Whonix / _: Recent posts

Public Livestream on 14th of April at 8PM CEST and Patreon

Whonix is a project which requires a lot of dedication, passion and time to be properly maintained. Especially Patrick has sacrificed a huge part of his live to making a fail-safe way to use Tor accessible to as many people as possible.

For the last few years, he mainly was able to focus on the tasks required to maintain Whonix thanks to the dedication of individuals supporting Whonix either in the forum, wiki, on Github or on all three, as well as the occasional donations provided by generous donors. However, because of the nature of these donations, it continues to be challenging to focus on long time goals, seeing how it is hard to make extensive plans based on occasional monetary support.... read more

Posted by SourceForge Robot 2017-04-08

Whonix 13.0.0.1.4 stable upgrade released!

Qubes-Whonix:

Either start with fresh templates. I.e. uninstall qubes-template-whonix-gw and qubes-template-whonix-ws. Then, to install, run in dom0:

sudo qubes-dom0-update --enablerepo=qubes-tempates-community qubes-template-whonix-gw qubes-template-whonix-ws

Or you can also upgrade from Whonix's repository. Please refer to the following instructions:
https://www.whonix.org/wiki/Qubes/Update... read more

Posted by SourceForge Robot 2016-12-23

How to upgrade Debian, Whonix, etc. without being compromised by CVE-2016-1252

Posted by SourceForge Robot 2016-12-15

don’t apt-get dist-upgrade for now – wait for workaround – CVE-2016-1252

Posted by SourceForge Robot 2016-12-15

accessibility tools could be automatically removed / you probably should remove them

If you do not use any accessibility tools (gnome-orca, espeakup, console-braille, florence, dasher, kdeaccessibility, kvkbd, kmousetool, kmag, kmouth, jovie, xbrlapi, festival, qt-at-sp), you will not miss anything. (You would probably know if you are using them.)

Soon, there will be a Whonix stable upgrade. The package whonix-gateway-shared-packages-shared-meta will no longer depend on anon-shared-kde-accessibility. This means, when you run `sudo apt-get purge kdeaccessibility && sudo apt-get autoremove` after the upgrade, these accessibility packages will be automatically removed.... read more

Posted by SourceForge Robot 2016-11-30

combining Tor with a VPN or proxy can make you less anonymous

Warning

Using a VPN, proxy or SSH can can negatively affect anonymity under some circumstances. [1] [2]
To explain why that is, some background information is required so you can draw conclusions and take actions to avoid this risk. See below. ... read more

Posted by SourceForge Robot 2016-07-18

Your MAC Address Randomization attempts are futile!

The following paper explains why.

[

Why MAC Address Randomization is not Enough:
An Analysis of Wi-Fi Network Discovery Mechanisms](http://papers.mathyvanhoef.com/asiaccs2016.pdf)

The above interesting paper has been found by HulaHoop and added to Whonix MAC address documentation.... read more

Posted by SourceForge Robot 2016-07-07

Whonix 13 released!

Qubes-Whonix:

Either start with fresh templates. I.e. uninstall qubes-template-whonix-gw and qubes-template-whonix-ws. Then, to install, run in dom0:

sudo qubes-dom0-update --enablerepo=qubes-tempates-community qubes-template-whonix-gw qubes-template-whonix-ws

Or you can also upgrade from Whonix's repository. Please refer to the following instructions:
https://www.whonix.org/wiki/Upgrading_Whonix_12_to_Whonix_13... read more

Posted by SourceForge Robot 2016-05-31

most encryption will be broken

In ~10 years Quantum Computers will break todays common asymmetric public-key cryptography algorithms used for web encryption (https), e-mail encryption (gnupg…), ssh and others. See Post-Quantum Cryptography (PQCrypto).

The post most encryption will be broken appeared first on Whonix.
link

Posted by SourceForge Robot 2016-05-05

Biometric Fingerprinting, Mass Surveillance and You

Tracking techniques have become more sophisticated with time. They advanced from simple cookies to browser/device fingerprinting (which Tor Browser focuses on defeating) to user behavior fingerprinting. The latter is about profiling how a user types on a keyboard or uses a mouse.

Keystroke dynamics have been around for a while but the massive scale of deployment is new and comes with serious implications for anonymous users. This technology is already used by PRISM partners, banks and massive online courses.... read more

Posted by SourceForge Robot 2016-03-16

a browser is not a safe environment to type

A browser is no safe environment to write stuff such as for example forum posts or e-mails, webmail or IMAP.

  • You could accidentally paste things you don't want to paste for example into the search or url bar, which could trigger a search for text that you did not intend to sent into the public internet.
  • With JavaScript enabled, while you type, the server already knows what you type as you type..
    • It reveals, how fast you type, how long your breaks are, which mistakes you make and how you correct them while writing the draft, also which type of local keyboard you are using.
    • It should be assumed, that such data is already being collected and analyzed.
  • Since there is stylometry which works with less data (final text only), it is save to assume, that data is more than unique enough to pose a serious risk for de-anonymization or at least anonymity set reduction. An adversary having this data from a user having typed over clearnet, then comparing with a user having typed over Tor, may be able compare those. Even if it was not a 100% hit, reaching higher probabilities this is already fatal.
  • Write the text in an offline text editor such as KWrite and copy and paste the text into the web interface once you are done.... read more
Posted by SourceForge Robot 2016-02-16

Persistent Tor Entry Guard Relays can make you trackable Across Different Physical Locations

Posted by SourceForge Robot 2016-02-10

Whonix 12 released!

Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.... read more

Posted by SourceForge Robot 2015-12-14

Whonix Anonymous Operating System Version 11 Released!

Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.... read more

Posted by SourceForge Robot 2015-08-17

Security Advisory: Firefox exploit found in the wild

You are advices to set configure the following setting in Tor Browser in Whonix:
Edit -> Preferences -> Applications ->Portable Document Format (PDF) -> Save File

You are advices to update as soon as updates are available. This blog post will be updated as new information come in.

(Do that same with Firefox / Iceweasel if you are using that elsewhere.)

Problem description at Mozilla Firefox blog:
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/... read more

Posted by SourceForge Robot 2015-08-08

Whonix Anonymous Operating System Version 10 Released!

Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.... read more

Posted by SourceForge Robot 2015-04-27

Can’t start Tor Browser in Whonix?

Please 'stay tuned', because you missed an important news:
Bug: Tor Browser Alpha rather than Tor Browser Stable being installed by Tor Browser Updater (AnonDist)

If you want to start the alpha anyhow, which is recommended against (rather get the stable), go to start menu -> File Manager -> /home/user/tor-browser_en-US -> double click 'start-tor-browser.desktop'.... read more

Posted by SourceForge Robot 2015-04-03

[Solved] – Unmaintained Notice! – Whonix inside KVM – Looking for contributor!

Update: KVM maintainer HulaHoop is back.

Since previous Whonix in KVM maintainer HulaHoop was last active on January 04, 2015, it's safe to assume this person got lost. No idea why HulaHoop went inactive. There was no notice of departure, argument or whatsoever. I would like to thank HulaHoop for its work on support for running Whonix inside KVM. As of Whonix 9, the status was "testers-only" and would likely have changed to "stable" in Whonix 10. So most integration work is already done. A new contributor would be welcome to take over from there.... read more

Posted by SourceForge Robot 2015-02-27

Unmaintained Notice! – Whonix inside KVM – Looking for contributor!

Since previous Whonix in KVM maintainer HulaHoop was last active on January 04, 2015, it's safe to assume this person got lost. No idea why HulaHoop went inactive. There was no notice of departure, argument or whatsoever. I would like to thank HulaHoop for its work on support for running Whonix inside KVM. As of Whonix 9, the status was "testers-only" and would likely have changed to "stable" in Whonix 10. So most integration work is already done. A new contributor would be welcome to take over from there.... read more

Posted by SourceForge Robot 2015-02-27

Bug: Tor Browser Alpha rather than Tor Browser Stable being installed by Tor Browser Updater (AnonDist)

The version file format was changed, and there is no stable version version format.

If you want to use the stable version of Tor Browser, you have to use these instructions in meanwhile:
https://www.whonix.org/wiki/Manually_Updating_Tor_Browser... read more

Posted by SourceForge Robot 2015-02-05

Abstain from using Stream Isolation SocksPort 9152

Easy / TLDR:
Using stream isolation (https://www.whonix.org/wiki/Stream_Isolation) with custom ports? With port 9152?
Don't do this anymore in Whonix 10 and above! Use any higher port numbers as per stream isolation documentation!

Long:

Reasons:
Tor Messenger will use that port in future. (https://phabricator.whonix.org/T107)
Enabling IsolateDestAddr and IsolateDestPort for it (https://trac.torproject.org/projects/tor/ticket/14382) might be recommended.... read more

Posted by SourceForge Robot 2015-01-26

Whonix Signing Key Expired (KEYEXPIRED Error)

Posted by SourceForge Robot 2015-01-18

Tor Browser’s Internal Updater – Security Warning

Until further notice, it is recommended against using Tor Browser's Internal Updater for security reasons. More information and how to securely update is documented in the wiki, see: https://www.whonix.org/wiki/Tor_Browser#Updating User support discussion: https://www.whonix.org/forum/index.php/topic,810 Forum development discussion: https://www.whonix.org/forum/index.php/topic,807

The post Tor Browser's Internal Updater - Security Warning appeared first on Whonix.
link

Posted by SourceForge Robot 2014-12-07

Whonix 9.4 Maintenance Release

Existing users can upgrade the usual way using apt-get, see also: https://www.whonix.org/wiki/Security_Guide#Updates

Read more ›

The post Whonix 9.4 Maintenance Release appeared first on Whonix.
link

Posted by SourceForge Robot 2014-11-17

hidden service for whonix.org taken offline

Fortasse (whonix.org webmaster) and I agreed to take down the hidden service for whonix.org http://xxxxxxxxxxh5kyrx.onion. (If you're wondering, why we provided a hidden service, but didn't use it for location privacy, see: https://www.whonix.org/wiki/Forcing_.onion_on_Whonix.org\) The reason for this unfortunate change is, that…

Read more ›... read more

Posted by SourceForge Robot 2014-11-09