Whonix https://www.whonix.org/blog Privacy and Anonymity OS Tue, 18 Aug 2015 12:58:59 +0000 en-US hourly 1 http://wordpress.org/?v=4.2.4 Whonix Anonymous Operating System Version 11 Released! https://www.whonix.org/blog/whonix-11-released https://www.whonix.org/blog/whonix-11-released#comments Mon, 17 Aug 2015 16:02:46 +0000 https://www.whonix.org/blog/?p=1675 Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s

The post Whonix Anonymous Operating System Version 11 Released! appeared first on Whonix.

]]>
Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s real IP.

Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.

Whonix for Qubes

https://www.whonix.org/wiki/Qubes

Whonix for KVM

https://www.whonix.org/wiki/KVM

Whonix for VirtualBox

https://www.whonix.org/wiki/VirtualBox

If you want to upgrade existing Whonix version using Whonix’s APT repository

Special instructions required:
https://www.whonix.org/wiki/Upgrading_Whonix_10_to_Whonix_11

Edit 1: There will be no more support for upgrading Whonix 10 to Whonix 11 after October 17 2015.

If you want to upgrade existing Whonix version from source code

See https://www.whonix.org/wiki/Dev/BuildDocumentation.

If you want to build images from source code

See https://www.whonix.org/wiki/Dev/BuildDocumentation.

Call for Help

– If you know javascript, python, shell scripting (/bin/bash) and/or linux sysadmin, please join us!
– Contribute: https://www.whonix.org/wiki/Contribute
– Donate: https://www.whonix.org/wiki/Donate

Changelog between Whonix 10 and Whonix 11

See following two blog posts that were calls for testing, these contain the changelogs. Whonix 11.0.0.3.0 has been blessed stable and released as Whonix 11.

https://www.whonix.org/blog/whonix-11-testers-wanted
https://www.whonix.org/blog/testers-wanted-rc-11-0-0-3-0

Forum Discussion:

https://www.whonix.org/forum/index.php/topic,1520.0.html

The post Whonix Anonymous Operating System Version 11 Released! appeared first on Whonix.

]]>
https://www.whonix.org/blog/whonix-11-released/feed 0
Security Advisory: Firefox exploit found in the wild https://www.whonix.org/blog/security-advisory-firefox-exploit-found-in-the-wild https://www.whonix.org/blog/security-advisory-firefox-exploit-found-in-the-wild#comments Sat, 08 Aug 2015 15:16:59 +0000 https://www.whonix.org/blog/?p=1670 You are advices to set configure the following setting in Tor Browser in Whonix: Edit -> Preferences -> Applications ->Portable Document Format (PDF) -> Save File You are advices to update as soon as updates are available. This blog post

The post Security Advisory: Firefox exploit found in the wild appeared first on Whonix.

]]>
You are advices to set configure the following setting in Tor Browser in Whonix:
Edit -> Preferences -> Applications ->Portable Document Format (PDF) -> Save File

You are advices to update as soon as updates are available. This blog post will be updated as new information come in.

(Do that same with Firefox / Iceweasel if you are using that elsewhere.)

Problem description at Mozilla Firefox blog:
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/

Impact in Whonix:
– Unless you were using AppArmor, local files within the VM would be accessible.

Vulnerable browsers:
Tor Browser
– Firefox
– Iceweasel

Tor Browser upstream Bug report:
https://trac.torproject.org/projects/tor/ticket/16744

Whonix forum discussion:
https://www.whonix.org/forum/index.php/topic,1495.0.html

The post Security Advisory: Firefox exploit found in the wild appeared first on Whonix.

]]>
https://www.whonix.org/blog/security-advisory-firefox-exploit-found-in-the-wild/feed 0
Download Page Changes https://www.whonix.org/blog/download-page-changes https://www.whonix.org/blog/download-page-changes#comments Fri, 17 Jul 2015 17:25:17 +0000 https://www.whonix.org/blog/?p=1653 The Whonix download page was recently updated to reflect the supported platforms that have been available for some time. Please check it out: https://www.whonix.org/wiki/Download#Landing

The post Download Page Changes appeared first on Whonix.

]]>
The Whonix download page was recently updated to reflect the supported platforms that have been available for some time.

Please check it out:

https://www.whonix.org/wiki/Download#Landing

The post Download Page Changes appeared first on Whonix.

