Whonix VirtualBox Release Candidate 2 – Testers Wanted!

Download links can be found here:

Testers Wanted!

Release Notes:

Testers wanted! Upgrade Qubes-Whonix 13 -> Qubes-Whonix 14

Qubes-Whonix 14 testers-only. Upgrades are possible.


Qubes-Whonix 14 downloadable TemplateVMs will be released later.

Whonix VirtualBox Release Candidate – Testers Wanted!

Download links can be found here:

Testers Wanted!

Release Notes:

to use or to not use One-Liners – this is the question

Writing post https://forums.whonix.org/t/tor-bootstrap-progress/4801/22 and earlier made me wonder… Is it better to write One-Liners or separate lines?

In absence of a really well designed solution with respect to usability, in my experience, users often love in order to archive their actual goals to use one liners rather than lengthy commands. Example (don’t use this without understanding the context):

sudo su && systemctl stop tor@default && cd /var/lib/tor && git config --global user.email "you@example.com" &&git config --global user.name "Your Name" &&git add * && git commit -a -m .

The disadvantage here is the users learns very little. It looks complicated. Most give up reading before even trying. Then blindly copy and paste. Blindly copying, pasting and running commands from websites on the internet is not something to be encouraged since that could get one compromised.

Become root.

sudo su

Stop Tor.

systemctl stop tor@default

Change directory into Tor’s state folder.

cd /var/lib/tor

And so forth. However, this makes it look much more complicated. Also will be more time consuming.

Whonix VirtualBox – Testers Wanted!

RAM was increased from 768 MB RAM to 1024 MB RAM for Whonix-Workstation. For now it is temporary, but it may also be permanently depending on near time developments. Discussion ongoing. Please contribute if you can share ideas or code on how to reduce RAM usage.


Due to the mentioned RAM issue, Whonix-Workstation might freeze. In that case, increase VM RAM.

Download links can be found here:

Testers Wanted!

Release Notes:

New Whonix Installer Release

About a year ago, the first version of the Whonix Installer for Windows was made available to the public. Since then, there has been a continuous effort to find ways to make the process simpler, more reliable and less taxing for computers with little disk space. This effort now culminates in the release of a new Installer, build from the ground up with these things in mind. Based on InnoSetup instead of NSIS, it is far better suited to the task of handling the large files Whonix requires.

Additionally, the compilation process has been turned into a one step process, so anyone may create his or her own binary.

The new version may be downloaded from here: https://www.whonix.org/wiki/windows

Note that it is not required to reinstall Whonix with the new installer, if you’ve used the previous one. However, please remember to continuously update both Whonix and VirtualBox.

Might terminal emulators such as konsole or xterm have remotely exploitable security bugs?

One might assume terminal emulators such as konsole or xterm are simple programs not to be exploited, but well, let’s rethink.

Showing output from untrusted remote sources (sdwdate time provider server replies; replies by Tor) might exploit bugs in terminal-emulators such as `konsole`, right?

For example, open `xterm`, then

cat /dev/random

let it run for a while and then abort using the usual `ctrl + c`. Then press enter. You’ll see that it shows some weird characters followed by command not found. How come the output of a running program in terminal can influence what is written in the following command prompt?

Similar to:



* research historically fixed and current bugs in terminal emulators
* perhaps move to a security focused terminal emulator
* no longer write untrusted output to logs
* educate users about this risk (`wget` plus `cat` could be dangerous)

Whonix has a New v3 Onion Address

Greetings to the Whonix Community!

Thanks to the efforts of the Whonix server administrator (fortasse), the Whonix website now has a new v3 onion address!


This configuration runs alongside the familiar v2 onion address (http://kkkkkkkkkk63ava6.onion), so all Whonix users can continue to access website resources (like documentation and forums) while staying within the Tor network for greater security and privacy.

To access the v3 onion address, Whonix users must install the latest Tor 3.2.9 client in Whonix-Gateway (sys-whonix) via the stable-proposed-updates repository. All the usual subdomains have been tested to work, including download, forums, wiki and phabricator.

v3 onions provide a number of security benefits, and are reported to make some onion addresses more accessible: [ref]https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions [/ref]

  • Better crypto (replaced SHA1/DH/RSA1024 with SHA3/ed25519/curve25519)
  • Improved directory protocol, leaking much less information to directory servers.
  • Improved directory protocol, with smaller surface for targeted attacks.
  • Better onion address security against impersonation.
  • More extensible introduction/rendezvous protocol.
  • A cleaner and more modular codebase.

While browsing, users can recognize next generation services by their length – they are always 56 characters long, instead of the “usual” 16 characters found with v2 onion services. Note that Whonix 14 will use v3 onions for the purpose of system updates/upgrades.

A sample of other v3 onion websites currently available include: [ref] https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions [/ref]

Interested readers who want to learn more about v3 (prop 224) onions, or wish to setup their own prop224 service should review the following resources:

As always, a big thank you to The Tor Project for their hard work on this latest stable release!

Hiring: Linux Distribution Developers!

Whonix has found a sponsor. Details will be announced later.

We are hiring Linux Distribution Developers!

– programming / scripting skills
– Any or multiple of the following languages: linux shell scripting, python, C, C++, perhaps others
– git

Bonus, non-mandatory requirements:
– Have a history of Open Source development.

Other notes:
– Academic degrees are great, but not required.
– We only write Libre / Free and Open Source software, and we don’t believe in software patents.

How to apply:
– Unbureaucratic.
– No CV required. (But feel free to submit one.)
– Link to a sample of projects worked on in the past that you’re allowed to show us.
– Add your salary expectation.
– Add your availability.
– Add how many weekly hours you prefer.
– Email the above to Patrick Schleizer, adrelanos@riseup.net

All submissions will be handled confidential.

Overview of Libre Software related Mobile Projects

Rough overview. Some notes. Please contribute to the overview. See: