You can subscribe to this list here.
2012 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(2) |
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2013 |
Jan
(4) |
Feb
(4) |
Mar
(38) |
Apr
(19) |
May
(25) |
Jun
(23) |
Jul
(3) |
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
From: adrelanos <adr...@ri...> - 2013-03-29 09:34:50
|
Vladimir Arseniev: > On 03/28/2013 03:24 PM, adrelanos wrote: > >> Vladimir Arseniev: >>> On 03/28/2013 12:15 AM, adr...@ri... wrote: >>> >>>> Since Whonix 0.6.1 (Developer Preview version), it's trivial to >>>> create 64 bit builds of Whonix. If you already know how to build >>>> Whonix from source code, only a very few steps are missing. >>>> >>>> Simply get into Whonix build-steps folder and open the >>>> 20_create-debian-img step. >>>> >>>> On Github: >>>> >>> [https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img](https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img) >>> >>> <snip> >>> >>> How hard would it be to create workstation VMs using LUKS (or dm-crypt)? >> >> Whonix-Workstation custom VM builds: >> - You're better off using full disk encryption on the host. > > Yes, I do that already (LVM on LUKS on RAID). > > But I have very many VMs, and like the idea of limiting my exposure > while the host is up, and I'm only using particular VMs. I do realize > that VM LUKS passphrases and who know what else may be cached on the > host, but it seems better than nothing. > > It would be more secure to have many dm-crypt partitions for VM storage, > and only mount the one(s) that I need. Maybe I could do that in LVM, > and still use LUKS for the host overall. Ok. >> Whonix-Workstation on hardware with physical isolation without VMs: >> - Installing Debain is as easy/hard as without Whonix. >> - Installing Whonix isn't that hard: >> https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend > > OK, I'll look at this. This might also solve your other question "How hard would it be to "add" (in some way) all Whonix workstation "stuff" to an existing Debian VM?". >> Doing for Whonix-Default/Download-Version: >> - Before thinking about it, it would require shipping a host operating >> system and a host operating system installer. The project isn't yet that >> far developed. >> - >> https://sourceforge.net/p/whonix/wiki/FAQ/#you-should-add-full-disk-encryption-to-whonix > > Yes, I gather that building installers is much harder than building VMs. > At some point, though, it would be cool to set up Whonix as real > installs on two physical machines. Of course. Still a lot work to do... > Another question occurs to me. How hard would it be to "add" (in some way) > all Whonix workstation "stuff" to an existing Debian VM? Not very hard. Same instructions as: https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend >>> I write that as someone who uses the Debian alternate installer for LUKS >>> setup. >> >> Yes, it's not as easy as using TrueCrypt FDE on Windows. > > Actually, RAID/LUKS/LVM with the Debian alternate installer is far, far > easier than TrueCrypt FDE on Windows ;) Well, that's open for debate. Does the Debian alternate installer encrypt swap by default? I find the Windows user interface of TrueCrypt much easier to grasp. |
From: Vladimir A. <vla...@ap...> - 2013-03-28 21:12:42
|
On 03/28/2013 03:24 PM, adrelanos wrote: > Vladimir Arseniev: >> On 03/28/2013 12:15 AM, adr...@ri... wrote: >> >>> Since Whonix 0.6.1 (Developer Preview version), it's trivial to >>> create 64 bit builds of Whonix. If you already know how to build >>> Whonix from source code, only a very few steps are missing. >>> >>> Simply get into Whonix build-steps folder and open the >>> 20_create-debian-img step. >>> >>> On Github: >>> >> [https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img](https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img) >> >> <snip> >> >> How hard would it be to create workstation VMs using LUKS (or dm-crypt)? > > Whonix-Workstation custom VM builds: > - You're better off using full disk encryption on the host. Yes, I do that already (LVM on LUKS on RAID). But I have very many VMs, and like the idea of limiting my exposure while the host is up, and I'm only using particular VMs. I do realize that VM LUKS passphrases and who know what else may be cached on the host, but it seems better than