]]>
https://www.whonix.org/blog/download-page-changes/feed 0
Documentation Updates https://www.whonix.org/blog/documentation-updates https://www.whonix.org/blog/documentation-updates#comments Sun, 12 Jul 2015 15:42:48 +0000 https://www.whonix.org/blog/?p=1655 The documentation on the wiki saw many changes lately. Thanks to all who contributed. Changelog: https://www.whonix.org/wiki/KVM https://www.whonix.org/wiki/KVM/Installation_Screenshots https://www.whonix.org/wiki/VoIP https://www.whonix.org/wiki/Hidden_Services_Guides https://www.whonix.org/wiki/Hidden_Services#Hidden_Service_Authentication https://www.whonix.org/wiki/Tor_Browser#Local_Connections https://www.whonix.org/wiki/Tunnel_Proxy_or_SSH_or_VPN_through_Tor#Tor_Browser_Proxy_Configuration https://www.whonix.org/wiki/Whonix_Signing_Key#Download_the_key https://www.whonix.org/wiki/Install_Software https://www.whonix.org/wiki/Warning#Avoid_non-Free_Software https://www.whonix.org/wiki/Warning#Avoid_Unsigned_Software https://www.whonix.org/wiki/Tor https://www.whonix.org/wiki/Comparison_Of_Tor_with_CGI_Proxies,_Proxy_Chains,_and_VPN_Services#Comparison_of_Tor_and_VPN_services https://www.whonix.org/wiki/E-Mail#Icedove_.28Mozilla_Thunderbird.29_with_Enigmail_.2B_TorBirdy https://www.whonix.org/wiki/Mixmaster#Nymserver_How-To https://www.whonix.org/wiki/OnionCat https://www.whonix.org/wiki/I2P https://www.whonix.org/wiki/YaCy

The post Documentation Updates appeared first on Whonix.

]]>
The documentation on the wiki saw many changes lately. Thanks to all who contributed.

Changelog:
https://www.whonix.org/wiki/KVM
https://www.whonix.org/wiki/KVM/Installation_Screenshots
https://www.whonix.org/wiki/VoIP
https://www.whonix.org/wiki/Hidden_Services_Guides
https://www.whonix.org/wiki/Hidden_Services#Hidden_Service_Authentication
https://www.whonix.org/wiki/Tor_Browser#Local_Connections
https://www.whonix.org/wiki/Tunnel_Proxy_or_SSH_or_VPN_through_Tor#Tor_Browser_Proxy_Configuration
https://www.whonix.org/wiki/Whonix_Signing_Key#Download_the_key
https://www.whonix.org/wiki/Install_Software
https://www.whonix.org/wiki/Warning#Avoid_non-Free_Software
https://www.whonix.org/wiki/Warning#Avoid_Unsigned_Software
https://www.whonix.org/wiki/Tor
https://www.whonix.org/wiki/Comparison_Of_Tor_with_CGI_Proxies,_Proxy_Chains,_and_VPN_Services#Comparison_of_Tor_and_VPN_services
https://www.whonix.org/wiki/E-Mail#Icedove_.28Mozilla_Thunderbird.29_with_Enigmail_.2B_TorBirdy
https://www.whonix.org/wiki/Mixmaster#Nymserver_How-To
https://www.whonix.org/wiki/OnionCat
https://www.whonix.org/wiki/I2P
https://www.whonix.org/wiki/YaCy

The post Documentation Updates appeared first on Whonix.

]]>
https://www.whonix.org/blog/documentation-updates/feed 0
What’s in a Nym? https://www.whonix.org/blog/whats-in-a-nym https://www.whonix.org/blog/whats-in-a-nym#comments Sun, 12 Jul 2015 15:29:34 +0000 https://www.whonix.org/blog/?p=1647 I’ve recently taken to documenting and simplifying the steps for using Mixmaster with Nymservers – a setup that allows sending and receiving email pseudonymously without reliance on a service provider. Mixmaster comes with Whonix. Feel free to give it a

The post What’s in a Nym? appeared first on Whonix.

]]>
I’ve recently taken to documenting and simplifying the steps for using Mixmaster with Nymservers – a setup that allows sending and receiving email pseudonymously without reliance on a service provider. Mixmaster comes with Whonix. Feel free to give it a try and post feedback in the forums.

Years later, the Mixmaster remailer network is still around even if its not what it used to be. The focus has since shifted from Mixmaster to Tor because it can anonymize a variety of communications and not just email, also it can do so efficiently, meeting high performance demands. However, as long as the legacy SMTP mail protocol hangs around, Mixmaster remains a very powerful and relevant option.

