Category: Whonix Important News

Stay tuned!

Most important stuff only. Security vulnerabilities and new stable versions only. For people with very limited time and interest in Whonix development and news.

Public Livestream on 14th of April at 8PM CEST and Patreon

Whonix is a project which requires a lot of dedication, passion and time to be properly maintained. Especially Patrick has sacrificed a huge part of his live to making a fail-safe way to use Tor accessible to as many people

Posted in Contribute, Whonix Important News

Whonix 13.0.0.1.4 stable upgrade released!

Qubes-Whonix: Either start with fresh templates. I.e. uninstall qubes-template-whonix-gw and qubes-template-whonix-ws. Then, to install, run in dom0: sudo qubes-dom0-update –enablerepo=qubes-tempates-community qubes-template-whonix-gw qubes-template-whonix-ws Or you can also upgrade from Whonix’s repository. Please refer to the following instructions: https://www.whonix.org/wiki/Qubes/Update Non-Qubes-Whonix: https://www.whonix.org/wiki/Download Or

Posted in Whonix Important News

How to upgrade Debian, Whonix, etc. without being compromised by CVE-2016-1252

See: https://www.whonix.org/wiki/CVE-2016-1252

Posted in Whonix Important News

don’t apt-get dist-upgrade for now – wait for workaround – CVE-2016-1252

Update, see: * https://www.whonix.org/wiki/CVE-2016-1252 * https://forums.whonix.org/t/how-to-upgrade-debian-whonix-etc-without-being-compromised-by-cve-2016-1252 Short: Don’t ‘apt-get dist-upgrade’ for now until a workaround was published We are currently discussing this Debian apt-get security issue. https://forums.whonix.org/t/apt-get-upgrading-security-issue-cve-2016-1252 https://github.com/QubesOS/qubes-issues/issues/2520 This blog post will later be updated. Another security advisory blog post

Posted in Whonix Important News

accessibility tools could be automatically removed / you probably should remove them

If you do not use any accessibility tools (gnome-orca, espeakup, console-braille, florence, dasher, kdeaccessibility, kvkbd, kmousetool, kmag, kmouth, jovie, xbrlapi, festival, qt-at-sp), you will not miss anything. (You would probably know if you are using them.) Soon, there will be

Posted in Whonix Important News

combining Tor with a VPN or proxy can make you less anonymous

Using a VPN, proxy or SSH can can negatively affect anonymity under some circumstances. [1] [2] To explain why that is, some background information is required so you can draw conclusions and take actions to avoid this risk. See below.

Posted in Whonix Important News, Whonix Misc News, Whonix Wiki Updates

Your MAC Address Randomization attempts are futile!

The following paper explains why. Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms The above interesting paper has been found by HulaHoop and added to Whonix MAC address documentation.

Posted in General Security News, Whonix Important News, Whonix Wiki Updates

Whonix 13 released!

Qubes-Whonix: Either start with fresh templates. I.e. uninstall qubes-template-whonix-gw and qubes-template-whonix-ws. Then, to install, run in dom0: sudo qubes-dom0-update –enablerepo=qubes-tempates-community qubes-template-whonix-gw qubes-template-whonix-ws Or you can also upgrade from Whonix’s repository. Please refer to the following instructions: https://www.whonix.org/wiki/Upgrading_Whonix_12_to_Whonix_13 Non-Qubes-Whonix: https://www.whonix.org/wiki/Download Or

Posted in Whonix Important News

most encryption will be broken

In ~10 years Quantum Computers will break todays common asymmetric public-key cryptography algorithms used for web encryption (https), e-mail encryption (gnupg…), ssh and others. See Post-Quantum Cryptography (PQCrypto).

Posted in Whonix Important News, Whonix Misc News, Whonix Wiki Updates

Biometric Fingerprinting, Mass Surveillance and You

Tracking techniques have become more sophisticated with time. They advanced from simple cookies to browser/device fingerprinting (which Tor Browser focuses on defeating) to user behavior fingerprinting. The latter is about profiling how a user types on a keyboard or uses

Posted in Contribute, General Security News, Testers wanted!, Whonix Important News, Whonix Known Issues