jan 18 2017, 2:25 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14
Patrick created T610: use tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false";.
Jan 18 2017, 2:19 PM · Whonix, anon-shared-build-apt-sources-tpo, build, whonix-repository, anon-apt-sources-list, Whonix 14

Aug 19 2016

Patrick changed the status of T399: Switch Debian links in sources.list to .onion from Open to Review.
Aug 19 2016, 2:33 AM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix
Patrick raised the priority of T399: Switch Debian links in sources.list to .onion from Wishlist to Normal.
Aug 19 2016, 2:08 AM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Aug 3 2016

Patrick added a comment to T399: Switch Debian links in sources.list to .onion .

Already up.

Aug 3 2016, 12:30 AM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Aug 2 2016

HulaHoop added a comment to T399: Switch Debian links in sources.list to .onion .

IMHO restoring Whonix onion repos should be part of this to achieve complete protection.

Aug 2 2016, 12:40 AM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

Aug 1 2016

Patrick added a project to T399: Switch Debian links in sources.list to .onion : Whonix 14.
Aug 1 2016, 9:08 PM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix
Patrick added projects to T399: Switch Debian links in sources.list to .onion : anon-apt-sources-list, anon-shared-build-apt-sources-tpo, whonix-repository, enhancement, research.
Aug 1 2016, 9:00 PM · Whonix 14, research, enhancement, whonix-repository, anon-shared-build-apt-sources-tpo, anon-apt-sources-list, Whonix

May 4 2016

Patrick closed T200: stable-proposed-updates repository required as Resolved.
May 4 2016, 8:05 PM · Whonix 13, Whonix, whonix-repository
Patrick renamed T200: stable-proposed-updates repository required from stable-fixes-testers repository required to stable-proposed-updates repository required.
May 4 2016, 7:51 PM · Whonix 13, Whonix, whonix-repository
Patrick edited projects for T475: move to whonix.org repository, added: Whonix 14; removed Whonix 13.
May 4 2016, 2:11 AM · Whonix 14, whonix-legacy, whonix-repository, Whonix

Apr 30 2016

Patrick added a comment to T200: stable-proposed-updates repository required.

It works.

Apr 30 2016, 3:47 AM · Whonix 13, Whonix, whonix-repository

Apr 29 2016

Patrick added a comment to T475: move to whonix.org repository.
Apr 29 2016, 7:02 AM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick added a comment to T475: move to whonix.org repository.

upgraded builds: ok

Apr 29 2016, 7:00 AM · Whonix 14, whonix-legacy, whonix-repository, Whonix

Apr 28 2016

Patrick closed T497: extend Whonix signing key as Resolved.

test upgraded builds: ok

Apr 28 2016, 1:52 AM · Whonix 13, Whonix, whonix-repository

Apr 26 2016

Patrick added a comment to T475: move to whonix.org repository.

new builds: ok
upgraded builds: todo

Apr 26 2016, 5:14 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick added a comment to T497: extend Whonix signing key.

test new builds: ok
test upgraded builds: todo

Apr 26 2016, 5:06 PM · Whonix 13, Whonix, whonix-repository

Apr 18 2016

Patrick changed the status of T497: extend Whonix signing key from Open to Review.

https://github.com/Whonix/whonix-repository/commit/04ba12a77526191ec507fd25dbcd1dba641b2123
https://github.com/Whonix/whonix-repository/commit/d253d364332ca70a422d0aabbfe75caee865bcff
https://github.com/Whonix/whonixcheck/commit/700134e19135b6247c835c89b9e4040fea69579f

Apr 18 2016, 11:39 PM · Whonix 13, Whonix, whonix-repository

Apr 16 2016

Patrick created T497: extend Whonix signing key.
Apr 16 2016, 5:18 PM · Whonix 13, Whonix, whonix-repository

Mar 31 2016

Patrick changed the status of T200: stable-proposed-updates repository required from Open to Review.

Great!

Mar 31 2016, 4:52 AM · Whonix 13, Whonix, whonix-repository

Mar 30 2016

marmarek added a comment to T200: stable-proposed-updates repository required.

I think Qubes securitytesting might be overkill, but I don't know the reasoning. Might be simpler to have testing only. Certainly overkill for Whonix.

Mar 30 2016, 10:14 PM · Whonix 13, Whonix, whonix-repository
Patrick added a comment to T200: stable-proposed-updates repository required.

Debian has currently:

Mar 30 2016, 10:00 PM · Whonix 13, Whonix, whonix-repository
Patrick updated subscribers of T200: stable-proposed-updates repository required.
Mar 30 2016, 9:49 PM · Whonix 13, Whonix, whonix-repository

Mar 21 2016

Patrick updated the task description for T475: move to whonix.org repository.
Mar 21 2016, 2:47 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick changed the status of T475: move to whonix.org repository from Open to Review.

https://github.com/Whonix/whonix-legacy/commit/019f20ec794814098a0188cc5c7ba911b789c631

Mar 21 2016, 2:47 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick updated the task description for T475: move to whonix.org repository.
Mar 21 2016, 2:41 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick added a comment to T475: move to whonix.org repository.
Mar 21 2016, 2:41 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix

Mar 14 2016

Patrick updated the task description for T475: move to whonix.org repository.
Mar 14 2016, 11:07 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix
Patrick created T475: move to whonix.org repository.
Mar 14 2016, 10:59 PM · Whonix 14, whonix-legacy, whonix-repository, Whonix

Aug 20 2015

Patrick edited projects for T200: stable-proposed-updates repository required, added: Whonix 13; removed Whonix 12.
Aug 20 2015, 12:16 AM · Whonix 13, Whonix, whonix-repository

Aug 19 2015

Patrick edited projects for T286: Only source configuration files that end with the `.conf` extension?, added: Whonix 13; removed Whonix 12.
Aug 19 2015, 7:58 PM · tb-updater, tb-starter, open-link-confirmation, Whonix-Host, rads, Whonix 13, onion-grater (Control Port Filter Proxy), uwt, build, sdwdate, whonixcheck, whonix-ws-firewall, whonix-gw-firewall, Whonix

May 16 2015

nrgaway closed T233: qubes-whonix update issue because of bug in whonix-setup-wizard / whonix_repository as Resolved.
May 16 2015, 3:04 PM · usability, qubes-whonix 10, Qubes, Whonix, whonix-setup-wizard, bug, whonix-repository
nrgaway added a comment to T233: qubes-whonix update issue because of bug in whonix-setup-wizard / whonix_repository.

Resolved with qubes-whonix unreleased 9.6.9 and 10

May 16 2015, 3:04 PM · usability, qubes-whonix 10, Qubes, Whonix, whonix-setup-wizard, bug, whonix-repository