Livestream NOW!

Patrick and I are going stream ourselves NOW under this address: http://www.youtube.com/channel/UCh6htf3E721zcvahGLxFl9w/live

If you’d like to join us, we’d be very grateful. Furthermore, this will be our first Patreon Stream. If you want to support us on Patreon, click here.

 

Remember that to watch the stream via the Tor Browser Bundle, you should set the Security Settings to Low (default).

 

Also, if you would like to talk to us or ask us a question, you may either post it in this thread, ask directly via the Youtube Chat or join us via OTR. To join us via OTR, simply sent a message to egowhonix@jabber.at via OTR.

Posted in Contribute, General Security News

Public Livestream on 14th of April at 8PM CEST and Patreon

Whonix is a project which requires a lot of dedication, passion and time to be properly maintained. Especially Patrick has sacrificed a huge part of his live to making a fail-safe way to use Tor accessible to as many people as possible.

For the last few years, he mainly was able to focus on the tasks required to maintain Whonix thanks to the dedication of individuals supporting Whonix either in the forum, wiki, on Github or on all three, as well as the occasional donations provided by generous donors. However, because of the nature of these donations, it continues to be challenging to focus on long time goals, seeing how it is hard to make extensive plans based on occasional monetary support.

Because of this, over the course of the last few months, we have looked into different ways of obtaining long term funding, either via government programs or by incentivising people to donate on a more regular basis. In the end, we decided to look into the latter, as it would enable us to have an even better communication with our community, wouldn’t in any way compromise the open and rather democratic structure currently in place for support and development and make it possible to give something back to our most generous supporters. It also would keep Whonix in the hands of our great community, instead of trusting a government organisation which may have different goals or requirements and would potentially force us to not act in the best interest of our users, by limiting our ability to implement the features we deem necessary.

To make this possible, we decided to team up with Patreon, a service which enables you to donate a certain amount of money every month. You are able to cancel your regular donation anytime you want and, best of all, will receive certain rewards by us if you decide to donate. These rewards all have the goal of both giving you an incentive to donate a bit to keep Whonix sustainable for the future and furthering the cause behind Whonix in general. You will be able to more directly decide on new features and may gain access to other rewards, like a monthly live stream in which Patrick Schleizer and I, Ego are going to cover certain topics related to Whonix, Tor, anonymity, journalism and cryptography, as well as answer question of Patrons.

Our complete list of rewards:

 

  • $1 Become A Patron
  • $5 Join the Monthly Livestream
  • $10 Priority Support
  • $15 Livestream Chat Access
  • $20 Immortalize yourself by becoming part of the Whonix Installer Source
  • $30 Vote on Features
  • $50 Personal Support
  • $100 Personalized Video Guide
  • $500+ Advertise on Whonix.org

 

Now, I am aware of what some of you may think right now.

Isn’t Patreon a service which requires the use of something traceable like a credit card or PayPal and don’t they use Cloudflare, the enemy of all Tor users?!

Yes, that is correct. Because of the fact that a lot of Whonix users are rather critical of services using Cloudflare, it was important for us to address this head on. Obviously, we can understand that a lot of users will not be able to use Patreon due to the fact that they require to stay as anonymous as possible. We understand that and will never ask someone who needs to stay anonymous to give up that anonymity, simply so we may get some cash. We also will continue to focus on keeping this subset of our user base, the one that really requires anonymity, as safe as possible.

If you are a user who has no issues with using a service like Patreon, would like to support Whonix and are able to do so, we would be very grateful if you could do so via a monthly donation.

Since it is quite a lot to ask you for money when you aren’t sure whether you will enjoy the rewards, we have decided to make our first monthly Whonix-Livestream open to anyone. It will be broadcasted via Youtube Live which you may access via the Tor Browser Bundle with Whonix and you may ask Patrick and me anything you’d like via OTR.

To join our livestream, simply visit Youtube via this link on Friday, the 14th of April at 8PM Central European Summer Time: http://www.youtube.com/channel/UCh6htf3E721zcvahGLxFl9w/live

For our American users, that would be 2PM Eastern Time. If you click on the link, there is also a timer to show you when the stream will start.