Sending pseudonymous mail promises to be simpler still thanks to Nymphemeral, a nym management Swiss army-knife GUI, written in Python. Its built around next-generation Nymservers that support Perfect Forward Secrecy.

The post What’s in a Nym? appeared first on Whonix.

]]>
https://www.whonix.org/blog/whats-in-a-nym/feed 0
The Cold Hard Truth Behind VPNs https://www.whonix.org/blog/the-hard-cold-truth-behind-vpns https://www.whonix.org/blog/the-hard-cold-truth-behind-vpns#comments Thu, 09 Jul 2015 23:08:39 +0000 https://www.whonix.org/blog/?p=1650 The “Virtual” in Virtual Private Networks is just that: “Existing in the mind, especially as a product of the imagination.” There is an entire market of scam artists playing on people’s fears of mass surveillance, and trying to sell them

The post The Cold Hard Truth Behind VPNs appeared first on Whonix.

]]>
The “Virtual” in Virtual Private Networks is just that: “Existing in the mind, especially as a product of the imagination.”

There is an entire market of scam artists playing on people’s fears of mass surveillance, and trying to sell them VPNs as a privacy/anonymity solution. They spout illusory promises, unbackable claims and outright lies to part with people’s cash while giving them a false sense of security.

For a brief list on why a VPN’s are a failure by design, look here. They can never provide the anonymity guarantees of Tor and no one serious about their safety online should ever consider them as a solution.

The money wasted on these services is better donated to projects like Tor and Whonix where resilient and well-tested Libre Software is being developed transparently and made accessible to everyone without cost in freedom or price.

The post The Cold Hard Truth Behind VPNs appeared first on Whonix.

]]>
https://www.whonix.org/blog/the-hard-cold-truth-behind-vpns/feed 0
Why I prefer PGP/INLINE over PGP/MIME in Thunderbird/Enigmail https://www.whonix.org/blog/pgp-inline-vs-mime https://www.whonix.org/blog/pgp-inline-vs-mime#comments Thu, 25 Jun 2015 22:47:51 +0000 https://www.whonix.org/blog/?p=1636 Due to the recent Enigmail security issue, where e-mail drafts could end up unencrypted on IMAP servers. (You might wonder, no, Whonix was luckily not affected by this, because the version in Debian wheezy did not have that bug.) In

The post Why I prefer PGP/INLINE over PGP/MIME in Thunderbird/Enigmail appeared first on Whonix.

]]>
Due to the recent Enigmail security issue, where e-mail drafts could end up unencrypted on IMAP servers. (You might wonder, no, Whonix was luckily not affected by this, because the version in Debian wheezy did not have that bug.)

In the PGP/INLINE example I can be more assured, that the text was that it really converted to encrypted ciphertext before sending – because I can see it.

PGP INLINE

As opposed to PGP/MIME, where I need to trust more, that Enigmail won’t mess that up.

PGP MIME

Using option ‘Confirm, before sending’ set to ‘Always’, that I highly recommend to prevent messing up.

The post Why I prefer PGP/INLINE over PGP/MIME in Thunderbird/Enigmail appeared first on Whonix.

]]>
https://www.whonix.org/blog/pgp-inline-vs-mime/feed 0
Testers Wanted! Whonix 11 ( 11.0.0.3.0 ) – Release Candidate https://www.whonix.org/blog/testers-wanted-rc-11-0-0-3-0 https://www.whonix.org/blog/testers-wanted-rc-11-0-0-3-0#comments Wed, 17 Jun 2015 14:53:49 +0000 https://www.whonix.org/blog/?p=1621 The version number for this testers-only release is 11.0.0.3.0, which will become Whonix 11 the moment it’s blessed stable. Major changes are port of Whonix from being Debian wheezy (that is Debian oldstable) based to Debian jessie (that now is

The post Testers Wanted! Whonix 11 ( 11.0.0.3.0 ) – Release Candidate appeared first on Whonix.

]]>
The version number for this testers-only release is 11.0.0.3.0, which will become Whonix 11 the moment it’s blessed stable.

Major changes are port of Whonix from being Debian wheezy (that is Debian oldstable) based to Debian jessie (that now is Debian stable) based. And port from sysvinit to systemd among other enhancements, see changelog below.

