Re: [Whonix-devel] OpenBSD gateway development

[adrelanos <adr...@ri...>]

chiccofx:
>>> 	Openbsd as a whonix gateway would not only decrease the attack
>>> surface, but the VM would required even less RAM than what is used
>>> currently. This would improve the overall user experience and allow
>>> more RAM to be assigned to the whonix workstation by default.
>>>
>>> 	Let me know what are your thoughts on this. I am planning to replace
>>> my current debian whonix gateway with an OpenBSD 5.3 (launched May 1)
>>> and see how it perform. Happy to share the result.
>>
>> Most interesting. As the FAQ says, I don't regard OpenBSD as very secure
>> myself in context of Whonix's threat model, especially due to the
>> OpenBSBD package manager not passing the TUF threat model, at least not
>> for ordinary users who don't run their own signed OpenBSD repository...
>>
> 
> Since you use sourceforge for hosting and since users are already
> advised to not trust whonix,

I hope to change this. I am in contact with an organization which may or
may not be interested to create binary builds. This organization won't
be trusted by everyone of course, there is always space for doubt. There
is nothing negative in their public record. For objective reasons, they
are more to be trusted than some anonymous person (me). I am not that
interested in creating binary builds anyway and would like to have such
a trusted organization or person helping out. (At some point we decide
to make a maybe-release branch, start snapshot builds for testers,
stabilize and eventually call it a release. I'll concentrate on code
development and documentation and they help out with uploads.)

It's still in the very early discussion phase, not sure if there will be
any outcome.

On the other front, I also made some tiny progress with deterministic
builds. Not sure if I will be able to script it, but perhaps I can at
least get up a proposal and then ask people who offer to volunteer if
they have the skill to script it.

> we could create a OpenBSD repository,
> signed initially with my key,

Well, that would be as far I understand it a nice contribution to the
OpenBSD and Free Software world and perhaps useful for many other
people, not just people interested in Whonix.

> and perhaps, in the future with the whonix
> project key.

Not sure if I get into OpenBSD, but it seems I am getting educated here.

> Will start working on my free time as soon as possible. The OpenBSD
> project officially dropped sendmail in favor of OpenSMTPD. In your FAQ
> you stated that OpenBSD does not support PIE but, in facth, OpenBSD was
> one of the first mainstream OSes to support it. OpenBSD support complete
> ASLR support with PIE binaries since 2008. Also, it can be run in
> securelevel with not only prevents changes to the firewall ruleset as it
> does apply other restrictions, as not letting any kind of disk writing,
> among other things. Also, the tor package/port can be run on a chroot.
> All this will help to decrease the attack surface. I know that there are
> many criticisms to some of the security features of OpenBSD, but I have
> never had one machine compromised, either remotely or locally (using
> securelevel)

I removed those points from the faq
https://sourceforge.net/p/whonix/wiki/FAQ/#why-arent-you-using-openbsd-its-the-most-secure-os-ever1
I should rewrite that FAQ entry anyway. Never know how to do it best.
Originally it was written by anonymous long time ago.

Maybe Whonix gets sponsored with https hosting from that organization as
well, in that case, in future there could be something like a download
wizard where people choose which flavor they prefer depending on some
helpful questions. (Flavor as in Debian based Gateway, OpenBSD based
Gateway, Physical Isolation.)