nothing. It would be more secure to have many dm-crypt partitions for VM storage, and only mount the one(s) that I need. Maybe I could do that in LVM, and still use LUKS for the host overall. > Whonix-Workstation on hardware with physical isolation without VMs: > - Installing Debain is as easy/hard as without Whonix. > - Installing Whonix isn't that hard: > https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend OK, I'll look at this. > Doing for Whonix-Default/Download-Version: > - Before thinking about it, it would require shipping a host operating > system and a host operating system installer. The project isn't yet that > far developed. > - > https://sourceforge.net/p/whonix/wiki/FAQ/#you-should-add-full-disk-encryption-to-whonix Yes, I gather that building installers is much harder than building VMs. At some point, though, it would be cool to set up Whonix as real installs on two physical machines. Another question occurs to me. How hard would it be to "add" (in some way) all Whonix workstation "stuff" to an existing Debian VM? >> I write that as someone who uses the Debian alternate installer for LUKS >> setup. > > Yes, it's not as easy as using TrueCrypt FDE on Windows. Actually, RAID/LUKS/LVM with the Debian alternate installer is far, far easier than TrueCrypt FDE on Windows ;) <snip> |
From: adrelanos <adr...@ri...> - 2013-03-28 11:25:14
|
Vladimir Arseniev: > On 03/28/2013 12:15 AM, adr...@ri... wrote: > >> Since Whonix 0.6.1 (Developer Preview version), it's trivial to >> create 64 bit builds of Whonix. If you already know how to build >> Whonix from source code, only a very few steps are missing. >> >> Simply get into Whonix build-steps folder and open the >> 20_create-debian-img step. >> >> On Github: >> > [https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img](https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img) > > <snip> > > How hard would it be to create workstation VMs using LUKS (or dm-crypt)? Whonix-Workstation custom VM builds: - You're better off using full disk encryption on the host. Whonix-Workstation on hardware with physical isolation without VMs: - Installing Debain is as easy/hard as without Whonix. - Installing Whonix isn't that hard: https://sourceforge.net/p/whonix/wiki/PhysicalIsolation/#install-whonix-workstation-on-hardware-untested-not-recommend Doing for Whonix-Default/Download-Version: - Before thinking about it, it would require shipping a host operating system and a host operating system installer. The project isn't yet that far developed. - https://sourceforge.net/p/whonix/wiki/FAQ/#you-should-add-full-disk-encryption-to-whonix > I write that as someone who uses the Debian alternate installer for LUKS > setup. Yes, it's not as easy as using TrueCrypt FDE on Windows. |
From: Vladimir A. <vla...@ap...> - 2013-03-28 05:09:03
|
On 03/28/2013 12:15 AM, adr...@ri... wrote: > Since Whonix 0.6.1 (Developer Preview version), it's trivial to > create 64 bit builds of Whonix. If you already know how to build > Whonix from source code, only a very few steps are missing. > > Simply get into Whonix build-steps folder and open the > 20_create-debian-img step. > > On Github: > [https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img](https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img) <snip> How hard would it be to create workstation VMs using LUKS (or dm-crypt)? I write that as someone who uses the Debian alternate installer for LUKS setup. |
From: <adr...@ri...> - 2013-03-27 20:16:11
|
Since Whonix 0.6.1 (Developer Preview version), it's trivial to create 64 bit builds of Whonix. If you already know how to build Whonix from source code, only a very few steps are missing. Simply get into Whonix build-steps folder and open the 20_create-debian-img step. On Github: [https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img](https://github.com/adrelanos/Whonix/blob/development/build-steps/20_create-debian-img) For example, you can comment out. #local ARCH="i386" And comment in. local ARCH="amd64" Despite it's name, the "amd64" architecture, works on both, AMD and Intel. NOTE: Its impossible to create 64 bit builds on 32 bit hosts. So if you want to create a Whonix 64 bit build, you most likely want to install Debian Wheezy 64 bit first (in a VM). Also interesting architectures for custom builds: Kernel of FreeBSD. It won't work out of the box for Whonix-Gateway, because Whonix Firewall is based on iptables (Linux) and the FreeBSD does not support iptables. It's firewall is pf. The Whonix iptables rules would have to be rewritten in pf. For Whonix-Workstation you could also try "kfreebsd-i386" or "kfreebsd-amd64", but this is untested, just as 64 bit Linux builds are much less tested. Most credit and thanks goes to upstream projects, the Debian and grml-debootstrap maintainers. The Whonix specific modifications where trivial, it's only required to replace variables and to document it. It will probable still take a long time before The Whonix Project will offer ready to download 64 bit and/or Kernel of FreeBSD based builds. I don't think it will be possible without a new contributor jointing the project to provide for those builds. Creating the 32 bit i686 (and i486 compatible) version, testing and uploading already takes much time. URL: http://sourceforge.net/p/whonix/featureblog/2013/03/whonix-64-bit-custom-builds-freebsd-kernel-based-builds/ |
From: <adr...@ri...> - 2013-03-27 10:31:12
|
* It's now using a step based build system with smaller files sorted by build steps and named by purpose. Check out the development branch on github. [https://github.com/adrelanos/Whonix/tree/development](https://github.com/adrelanos/Whonix/tree/development) * Instructions how to build Whonix from source code have been shrunk down and simplified. [https://sourceforge.net/p/whonix/wiki/Dev_SourceCodeIntro/](https://sourceforge.net/p/whonix/wiki/Dev_SourceCodeIntro/) * The Introduction into Whonix source code have been updated. [https://sourceforge.net/p/whonix/wiki/Dev_SourceCodeIntro/](https://sourceforge.net/p/whonix/wiki/Dev_SourceCodeIntro/) * A Developer Portal has been created. (Links to Source Code, Instructions how to build Whonix from Source Code, Developing / Hacking Whonix guide, Introduction into Whonix Source Code, Introduction into Whonix's simple git branch model, Options to stay up to date on Whonix Source Code Changes, Development Tickets, Optional Goodies, Detailed Design - What is each file good for?, Technical Design, Changelog, ChangelogNEXT, Useful stuff for debugging, Redistributing Whonix) [https://sourceforge.net/p/whonix/wiki/Dev_SourceCode/](https://sourceforge.net/p/whonix/wiki/Dev_SourceCode/) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/heavily-simplified-source-code-and-build-documentation---developer-preview-061/ |
From: <adr...@ri...> - 2013-03-26 16:20:04
|
Ever wanted to know what each and every file in Whonix Source Code is good for? It's now all documented. * [https://sourceforge.net/p/whonix/wiki/Design-Shared/](https://sourceforge.net/p/whonix/wiki/Design-Shared/) * [https://sourceforge.net/p/whonix/wiki/Design-Gateway/](https://sourceforge.net/p/whonix/wiki/Design-Gateway/) * [https://sourceforge.net/p/whonix/wiki/Design-Workstation/](https://sourceforge.net/p/whonix/wiki/Design-Workstation/) The "old", more textual Whonix Design [https://sourceforge.net/p/whonix/wiki/Design/](https://sourceforge.net/p/whonix/wiki/Design/) page will still get maintained and improved. Please get in contact if you are missing something, if there are questions or if you want to improve the Design. URL: http://sourceforge.net/p/whonix/featureblog/2013/03/in-depth-detailed-technical-whonix-design/ |
From: <adr...@ri...> - 2013-03-19 23:03:45
|
Whonix-commits read only mailing list: [https://lists.sourceforge.net/lists/listinfo/whonix-commits](https://lists.sourceforge.net/lists/listinfo/whonix-commits) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/github-source-code-commits-mailing-list/ |
From: <adr...@ri...> - 2013-03-19 23:03:35
|
If you prefer Twitter, use the Secondary Twitter Account for Source Code Commit Notification: [https://twitter.com/WhonixSource](https://twitter.com/WhonixSource) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/secondary-twitter-account-for-source-code-commit-notification/ |
From: <adr...@ri...> - 2013-03-19 12:52:00
|
Instructions how to SSH into Whonix-Workstation (host -> ssh -> Whonix-Gateway -> ssh -> Whonix-Workstation) have been added. You an use ssh, scp and sshfs, thus mount Whonix-Workstation folders on the host. [https://sourceforge.net/p/whonix/wiki/File%20Transfer/#ssh-into-whonix-workstation](https://sourceforge.net/p/whonix/wiki/File%20Transfer/#ssh-into-whonix-workstation) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/advancend-users-file-transfer-ssh-into-mount-whonix-workstation-on-the-host/ |