Download link for Virtual Box images (.ova), kvm / qemu images and OpenPGP signatures (.asc):
http://mirror.whonix.de/11.0.0.3.0/

Upgrading Whonix 10 to Whonix 11:
https://www.whonix.org/wiki/Upgrading_Whonix_10_to_Whonix_11

If you want to build from source code, see:
https://www.whonix.org/wiki/Dev/Build_Documentation

Thanks to everyone who made this test release possible!

Forum Discussion:
https://www.whonix.org/forum/index.php/topic,1312

Changelog between Whonix 10.0.0.5.5 and Whonix 11.0.0.2.3:

https://www.whonix.org/blog/whonix-11-testers-wanted

Changelog between Whonix 11.0.0.2.3 and Whonix 11.0.0.3.0:

– tb-starter: Made path to Tor Browser configurable by tb_home_folder variable. Renamed variable home_folder to tb_home_folder to synchronize it with tb-updater. – https://phabricator.whonix.org/T338
– anon-meta-packages: added dependency on ‘gir1.2-gtk-3.0′ to ‘anon-workstation-default-applications’ because ‘mat’ misses it – http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788099 – https://www.whonix.org/forum/index.php/topic,1287.0.html
upstream bug report: mat missed dependency gir1.2-gtk-3.0 – http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788099
– genmkfile: cleanup debian.tar.xz (jessie support)
– tb-updater: output: improved message in case hash verification failed – https://github.com/Whonix/tb-updater/commit/285cb5c0ed3bb77c1f9d6a4c3e01a62b1fc7a650
– msgcollector: progress bar initial value fix for Debian jessie – https://github.com/Whonix/msgcollector/commit/bc26aee153a5a939a621ac198b11a445e2b74a38
– grub-enable-apparmor: backwards compatiblity fix with Whonix 10, restore original /etc/default/grub – https://github.com/Whonix/grub-enable-apparmor/commit/b99978709575365b99bebf4ca3bda129890f7d97
– rads: backwards compatiblity fix with Whonix <= 10.x: https://github.com/Whonix/rads/commit/cf0267514e6f2e472466ce30aaa4b6f3d807fb65
– whonixcheck: fixed Tor Config Check Result issue that was caused by the Tor upgrade; improved output for Tor Config Check Result – https://www.whonix.org/forum/index.php/topic,1295 – https://github.com/Whonix/whonixcheck/commit/bf55af20a5856d8a024a7eb821f5d54692dc5b15
– whonix-legacy: anon-gw-first-run-notice has been deprecated, merged into whonix-setup-wizard, therefore get rid of “/etc/xdg/autostart/gateway_first_run_notice.desktop”; Get rid of “/etc/grub.d/30_apparmor.cfg”, because that file has been moved from /etc/grub.d/30_apparmor.cfg to /etc/default/grub.d/30_apparmor.cfg since the path has changed since release of jessie. – https://github.com/Whonix/whonix-legacy/commit/9b50b5c33acee1a260acae2c1abccbef8f47663f
– vbox-disable-timesync: Do not try to (re-)start the service after package install/upgrade, because it could fail if kernel was upgraded, which would make the whole postinst script fail. – https://github.com/Whonix/vbox-disable-timesync/commit/f18af1107cedfc50ef06b054d1463835376e0415
– whonixcheck 2.2.1-1 / Whonix 10: stable fix, no longer run test check_tor_config, because it false positively detects an issue since the Tor upgrade – https://www.whonix.org/forum/index.php/topic,1295.0.html – https://github.com/Whonix/whonixcheck/commit/44b8921a214799b2d3e17281b2f4b0ee04643295
– debian-systemd mailing list: cannot extend network-manager unit file by using network-manager.service.d – https://lists.alioth.debian.org/pipermail/pkg-systemd-maintainers/2015-June/007613.html
– control-port-filter-python: added apparmor profile
documentation: Improved gpg import instructions. Key fingerprint is now checked before importing the key for better security. – https://www.whonix.org/wiki/Template:Build_Documentation_Get_Source_Code#Get_the_Signing_Key – https://www.whonix.org/wiki/Whonix_Signing_Key#Download_the_key
– msgcollector: increased MinimumSize so first line of gpg output is not needlessy line broken into two – https://www.whonix.org/forum/index.php/topic,261.150.html
– rads: silence by default when disabled – https://github.com/Whonix/rads/commit/270db5b186417dc38d938f014bd8006aeaf6cdc0
– repository: updated repository as per 11.0.0.3.0
– build script: added grub-screen-resolution and grub-output-verbose as weak recommended packages – https://phabricator.whonix.org/T354

The post Testers Wanted! Whonix 11 ( 11.0.0.3.0 ) – Release Candidate appeared first on Whonix.

]]>
https://www.whonix.org/blog/testers-wanted-rc-11-0-0-3-0/feed 0
Testers Wanted! Upgrading Whonix 10 to Whonix 11 ( 11.0.0.2.9 ) https://www.whonix.org/blog/testers-upgrade-10-to-11 https://www.whonix.org/blog/testers-upgrade-10-to-11#comments Mon, 15 Jun 2015 04:11:46 +0000 https://www.whonix.org/blog/?p=1615 Instructions for upgrading Whonix 10 to Whonix 11 are ready. A few more steps are required than the usual steps for upgrading. Check out the instructions: https://www.whonix.org/wiki/Upgrading_Whonix_10_to_Whonix_11 Please test and report back. Forum discussion: https://www.whonix.org/forum/index.php/topic,1304

The post Testers Wanted! Upgrading Whonix 10 to Whonix 11 ( 11.0.0.2.9 ) appeared first on Whonix.

]]>
Instructions for upgrading Whonix 10 to Whonix 11 are ready. A few more steps are required than the usual steps for upgrading.

Check out the instructions:
https://www.whonix.org/wiki/Upgrading_Whonix_10_to_Whonix_11

Please test and report back.

Forum discussion:
https://www.whonix.org/forum/index.php/topic,1304

The post Testers Wanted! Upgrading Whonix 10 to Whonix 11 ( 11.0.0.2.9 ) appeared first on Whonix.

]]>
https://www.whonix.org/blog/testers-upgrade-10-to-11/feed 0
Testers Wanted! Whonix 11 ( 11.0.0.2.3 ) https://www.whonix.org/blog/whonix-11-testers-wanted https://www.whonix.org/blog/whonix-11-testers-wanted#comments Fri, 05 Jun 2015 16:26:35 +0000 https://www.whonix.org/blog/?p=1597 The version number for this testers-only release is 11.0.0.2.3, which will become Whonix 11 the moment it’s blessed stable. Major changes are port of Whonix from being Debian wheezy (that is Debian oldstable) based to Debian jessie (that now is

The post Testers Wanted! Whonix 11 ( 11.0.0.2.3 ) appeared first on Whonix.

]]>
The version number for this testers-only release is 11.0.0.2.3, which will become Whonix 11 the moment it’s blessed stable.

Major changes are port of Whonix from being Debian wheezy (that is Debian oldstable) based to Debian jessie (that now is Debian stable) based. And port from sysvinit to systemd among other enhancements, see changelog below.

Download link for Virtual Box images (.ova), kvm / qemu images and OpenPGP signatures (.asc):
http://mirror.whonix.de/11.0.0.2.3/

Upgrading Whonix 10 to Whonix 11:
https://www.whonix.org/wiki/Upgrading_Whonix_10_to_Whonix_11

If you want to build from source code, see:
https://www.whonix.org/wiki/Dev/Build_Documentation

Thanks to everyone who made this test release possible!

Forum Discussion:
https://www.whonix.org/forum/index.php/topic,1282

Changelog between Whonix 10.0.0.5.5 and Whonix 11.0.0.2.3:

