Whonix for Cloud
< Dev
Whonix in the cloud - Development Considerations
Virtualization Technology[edit]
- docker based or KVM based?
Build Script TODO[edit]
- If docker based:
- create a docker filesystem tar.xz
- dockerfile Whonix-Gateway
- dockerfile Whonix-Workstation
- docker virtual internal networking
- If kubernetes based:
- kubernetes pod yaml
- internal networking?
Misc TODO[edit]
- preseed Anon Connection Wizard for non-interactive mode
- systemcheck fixes to support new virtualizer
- leak testing
- static networking vs DHCP
- DHCP
- needed?
- outside?
- find a security review contractor
- create a cloud-support package which contains cloud specific configuration tweaks
Cloud TODO[edit]
- cloud interface switch network button
- cloud interface different speed / anonymity choices
- kubernetes switch network
Anonymizer[edit]
- Working codenames:
- Default Tor (just "normal" Tor)
- Fast Tor (
- Own Tor (self-hosted Tor network)
- How to stop freeloaders?
- Why Tor?
- Tor supports transparent proxying
- supports nodes config
legal documents[edit]
- Existing documents can be re-used.
Sponsorship[edit]
- honest documentation in the usual style what if xyz how secure, less secure, more secure, etc.
- homepage, Download page gets a
cloud
button - main sponsor
- reputation instead of hand waving
- continuous support for future version support
- cooperation agreement
- oversight
- access to developers
- access to tickets
- advisory
- monitor and confirmation of progress
Secure Cloud Hardware TODO Research List[edit]
RAM Encryption[edit]
- PrivateCore
- Microsoft
- https://learn.microsoft.com/en-us/windows/security/information-protection/pluton/microsoft-pluton-security-processor
- https://azure.microsoft.com/en-us/products/key-vault/
- https://azure.microsoft.com/en-us/solutions/confidential-compute/#solution-architectures
- https://www.microsoft.com/en-us/research/project/microsoft-seal/
- https://learn.microsoft.com/en-us/windows/security/information-protection/pluton/microsoft-pluton-security-processor
- raptorengineering
- https://www.raptorengineering.com/TALOS/documentation/integrimon_intro.pdf
- https://www.raptorengineering.com/TALOS/security_features.php
- https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-1
- https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-2
- https://www.integricloud.com/
- https://www.raptorengineering.com/TALOS/documentation/integrimon_intro.pdf
- HashiCorp
- thales
- AWS
- https://en.wikipedia.org/wiki/Key_Management_Interoperability_Protocol
- KVM
- pKVM - protected KVM
Homomorphic Encryption[edit]
- https://en.wikipedia.org/wiki/Homomorphic_encryption
- Microsoft
- AWS

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!