From: adrelanos <adr...@ri...> - 2013-03-10 01:06:12
|
Vladimir Arseniev: > On 03/09/2013 07:19 AM, adr...@ri... wrote: > >> [https://sourceforge.net/p/whonix/wiki/MAC/](https://sourceforge.net/p/whonix/wiki/MAC/) >> >> Does it make sense or am I overthinking it? >> >> URL: http://sourceforge.net/p/whonix/featureblog/2013/03/development-discussion---anonymizing-mac-addresses/ > > I rarely use public WiFi, so I'm not very familiar with this issue. > > As I understand what you've written, the general idea is setting > MAC address spoofing policies for multiple WiFi networks. Yes. > That seems > rather analogous to the network type setting in Windows 7 etc. Yes. > The problem, I suspect, may be that your machine reveals its MAC > address in an initial dialogue with a WiFi router. Is that true? > > If it's not, then adding something to Network Manager to set MAC > address spoofing policy for each WiFi router might be best. For > new connections without policies, you'd be prompted. > > If machines do reveal MAC addresses in initial dialogues with WiFi > routers, it's far more complicated. You'd need to collect whatever > information Network Manager needs without revealing your true > MAC address. I don't know if it's possible to collect data about the network without revealing the MAC, probable yes by passive eavesdropping. Relying on that data wouldn't be so good because the admin can impersonate other wifi's or just change data to appear like a new wifi. |
From: Vladimir A. <vla...@ap...> - 2013-03-10 00:12:18
|
On 03/09/2013 07:19 AM, adr...@ri... wrote: > [https://sourceforge.net/p/whonix/wiki/MAC/](https://sourceforge.net/p/whonix/wiki/MAC/) > > Does it make sense or am I overthinking it? > > URL: http://sourceforge.net/p/whonix/featureblog/2013/03/development-discussion---anonymizing-mac-addresses/ I rarely use public WiFi, so I'm not very familiar with this issue. As I understand what you've written, the general idea is setting MAC address spoofing policies for multiple WiFi networks. That seems rather analogous to the network type setting in Windows 7 etc. The problem, I suspect, may be that your machine reveals its MAC address in an initial dialogue with a WiFi router. Is that true? If it's not, then adding something to Network Manager to set MAC address spoofing policy for each WiFi router might be best. For new connections without policies, you'd be prompted. If machines do reveal MAC addresses in initial dialogues with WiFi routers, it's far more complicated. You'd need to collect whatever information Network Manager needs without revealing your true MAC address. |
From: adrelanos <adr...@ri...> - 2013-03-09 03:20:41
|
Vladimir Arseniev: > On 03/08/2013 11:39 AM, adrelanos wrote: >> Vladimir Arseniev: >>> I've been using Whonix 0.5.6 today, and it's been working very well. But >>> then, so did 0.4.5 :) >> Good. :) >> >>> Is there anything in particular that needs tested? >> It'd be great if you had someone to test Voip over Tor: >> https://sourceforge.net/p/whonix/wiki/Voip/ >> > I was afraid that you were going to say that ;) Am I so predictable? :) |
From: <adr...@ri...> - 2013-03-09 03:19:28
|
[https://sourceforge.net/p/whonix/wiki/MAC/](https://sourceforge.net/p/whonix/wiki/MAC/) Does it make sense or am I overthinking it? URL: http://sourceforge.net/p/whonix/featureblog/2013/03/development-discussion---anonymizing-mac-addresses/ |
From: Vladimir A. <vla...@ap...> - 2013-03-08 08:02:58
|
On 03/08/2013 11:39 AM, adrelanos wrote: > Vladimir Arseniev: >> I've been using Whonix 0.5.6 today, and it's been working very well. But >> then, so did 0.4.5 :) > Good. :) > >> Is there anything in particular that needs tested? > It'd be great if you had someone to test Voip over Tor: > https://sourceforge.net/p/whonix/wiki/Voip/ > I was afraid that you were going to say that ;) I'll see what I can do. I need to get audio on this box anyway, for the video. |
From: adrelanos <adr...@ri...> - 2013-03-08 07:39:32
|
Vladimir Arseniev: > I've been using Whonix 0.5.6 today, and it's been working very well. But > then, so did 0.4.5 :) Good. :) > Is there anything in particular that needs tested? It'd be great if you had someone to test Voip over Tor: https://sourceforge.net/p/whonix/wiki/Voip/ |
