From Whonix


User Documentation[edit]

SSL in Wikipedia [1]

The public SSL certificate authority system is not to be trusted. Too many security breaches happened before. [2]

See also Man-in-the-middle attacks.

Whonix ™ Technical Design[edit]

SSL certificates, especially for (check.tpo) are not yet pinned in Whonix ™. Eventually that will be done in future. That needs some more discussion. How that technically could be done is documented under Dev/SSL Certificate Pinning. This has low priority for Whonix ™, since not even the Tor Browser Bundle does pin the check.tpo SSL certificate, which is a much bigger issue. Whonix ™ developer adrelanos does not agree with "low priority" in TBB. See TBB: hardcode SSL cert check to prevent MITM.


No comments for now due to spam. Use Whonix forums instead.

Random News:

Don't mind having your name connected to Whonix ™? Follow us on Twitter / Facebook.

https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.