– fixed custom workstation build
– build script: refactoring, use errtrace rather than many traps – https://phabricator.whonix.org/T48
– build script: refactoring, use exit trap to reduce code duplication – https://phabricator.whonix.org/T269
– whonixcheck: warn if whonix-gateway / whonix-workstation package is not installed – https://phabricator.whonix.org/T264
– whonixcheck: warn if there is low entropy – https://phabricator.whonix.org/T202
– build, anon-apt-sources-list, anon-shared-build-apt-sources-tpo, whonix-repository: changed release codename from wheezy to jessie – https://phabricator.whonix.org/T270
– grub-enable-apparmor: Refactoring. Simplified for Debian jessie. Thanks to the new `/etc/default/grub.d` configuration folder, the `grub-enable-apparmor` has been greatly simplified. No longer need to config-package-dev divert `/etc/default/grub`.
– genmkfile: if debuild not available, recommend installation of the devscripts package
– build script: added fakeroot to whonix_build_script_build_dependency (required for verifiable builds)
– genmkfile: if debuild not available, recommend installation of the devscripts package
– genmkfile: fix, do not set automatically make_use_gain_root_command to true if fakeroot is not installed
– genmkfile: run dpkg-checkbuilddeps before lintian to show better hint if build dependencies are missing
– build script: build-steps.d/1200_create-debian-packages: commented out get_extra_packages, no longer need to download packages from testing
– build script: refactoring, created separate help step, help-steps/git_sanity_test
– whonixcheck: verbose output for check_tor_socks_port_reachability
– all packages: packaging, bumped Standards-Version from 3.9.4 to 3.9.6 for jessie support
– lintian warning copyright fix
– tb-updater: show “highest version number is not necessarily the best one” message also on first run if no Tor Browser is installed yet – https://phabricator.whonix.org/T283
– build script: No longer install acpi-support-base by default on jessie, because systemd now implements that functionality. – https://phabricator.whonix.org/T284
– whonixcheck: added link to Whonix Build Version documentation https://www.whonix.org/wiki/Whonixcheck#Whonix_Build_Version – https://phabricator.whonix.org/T276
– build script: Fix commit 287bdcf6ddee007ba579e3ee9a1997edc8188581 ‘”makefile: added –pedantic to default DEBUILD_LINTIAN_OPTS because we are going to fix the last remaining “missing upstream changelog” warning’ – added –pedantic help-steps/variables.
– all packages: added debian/source/lintian-overrides with debian-watch-may-check-gpg-signature to fix lintian warning – https://phabricator.whonix.org/T277
– whonix-setup-wizard, anon-gw-anonyminizer-config, whonixcheck, whonix-ws-start-menu-additions, whonix-host-firewall: added ‘Keywords=’ to ‘.desktop’ files to fix lintian warning ‘desktop-entry-lacks-keywords-entry’ – https://phabricator.whonix.org/T281
– anon-shared-helper scripts: replaced dependency ‘python-support (>= 0.90)’ with dh-python to fix lintian warning
– control-port-filter-python: packaging, use debhelper with python2 to fix lintian warning
– modify apt-get parameters during build to prevent need to remove apt-listchanges – https://phabricator.whonix.org/T282
– build-script: refactoring, moved variables DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_NOWARNINGS APT_LISTCHANGES_FRONTEND from help-steps/variables to buildconfig.d/30_apt_opts
– genmkfile: hint “Is the build dependency genmkfile installed?” if genmkfile is not installed
– genmkfile: hint ‘dpkg-parsechangelog not found. Do you have the “build-essential” package installed?’ if dpkg-parsechangelog is not available
– sdwdate: removed dependency on ruby1.9.1-dev to fix lintian warning ‘E: sdwdate: depends-on-obsolete-package depends: ruby1.9.1-dev’
– whonixcheck: show diagnostic message on whonixcheck Whonix News gpg verification failure by default
– build script: Fix building Whonix on Whonix, fix if `lsb_release –short –i` returns ‘Whonix’. Temp hack ‘export whonix_build_on_operating_system=”debian”‘ no longer required. Thanks to @nrgaway for the bug report and the analysis. – https://phabricator.whonix.org/T278
– tb-updater: tbbversion_installed parser fix
– anon-meta-packages: removed dependency on libupower-glib1 which is no longer available in Debian jessie (which has been replaced by upower, that already gets installed)
– anon-base-files, whonix-developer-meta-files: implemented WHONIX_BUILD_QUBES=true environment variable support – https://phabricator.whonix.org/T298
– anon-meta-packages: whonix-gateway and whonix-workstation package no longer depend on anon-shared-build-fix-grub because it has been made a weak dependency for better physical isolation and Qubes support
