Testers Wanted! Tor – Stable Upgrades

Tor was updated to in Whonix stable-proposed-updates as well as in testers repository.

Instructions for changing Whonix repository:

Then just do a update:

Posted in Uncategorized

accessibility tools could be automatically removed / you probably should remove them

If you do not use any accessibility tools (gnome-orca, espeakup, console-braille, florence, dasher, kdeaccessibility, kvkbd, kmousetool, kmag, kmouth, jovie, xbrlapi, festival, qt-at-sp), you will not miss anything. (You would probably know if you are using them.)

Soon, there will be a Whonix stable upgrade. The package whonix-gateway-shared-packages-shared-meta will no longer depend on anon-shared-kde-accessibility. This means, when you run `sudo apt-get purge kdeaccessibility && sudo apt-get autoremove` after the upgrade, these accessibility packages will be automatically removed.

Non-Qubes-Whonix only: brltty should be removed, since it currently is causing a performance issue.

Otherwise if you just want to remove brltty, use `sudo apt-get purge brltty`. If you want to keep almost all or only not those you manually uninstalled, you can use `sudo aptitude keep-all`.

If you want these installed, you are still very much free to have them installed. Just install them the usual way.

This is because those have some issues.

Can these packages also be uninstalled before the Whonix stable upgrade? – Due to technical limitations, this is not that easy. However, it is documented here:

Non-Qubes-Whonix only: If you just want to stop the brltty syslog spam, you could use the following workaround to reliably stop it.

sudo systemctl stop brltty
sudo systemctl mask brltty

Posted in Whonix Important News

riseup.net likely compromised

riseup.net is a popular service provider among privacy and activist circles tweeted an obscure reference about birds which likely refers to their warrant canary that hasn’t been renewed since August.

I have looked through their whole twitter media history and they never posted pictures of birds with quotes difficult to interpret.

What is a canary? Quote:

A mechanism to test for unsafe conditions, originating from the use of canaries in coal mines to detect poisonous gases or cave-ins. If the canary died, it was time to get out of the mine. More recently, the term has been used by some online service providers to refer to an affirmative statement, updated regularly, that the provider has not been subjected to certain legal processes. If the statement is not updated in a timely fashion, users may infer that the canary statement may no longer be true.

This was followed by a confusing update which could be read as reassurance. Also it could be interpreted as being threatened with incarceration and being forced to keep the site up and a reminder to archive stuff immediately because of impending shutdown.

Compared with past similar concerns where riseup staff were prompt and direct about renewing their canary. No clear response was given so its logical to conclude that the servers may not be under their control any longer.

Why it matters?

While the threats of using a conventional email providers are well understood and apply regardless of who operates the service, taking over a server gives surveillance the power to actively compromise users machines en mass or to target select individuals.

For alternatives, see our wiki page about e-mail.

Posted in Uncategorized

Tor / whonixcheck Stable Upgrades – Testers Wanted!

Tor was updated to and whonixcheck was updated to 3:4.6.4-1 in Whonix stable-proposed-updates as well as in testers repository.

Instructions for chaneing Whonix repository:

Then just do a update:

Posted in Testers wanted!

inchain – insurance from BTC / ETH losses

This is a sponsored blog post.


Inchain is a decentralized insurance platform. It is based on Ethereum smart contracts.

Digital cash (crypto currencies) such as Bitcoin, Ethereum and Monero come with many advantages over the fiat money system. Banks cannot arbitrarily inflate the supply, transactions are harder to censor, very low transaction costs and very fast international transaction speed. However, there are some disadvantages. Security. Once money was lost due to a hacked exchanges, there is no bank to bail one out. One popular way to obtain digital cash are exchanges.

Mt. Gox was an exchange. People could trade fiat currency for Bitcoin there. Also Mt. Gox is probably the most famous examples of a failed exchanges. It got hacked. Thousands of coins were stolen. The customers of Mt. Gox still have not got their money back. Also lots of other exchanges were hacked.

So until now the best advice is to not park too much money on exchanges. Not more than one can afford to loose. This makes the whole process of acquiring digital currencies tiresome. This is where inchain comes in.

The idea behind inchain is,

Wouldn’t it be a great idea to insure my balance on exchanges for a premium?

Customers of inchain will be able to purchase a premium to insure their balance on supported exchanges. Should an exchange be compromised and the users of that exchange loose money, then inchain will compensate the customers who bought their insurance.

The following mechanisms maintain the financial stability of the platform:

•  Inchain transfers risks to investors by issuing insurance ­linked bonds. Investors take on the underlying risks and receive coupons as rewards.

•  The insurance funds are managed by token holders, who choose investment strategies through voting. Investment returns are spent on bond coupons and then dividends are paid to token holders.

The inchain team is currently running an initial coin offering (ICO). By participating one becomes a shareholder of the platform that has voting rights and is eligible for dividends.

For more information, see:

Posted in General Security News, sponsored

Tor Onion Services as Anti-DDoS Protection

The more widely known feature of Onion Services besides anonymity is the free and trustworthy end-to-end encryption they provide which is impossible to have under the Certificate Authority racket.

