Menu
▾
▴
Re: [Whonix-devel] OpenBSD gateway development
|
From: adrelanos <adr...@ri...> - 2013-05-08 01:39:23
|
Hi chiccofx! chiccofx: > Hello Everybody, > > I am a new user to whonix, but an experienced *nix developer. I have > read the faq about the question related with openbsd and security. I > want volunteer myself to address many of those issues. > There have been > some recent developments on the issues pointed by the faq. Will they get a secure package manager like apt/rpm? > Openbsd as a whonix gateway would not only decrease the attack > surface, but the VM would required even less RAM than what is used > currently. This would improve the overall user experience and allow > more RAM to be assigned to the whonix workstation by default. > > Let me know what are your thoughts on this. I am planning to replace > my current debian whonix gateway with an OpenBSD 5.3 (launched May 1) > and see how it perform. Happy to share the result. Most interesting. As the FAQ says, I don't regard OpenBSD as very secure myself in context of Whonix's threat model, especially due to the OpenBSBD package manager not passing the TUF threat model, at least not for ordinary users who don't run their own signed OpenBSD repository... Anyway, other developers can come to different conclusions, that's fine. It's quite interesting to see an alternative implementation of Whonix-Gateway. I will support this effort with questions/answers/comments, perhaps some code changes to prepare Whonix source code better for such ports. So lets see where this goes. Whether you do this as a one shot or are interested in merging this (so the builder can just switch an option in build config), we'll see how it develops. If you share codes early, it will be easier for me to follow how it develops. Looking forward to it. Cheers, adrelanos |