– code simplification, removed support for environment variable ANON_BUILD_INSTALL_TO_ROOT=true because anon-shared-build-fix-grub now gets only installed on required platforms
– implemented build parameter ‘–unsafe-io true’, that speeds up builds, that uses ‘-o Dpkg::Options::=–force-unsafe-io’, eatmydata and ignores ‘sync’. – Thanks to @nrgaway for the suggestion!  – https://phabricator.whonix.org/T295
– implemented $apt_misc_opts – https://phabricator.whonix.org/T295
– whonixcheck: new –verbose debug feature, showing output of systemd-detect-virt
– vbox-disable-timesync: more robust implementation that is compatible with systemd – https://phabricator.whonix.org/T106
– timesync: compatibility with systemd – https://phabricator.whonix.org/T106
– whonixcheck, msgdispatcher: ported to systemd – https://phabricator.whonix.org/T106
– qubes-whonix: skip rads on Qubes – https://phabricator.whonix.org/T306
– systemd unit files: workaround/fix, removed spaces from ‘WantedBy = ‘, likely bug in ‘deb-systemd-helper’ that prevents enabling the service by default – https://phabricator.whonix.org/T316
– created a hellodaemon package, useful for Debian systemd packaging debugging – not part of Whonix – https://github.com/adrelanos/hellodaemon
– whonixcheck: debian/control: fix, added to ‘Build-Depends:’ ‘ruby-ronn (>= 0.7.3)’
– disable torsocks warning spam – https://phabricator.whonix.org/T317
– whonix-libvirt: fixed CI builds
– whonix-libvirt: added driver name=’qemu’ – Thanks to HulaHoop! – https://github.com/Whonix/whonix-libvirt/pull/20 https://github.com/Whonix/whonix-libvirt/pull/19 https://github.com/Whonix/whonix-libvirt/pull/18
– anon-meta-packages: added obfs4proxy to anon-gateway-packages-recommended – https://phabricator.whonix.org/T323
– anon-meta-packages: added apt-transport-tor to anon-shared-packages-recommended – https://phabricator.whonix.org/T92
– whonix-gw-network-conf, whonix-ws-network-conf: Removed ‘pre-up /usr/bin/whonix_firewall’, because /etc/network/if-pre-up.d to load the firewall, because of a Debian upstream bug interface comes up even if a script in /etc/network/if-pre-up.d/ fails http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700811 was fixed. – https://phabricator.whonix.org/T68
whonix-gw-firewall, whonix-ws-firewall, whonix-host-firewall: Made package more standalone. Requiring ‘pre-up /usr/bin/whonix_firewall’ in /etc/network/interfaces is no longer necessary. Added etc/network/if-pre-up.d/30_whonix_firewall to load the firewall, because of a Debian upstream bug ‘interface comes up even if a script in /etc/network/if-pre-up.d/ fails’ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700811 was fixed. – https://phabricator.whonix.org/T68
– whonixsetup, whonix-setup-wizard: fix ‘Tor fails after reload related to torrc DisableNetwork setting issue’ by only restarting Tor, no longer trying to reload Tor – https://phabricator.whonix.org/T320
– rads: Improved implementation. When there is enough RAM… On ‘enter': instantly start login manager. On ‘ctrl + c': instantly abort and do not start login manager. On ‘timeout': start login manager. Thanks to ‘dh_systemd_start –no-start’ we can now use ‘StandardInput=tty’ and ‘read’ instead of ‘systemd-ask-password’. Now we could even implement an interactive menu at boot (that allows to configure wait time and/or disabling rads). – https://phabricator.whonix.org/T57
– whonixcheck: abolished random wait by default – https://phabricator.whonix.org/T299
– anon-ws-disable-stacked-tor: fixed ‘insserv: script tor.anondist-orig: service tor already provided!’ warning during upgrades – https://phabricator.whonix.org/T303
– anon-ws-disable-stacked-tor: systemd compatibility – https://phabricator.whonix.org/T303
– anon-base-files: no longer ‘set -o pipefail’ in /usr/lib/pre.bsh. config-package-dev doesn’t like ‘set -o pipefail’ – http://mailman.mit.edu/pipermail/config-package-dev/2015-May/000041.html – https://phabricator.whonix.org/T329
– upstream bug report: spaces in Tor’s systemd unit file causes issues – https://trac.torproject.org/projects/tor/ticket/16162
– upstream bug report: Tor dies on reload when swichting to ‘DisableNetwork 0′ when using ‘DnsPort 127.0.0.1:53′ – https://trac.torproject.org/projects/tor/ticket/16161
build script: fix, support ‘–verifiable false’ (was ‘–verifiable minimal’ while build documentation said ‘false’)
– uwt: multi user fix – https://www.whonix.org/forum/index.php/topic,1267
– Qubes: WiFi Realtek RTL8191SEvB Issue and Solution – https://groups.google.com/forum/#!topic/qubes-users/kMGTSwP72aU
– whonix-setup-wizard API proposal: https://www.whonix.org/wiki/Dev/whonixsetup

The post Testers Wanted! Whonix 11 ( 11.0.0.2.3 ) appeared first on Whonix.

]]>
https://www.whonix.org/blog/whonix-11-testers-wanted/feed 0