Another interesting property is they can serve as a drop-in Global Server Load Balancing and Layer 3 DDoS-resistance solution. In short a a free and libre CDN alternative to tyrants like Cloudflare. It can protect your site without compromising on principles like complete and unhindered access for your your users and readers.

This was recently brought up by network scaling engineer, Alec Muffett who contributed much code to make it possible to run heavy traffic Onion Sites.

Posted in General Security News

Advanced Deanonymization Attacks

A number of advanced deanonymization attacks. These do not just apply to Whonix, but any anonymity system. Some are also general security issues.

Rather than exploiting bugs in the hypervisor to break out, some of these attacks rely on the design of the underlying hardware to bypass privilege separation boundaries and extract (or leak) sensitive information to the network. No need for alarm, there are many qualifications to this and details in the listed tickets on proposed countermeasures. We are interested in cooperation to better assess the performance impact of the planned fixes.

  • Keystroke Deanonymization: T542
  • Advanced Attacks Meta ticket: T540
    • CPU-induced latency Covert Channel: T530
    • Cross-VM cache attacks countermeasures: T539
    • DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks: T541
    • TCP ISNs and Temperature induced clock skews: T543


Posted in Uncategorized

Qubes-Whonix TemplateVMs – Testers Wanted!

Qubes-Whonix only!

Ideally for this testers wanted task, start fresh. Rename or delete both Whonix VMs sys-whonix and anon-whonix, reinstall whonix-gw and whonix-ws Qubes-Whonix templates. See the following instructions. Note: use qubes-dom0-unstable rather than qubes-templates-community then recreate Whonix VMs.


(The following command deviates from the above instructions so you install the testers rather than stable Whonix templates.)

sudo qubes-dom0-update --enablerepo=qubes-dom0-unstable qubes-template-whonix-gw qubes-template-whonix-ws

After template re-installation, to re-create Whonix VMs you can use the following command in Qubes dom0 using salt (not yet mentioned in Qubes documentation).

sudo qubesctl state.highstate

(Or you can also upgrade from Whonix jessie-proposed-updates and testers repository. Dedicated blog post and more information on this upgrade:

Posted in Qubes-Whonix News, Testers wanted!

Testers wanted! Tor, anon-gw-anoynmizer-config and qubes-whonix upgrades

Upgraded packages have been added to Whonix jessie-proposed-updates and testers repository.

  • newer Tor version
  • anon-gw-anoynmizer-config 1.9.2 – bugfix
  • newer qubes-whonix version 5.7-1 – It contains various bug fixes to ensure Qubes R3.2 compatibility.

If you can, please enable such a repository and help test this.

Posted in Qubes-Whonix News, Testers wanted!

corridor, a Tor traffic whitelisting gateway, a clearnet leak tester

After making the second step, posting how to use corridor, a Tor traffic whitelisting gateway with Qubes-Whonix, I will hereby do the first step, posting a general announcement of an interesting third party project, corridor. Please forget about Whonix for a moment, and I will explain what the corridor project by default is doing.

corridor is a Tor traffic whitelisting gateway. It is a filtering gateway. Not a proxying gateway.

corridor can be used to check systems / programs that should cause only Tor traffic for leaks. corridor can log any clearnet, non-Tor traffic and will block it.

Ideally, corridor gets installed on a physically isolated device running Debian with two network adapters. Let’s call that corridor-Gateway. Then start Tails, TBB or Whonix behind such a corridor-Gateway. Should there be any accidental clearnet traffic (leaks), then corridor could log it and would block it.

Alternatively, corridor can be installed in a Debian based VM. Another VM could run Tails, TBB or Whonix-Gateway. These VMs would be configured to connect through corridor-Gateway.

In pure corridor, non-Whonix terms, let’s call these VMs corridor-Gateway and corridor-Workstation.

In a corridor like setup, it is up to the coridor-Workstation to run its own Tor client to establish connections. The corridor-Gateway will run its own, separate Tor client. For the simplicity of the design, corridor-Workstation does not have access to Tor’s ControlPort running on corridor-Gateway. Again, corridor-Gateway is not a proxying gateway, it is a filtering gateway. The main purpose of the Tor client running on corridor-Gateway is to know obtain the current list of Tor entry guards. corridor-Gateway’s firewall restricts all outgoing connections to Tor relays [or Tor bridges].

This is not necessarily more anonymous. It is an additional fail-save Tor traffic whitelisting firewall that would protect from accidental clearnet leaks (hypothetical clearnet leak bugs in TBB, Tails or Whonix). As corridor’s project description states, quote “it cannot prevent malware on a client computer from finding out your clearnet IP address”.

corridor is mostly useful for developers and auditors of TBB, Tails or Whonix, perhaps also for advanced users who would like to have an additional safety net.

Quote corridor readme:

“corridor is not a replacement for using a well-designed operating system on your client computers, like Qubes with TorVM/Whonix.”

corridor cannot sit between Whonix-Gateway and Whonix-Workstation. That would make no sense in combination with the Whonix design.

Credits: The author of corridor is rustybird. The author of fork of corridor for Debian is Patrick Schleizer.

If you like Whonix, please support it.


Posted in Uncategorized