Whonix » Important https://www.whonix.org/blog Privacy and Anonymity OS Fri, 17 Jul 2015 17:25:17 +0000 en-US hourly 1 http://wordpress.org/?v=4.2.3 Whonix Anonymous Operating System Version 10 Released! https://www.whonix.org/blog/whonix-10-released https://www.whonix.org/blog/whonix-10-released#comments Mon, 27 Apr 2015 12:38:56 +0000 https://www.whonix.org/blog/?p=1563 ]]> Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s real IP.

Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.

Wheezy vs Jessie

Whonix 10 is still based on Debian Wheezy. Work on Whonix 11, which will be based on Debian Jessie has already begun. Help welcome!

Download Whonix for VirtualBox


Download Whonix for KVM / QEMU / Qubes

Instructions for KVM:

Instructions for QEMU:

Instructions for Qubes:
There will be a separate release announcement when it’s ready.

Call for Help

– If you know python, shell scripting (/bin/bash) and/or linux sysadmin, please join us!
– Contribute: https://www.whonix.org/wiki/Contribute
– Donate: https://www.whonix.org/wiki/Donate

If you want to upgrade existing Whonix version using Whonix’s APT repository

– Just do a usual upgrade: https://www.whonix.org/wiki/Security_Guide#Updates

If you want to upgrade existing Whonix version from source code

See https://www.whonix.org/wiki/Dev/BuildDocumentation.

If you want to build images from source code

See https://www.whonix.org/wiki/Dev/BuildDocumentation.

Physical Isolation users

See https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation.

Changelog between Whonix 9 and Whonix 10

See following two blog posts that were calls for testing, these contain the changelogs. Whonix has been blessed stable and released as Whonix 10.


Forum Discussion:


https://www.whonix.org/blog/whonix-10-released/feed 0
Can’t start Tor Browser in Whonix? https://www.whonix.org/blog/cannot-start-tor-browser https://www.whonix.org/blog/cannot-start-tor-browser#comments Fri, 03 Apr 2015 12:00:11 +0000 https://www.whonix.org/blog/?p=1492 ]]> Please ‘stay tuned‘, because you missed an important news:
Bug: Tor Browser Alpha rather than Tor Browser Stable being installed by Tor Browser Updater (AnonDist)

If you want to start the alpha anyhow, which is recommended against (rather get the stable), go to start menu -> File Manager -> /home/user/tor-browser_en-US -> double click ‘start-tor-browser.desktop’.

It will be fixed in Whonix 10.

Forum discussion:

https://www.whonix.org/blog/cannot-start-tor-browser/feed 0
[Solved] – Unmaintained Notice! – Whonix inside KVM – Looking for contributor! https://www.whonix.org/blog/unmaintained-notice-whonix-inside-kvm-looking-for-contributor https://www.whonix.org/blog/unmaintained-notice-whonix-inside-kvm-looking-for-contributor#comments Fri, 27 Feb 2015 20:52:04 +0000 http://www.whonix.org/blog/unmaintained-notice-whonix-inside-kvm-looking-for-contributor ]]> Update: KVM maintainer HulaHoop is back.

Since previous Whonix in KVM maintainer HulaHoop was last active on January 04, 2015, it’s safe to assume this person got lost. No idea why HulaHoop went inactive. There was no notice of departure, argument or whatsoever. I would like to thank HulaHoop for its work on support for running Whonix inside KVM. As of Whonix 9, the status was “testers-only” and would likely have changed to “stable” in Whonix 10. So most integration work is already done. A new contributor would be welcome to take over from there.

What does this mean for you as a user? No one from the Whonix team will keep KVM in mind. Any eventually upcoming security issues with KVM with respect to Whonix would go unnoticed. Questions in Whonix KVM sub forum will likely not be answered by anyone from the Whonix team. You are encouraged to move on to still supported platforms. The KVM wiki page has been updated accordingly to reflect this information.

Unfortunately, due to work generated by blessing a platform as supported, the current Whonix team cannot takeover HulaHoop’s task. A dedicated maintainer is required for that platform. This is partly because KVM is too support intensive. There are too many KVM’s installation issues from various distribution package sources. KVM’s non-helpful, cryptic error messages if the xml files are using a feature, that is is not available by the platform and because one ought to look over KVM changelogs and to think though if/how those affect Whonix.

https://www.whonix.org/blog/unmaintained-notice-whonix-inside-kvm-looking-for-contributor/feed 0
Bug: Tor Browser Alpha rather than Tor Browser Stable being installed by Tor Browser Updater (AnonDist) https://www.whonix.org/blog/bug-tor-browser-alpha-rather-than-tor-browser-stable-being-installed-by-tor-browser-updater-anondist https://www.whonix.org/blog/bug-tor-browser-alpha-rather-than-tor-browser-stable-being-installed-by-tor-browser-updater-anondist#comments Thu, 05 Feb 2015 11:55:10 +0000 http://www.whonix.org/blog/bug-tor-browser-alpha-rather-than-tor-browser-stable-being-installed-by-tor-browser-updater-anondist ]]> The version file format was changed, and there is no stable version version format.

If you want to use the stable version of Tor Browser, you have to use these instructions in meanwhile:

Forum Discussion:

Whonix Issue Tracker:

https://www.whonix.org/blog/bug-tor-browser-alpha-rather-than-tor-browser-stable-being-installed-by-tor-browser-updater-anondist/feed 0
Abstain from using Stream Isolation SocksPort 9152 https://www.whonix.org/blog/abstain-from-using-stream-isolation-socksport-9152 https://www.whonix.org/blog/abstain-from-using-stream-isolation-socksport-9152#comments Mon, 26 Jan 2015 20:33:41 +0000 http://www.whonix.org/blog/abstain-from-using-stream-isolation-socksport-9152 ]]> Easy / TLDR:
Using stream isolation (https://www.whonix.org/wiki/Stream_Isolation) with custom ports? With port 9152?
Don’t do this anymore in Whonix 10 and above! Use any higher port numbers as per stream isolation documentation!