We hope to see many of you join our stream. If you miss it, you will be able to watch it later on our Youtube Channel were every stream will be publicly available after the fact.

In conclusion, we hope that you will enjoy using Whonix for years to come and would be thankful for any support, no matter how small.

Our Patreon may be found here: https://www.patreon.com/whonix

Posted in Contribute, Whonix Important News

Tor 0.2.9.10-1~d80.jessie+1 Stable Upgrade – Testers Wanted!

Updated Tor was uploaded to Whonix stable-proposed-updates as well as to testers repository.

Instructions for changing Whonix repository:
https://www.whonix.org/wiki/Whonix-APT-Repository

Then just do a update:
https://www.whonix.org/wiki/Update

Posted in Testers wanted!

Announcing unMessage: a Next-Gen Tor Messenger

unMessage is an anonymous messenger that uses Tor to hide metadata of participants. Its still in early development, however a major new feature such as Tor-to-Tor audio chat (the first such implementation we are aware of) has been included. Major additions like file-sharing support, video conferencing and a portable code-base for mobile platforms are planned.

Their major goal is to provide a better UX and a competitive feature set to move users away from proprietary solutions that don’t respect privacy. Its not ready for mass adoption yet, so only the more technical audience among you should go ahead try it out. Feedback and/or pull requests are highly appreciated.

Check it out on Github:

https://github.com/AnemoneLabs/unmessage

Posted in Contribute, General Security News, Testers wanted!, Whonix Misc News, Whonix New Features

Tor 0.2.9.9-1~d80.jessie+1 Stable Upgrade – Testers Wanted!

Tor was updated to 0.2.9.9-1~d80.jessie+1 in Whonix stable-proposed-updates as well as in testers repository.

Instructions for changing Whonix repository:
https://www.whonix.org/wiki/Whonix-APT-Repository

Then just do a update:
https://www.whonix.org/wiki/Update

Posted in Testers wanted!

[Release] Whonix-Installer and UI

Disclaimer: Please remember that Windows is NOT a secure host operating system for a variety of reasons. This Installer was mainly created to make it easy for people to experience Whonix first hand without the requirement of installing an entirely new OS. Under no circumstances, use Windows for sensitive work.

 

After almost a year of active development, we are releasing the Whonix-Installer which will provide a simple and familiar way for Windows users to gain access to Whonix and its massive capabilities as well as toolset.

Currently, the Whonix-Installer for Windows is based on nsisbi, a fork of the often used “Nullsoft Scriptable Install System”, which was required to circumvent the general size limit of 2Gb usually enforced by “NSIS”. Even with that though, a bit of additional modification was required to include all the files required for Whonix into one simple to use “.exe file”. That’s why for the foreseeable future, a disk-space of 8Gb is required during installation, as the Gateway and Workstation required additional compression, since even “nsisbi” has a single file size limit of 4Gb. Thus, during installation, both Gateway and Workstation take temporarily double the disk space, during the decompression process.

Adding to this however, the Whonix-Installer can be used regardless of whether you’ve installed VirtualBox previously or not. Any older virtual machines should be unmodified by using the Whonix-Installer.

Furthermore, a small, simple user interface, named “Whonix-UI” or alternatively “Whonix for Windows”/”Whonix.exe” has been created to make starting and terminating of both the Gateway and Workstation as simple as possible. It is still very much in the early stages of its development, which is part of the reason for its rather basic appearance though functionally works as intended. By pressing the “Start Whonix Button”, both the Gateway and Workstation are launched and by pressing the “Stop Whonix Button” they are terminated. While Whonix is being used, the window prevents itself from being closed, as to prevent issues.

If you’d like to try the UI with your existing installation of Whonix, you may simply drag-and-drop it into the folder in which you’ve installed VirtualBox.

Download Links:

The Whonix-Installer may be downloaded from here:
https://www.whonix.org/wiki/Windows

The Whonix-UI can be found separately here:
https://github.com/EgoBits1/Whonix-Windows-UI

Posted in Testers wanted!, Whonix Development News Tagged with: , , ,

Whonix featured on Tor blog

https://blog.torproject.org/blog/tor-heart-whonix

Posted in Whonix Misc News

Whonix 13.0.0.1.4 stable upgrade released!

Qubes-Whonix:

Either start with fresh templates. I.e. uninstall qubes-template-whonix-gw and qubes-template-whonix-ws. Then, to install, run in dom0:

sudo qubes-dom0-update --enablerepo=qubes-tempates-community qubes-template-whonix-gw qubes-template-whonix-ws

Or you can also upgrade from Whonix’s repository. Please refer to the following instructions:
https://www.whonix.org/wiki/Qubes/Update


Non-Qubes-Whonix:

https://www.whonix.org/wiki/Download

Or you can also upgrade from Whonix’s repository. Please refer to the following instructions:
https://www.whonix.org/wiki/Update


major Whonix 13 -> 13.0.0.1.4 changes:

Posted in Whonix Important News

How to upgrade Debian, Whonix, etc. without being compromised by CVE-2016-1252

See:
https://www.whonix.org/wiki/CVE-2016-1252

Posted in Whonix Important News

Qubes-Whonix DisposableVM documentation created

Before we had just a stub. Now Qubes-Whonix DisposableVMs are fully documented thanks to contributions by the community. (wiki history)

What are DisposableVMs?

Under the Qubes TemplateVM model, any changes made to a TemplateBasedVM’s root filesystem are lost upon reboot. This is advantageous for several reasons: it allows centralized (and therefore faster) updates for all applications (most) inside the root filesystem, saves time and disk space.

However, certain directories are designed to persist between reboots in order to store files and settings. These directories are stored in /rw/ and include /home/user as well as additional directories defined by “bind directory” settings.

To ensure that all changes to the filesystem are discarded after a session, Qubes offers DisposableVMs. When a DisposableVM is shutdown, the VM is removed from Qubes and all related VM images are deleted from the host filesystem.

What is a Whonix-Workstation DisposableVM?

As the name suggests, this is a Qubes DisposableVM template based on the Whonix-Workstation. This allows Qubes-Whonix users to create throw-away instances of their Whonix-Workstation.

Why Should I Consider Using a Whonix-Workstation DisposableVM?

Whonix-Workstation DisposableVMs:

  • Are quickly generated;
  • Are disposed of (deleted) when the user has finished browsing and other activities in a single session; and
  • Will not remember any of the user’s activities across DisposableVM sessions, unless customized.

The major benefit of this approach is that the Whonix-Workstation DisposableVM can be created in order to host a single application – usually the Tor Browser – mitigating the risk that a compromise of the browser will affect any of your other VMs.

Critically, a Tor Browser exploit will not affect (poison) later instances of the Tor Browser running in a subsequent DisposableVM session, because the DisposableVM is always started in its original state.

Can I Customize Whonix-Workstation DisposableVMs?

Yes. For advanced users, the instructions include steps to create a customized savefile that will remember specific changes, such as personalized Tor Browser settings. Due to concerns over possible fingerprinting issues, users should carefully read the wiki warnings before proceeding on this course of action.

Can I Easily Add DisposableVM Entries to the Qubes Menu?

Not yet for Qubes R3.2 XFCE 4, but you can edit existing DispVM start menu entries and desktop shortcuts can be created.

What Else Should I Know?

Due to a few usability issues affecting anonymity, do not use Whonix-Workstation DisposableVMs until:

  • You understand Whonix-WS DispoableVMs are NOT yet amnesic; and
  • Have carefully read and understood the available Qubes-Whonix DisposableVM documentation.

Alternatively, you may wish to wait for Qubes 4.0 before you start using Qubes DisposableVMs, due to significant enhancements planned for the later release.

Credits:
This blog post was written by torjunkie.

Posted in Qubes-Whonix News, Whonix Wiki Updates