From: Vladimir A. <vla...@ap...> - 2013-03-08 05:29:29
|
On 03/07/2013 07:08 PM, adr...@ri... wrote: > Whonix 0.5.6 fixes a time zone bug, which prevented Tor to connect in some cases. > > If you are using 0.5.5 already, you don't have to update to 0.5.6, if you do the following manually... > 1. Power off Whonix-Gateway. > 2. Virtual Box -> Right click on Whonix-Gateway -> System -> Check "Hardware clock in UTC time" -> Ok. > 3. When 0.6.x comes out, this message will go away and you will be notified. > 4. Done. > > Changelog: > [https://sourceforge.net/p/whonix/wiki/Changelog/](https://sourceforge.net/p/whonix/wiki/Changelog/) > > URL: http://sourceforge.net/p/whonix/featureblog/2013/03/whonix-alpha-056---anonymous-operating-system-released/ > > ------------------------------------------------------------------------------ > Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester > Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the > endpoint security space. For insight on selecting the right partner to > tackle endpoint security challenges, access the full report. > http://p.sf.net/sfu/symantec-dev2dev > _______________________________________________ > Whonix-devel mailing list > Who...@li... > https://lists.sourceforge.net/lists/listinfo/whonix-devel > I've been using Whonix 0.5.6 today, and it's been working very well. But then, so did 0.4.5 :) Is there anything in particular that needs tested? |
From: <adr...@ri...> - 2013-03-07 23:29:56
|
Added new chapter to Technical Design, Operating System. [https://sourceforge.net/p/whonix/wiki/OperatingSystem/#why-dont-you-use-your-favorite-most-secure-operating-system62-for-whonix](https://sourceforge.net/p/whonix/wiki/OperatingSystem/#why-dont-you-use-your-favorite-most-secure-operating-system62-for-whonix) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/why-isnt-whonix-based-on-your-favorite-most-secure-operating-system/ |
From: <adr...@ri...> - 2013-03-07 23:29:41
|
Briefly: #Debian GNU/Linux is a reasonable compromise of security and usability (popularity, documentation). Longer: There are of course other options. See Why don't you use for Whonix: [https://sourceforge.net/p/whonix/wiki/OperatingSystem/#why-dont-you-use-your-favorite-most-secure-operating-system62-for-whonix](https://sourceforge.net/p/whonix/wiki/OperatingSystem/#why-dont-you-use-your-favorite-most-secure-operating-system62-for-whonix) Added this to Pre Install Advice. URL: http://sourceforge.net/p/whonix/featureblog/2013/03/which-host-operating-system-do-you-recommend/ |
From: <adr...@ri...> - 2013-03-07 15:44:50
|
Please test and leave feedback! [https://sourceforge.net/p/whonix/wiki/Voip/](https://sourceforge.net/p/whonix/wiki/Voip/) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/anonymous-voip-over-tor---finished-mumble-instructions-and-updated-voip-introduction/ |
From: <adr...@ri...> - 2013-03-07 15:44:37
|
There was a small update on the [https://sourceforge.net/p/whonix/wiki/TimeSync/](https://sourceforge.net/p/whonix/wiki/TimeSync/) page. By the way, there is also a history button, in case you don't wish to read the whole page again each time there is a small update. So you can view the diff. URL: http://sourceforge.net/p/whonix/featureblog/2013/03/technical-design-page-updated-timesync/ |
From: <adr...@ri...> - 2013-03-07 15:08:49
|
Whonix 0.5.6 fixes a time zone bug, which prevented Tor to connect in some cases. If you are using 0.5.5 already, you don't have to update to 0.5.6, if you do the following manually... 1. Power off Whonix-Gateway. 2. Virtual Box -> Right click on Whonix-Gateway -> System -> Check "Hardware clock in UTC time" -> Ok. 3. When 0.6.x comes out, this message will go away and you will be notified. 4. Done. Changelog: [https://sourceforge.net/p/whonix/wiki/Changelog/](https://sourceforge.net/p/whonix/wiki/Changelog/) URL: http://sourceforge.net/p/whonix/featureblog/2013/03/whonix-alpha-056---anonymous-operating-system-released/ |
From: adrelanos <adr...@ri...> - 2013-03-06 02:23:26
|
...change one option and rss2email freaks out. |
From: <adr...@ri...> - 2013-03-06 02:20:54
|
testpost ... testpost2 URL: http://sourceforge.net/p/whonix/featureblog/2013/02/test/ |