Tor Messenger will use that port in future. (https://phabricator.whonix.org/T107)
Enabling IsolateDestAddr and IsolateDestPort for it (https://trac.torproject.org/projects/tor/ticket/14382) might be recommended.


https://www.whonix.org/blog/abstain-from-using-stream-isolation-socksport-9152/feed 0
Whonix Signing Key Expired (KEYEXPIRED Error) https://www.whonix.org/blog/whonix-signing-key-expired-keyexpired-error https://www.whonix.org/blog/whonix-signing-key-expired-keyexpired-error#comments Sun, 18 Jan 2015 02:20:49 +0000 http://www.whonix.org/blog/whonix-signing-key-expired-keyexpired-error Issue and fix documented in the wiki:

Forum support thread:

https://www.whonix.org/blog/whonix-signing-key-expired-keyexpired-error/feed 0
Tor Browser’s Internal Updater – Security Warning https://www.whonix.org/blog/tor-browsers-internal-updater-security-warning https://www.whonix.org/blog/tor-browsers-internal-updater-security-warning#comments Sun, 07 Dec 2014 23:07:55 +0000 http://www.whonix.org/blog/tor-browsers-internal-updater-security-warning ]]> Until further notice, it is recommended against using Tor Browser’s Internal Updater for security reasons.

More information and how to securely update is documented in the wiki, see:

User support discussion:

Forum development discussion:

The Tor Project has fixed this in TBB version 4.5a3. (As per blog post.)

Update 2:
At time of writing, currently advertised stable version is 4.5.1, that should no longer be affected by this issue.

https://www.whonix.org/blog/tor-browsers-internal-updater-security-warning/feed 2
Whonix 9.4 Maintenance Release https://www.whonix.org/blog/whonix-9-4-maintenance-release https://www.whonix.org/blog/whonix-9-4-maintenance-release#comments Mon, 17 Nov 2014 14:52:26 +0000 http://www.whonix.org/blog/whonix-9-4-maintenance-release Read more ›]]> Download:

Existing users can upgrade the usual way using apt-get, see also: https://www.whonix.org/wiki/Security_Guide#Updates

Changelog between 9.3 and 9.4:
– tb-updater: fixed remote download location to cope up with The Tor Project’s changes – https://github.com/Whonix/Whonix/issues/366
– build script: updated frozen repository
– build script: use specific codename (wheezy) rather than generic code name (stable) as per “build script broken because of using grml-debootstrap with –release stable” – https://github.com/Whonix/Whonix/issues/368

https://www.whonix.org/blog/whonix-9-4-maintenance-release/feed 2
hidden service for whonix.org taken offline https://www.whonix.org/blog/hidden-service-for-whonix-org-taken-offline https://www.whonix.org/blog/hidden-service-for-whonix-org-taken-offline#comments Sun, 09 Nov 2014 23:31:54 +0000 http://www.whonix.org/blog/hidden-service-for-whonix-org-taken-offline ]]> Fortasse (whonix.org webmaster) and I agreed to take down the hidden service for whonix.org http://xxxxxxxxxxh5kyrx.onion.

(If you’re wondering, why we provided a hidden service, but didn’t use it for location privacy, see:

The reason for this unfortunate change is, that the Tor service on whonix.org took an immense amount of CPU time. So much, that whole whonix.org was no longer accessible without server reboot.

The bug we’re affected from has probably already been reported:

Unfortunately, it is unlikely, that this bug gets fixed anytime soon:

See also:

https://www.whonix.org/blog/hidden-service-for-whonix-org-taken-offline/feed 0
Whonix 9.3 Maintenance Release https://www.whonix.org/blog/whonix-9-3-maintenance-release https://www.whonix.org/blog/whonix-9-3-maintenance-release#comments Sat, 18 Oct 2014 13:30:35 +0000 http://www.whonix.org/blog/whonix-9-3-maintenance-release ]]> Download:

Existing users can upgrade the usual way using apt-get, see also: https://www.whonix.org/wiki/Security_Guide#Updates

Changelog between 9 and 9.3:
anon-gw-anonymizer-config: Fixed startup of Tor due to an AppArmor conflict as per bug reports in the forums https://www.whonix.org/forum/index.php/topic,559.0.html. Needed to out commented “/usr/bin/obfsproxy rix,” in file “/etc/apparmor.d/local/system_tor.anondist” because The Tor Project added “/usr/bin/obfsproxy PUx,” to file “/etc/apparmor.d/abstractions/tor”. Therefore users of obfsproxy will now end up running obfsproxy unconfined, because we would now require a standalone obfsproxy AppArmor profile. Note, that this is not a Whonix specific issue. Also if you were using plain Debian, no one redistributes an obfsproxy AppArmor profile at time of writing.
– updated frozen sources (contains apt-get and bash security fixes)
– updated frozen sources (contains bash shellshock #2 fixes)
– anon-ws-disable-stacked-tor: Tor Browser 4.x compatibility fix
– tb-starter: Tor Browser 4.x compatibility fix

Removed “testers-wanted” from title. Blessed stable.

https://www.whonix.org/blog/whonix-9-3-maintenance-release/feed 0