Whonix ™ 13 Changelog[edit]

Whonix ™ 13 was released on May 31, 2016. ^[1] Whonix ™ 13 contains many small security and usability improvements, features and bug fixes. ^{[2] [3]}

Descriptions of changes in Whonix ™ 12 ^[archive] and earlier versions ^[archive] can be found on sourceforge.net.

All Platforms[edit]

AppArmor[edit]

• Fixed the Tor Browser AppArmor profile to allow correct functionality. ^[4]
• Resolved AppArmor conflicts affecting Pidgin, Chromium and Evince. ^[5]
• Merged AppArmor profiles for sdwdate, timesync and whonix-check into their corresponding packages and now install them by default. ^[6]

Bug Fixes[edit]

• Fixed broken whonix-setup-wizard functionality. ^[7]

Code[edit]

• Updated Whonix ™ code for Tor Browser tb-updater. ^[8]
• Refactored the Whonix ™ socks redirection firewall rules to reduce their size and use less script code. ^{[9] [10]}
• Refactored Whonix ™ code so that scripts only use configuration files that end with the .conf extension. ^[11]

Improved Functionality and Usability[edit]

• Modified whonixcheck to test for slow or fast system clocks which prevent Tor from properly connecting. ^[12]
• Implemented an explicit check for timekeeping watchdog kernel messages in whonixcheck, so users are warned about clock jumps which prevent / time-out Tor connections. ^[13]
• Enforced maximized terminal windows for xdg desktop users. ^{[14] [15]}
• Enabled Transparent Proxy Ports for Whonix-Gateway ™ by default (except for Whonix ™-Firewall). ^{[16] [17]}
• Configured Whonix ™ to use /etc/skel instead of writing to the home folder directly to maintain forward compatibility with Qubes. Further, this allows for proper error-handling where "user" is hardcoded in Whonix ™, and a newly created account with a different name has been used. ^[18]
• Deprecated the timesync progress bar and replaced it with a tray icon using sdwdate-gui to improve usability and reduce confusion. ^[19]
• Created a stable-proposed-updates repository for users who want to help in testing Whonix ™ fixes, without resorting to the testers repository which comes with many more changes. ^[20]
• Moved the WhonixBackupScript to the usability-misc package to make it more accessible. ^[21]
• Replaced XChat with HexChat, since the former is no longer actively maintained, and created a new AppArmor profile to contain it. ^[22]
• Implemented a VPN_FIREWALL feature as part of whonix-ws-firewall. ^[23]

Security Enhancements[edit]

• Created a security-misc package that turns off Nautilus and Dolphin file previews by default, since this poses security risks. ^[24]
• A known, good version of Tor is now maintained and uploaded to the Whonix ™ repository from deb.torproject.org ^[25]
• Uploaded the Tor 0.3.2.9 major (stable) release to the Whonix ™ repository to enable full v3 onion functionality for both hosting of onion services and access to v3 onion addresses in Tor Browser. ^[26]
• Extended the lifetime of the Whonix ™ signing key. ^[27]
• Sourced new onion services webservers for the sdwdate feature, which ensures the system's clock is correctly set for security, privacy and anonymity purposes. ^[28]

Qubes-Whonix ™[edit]

Bug Fixes[edit]

• Fixed qubes-whonix-firewall systemd service start. ^{[29] [30]}
• Resolved whonixcheck fixes for Qubes R4. ^[31]
• Corrected false positive failure messages for the updates proxy test in Qubes R4. ^{[32] [33]}
• Disabled qubes-SetDateTime / qubes.SyncNtpClock in Qubes-Whonix ™ VMs since it interfered with timesync. ^[34]
• Resolved accumulation of old Tor Browser instances in /var/cache/tb-binary/.tb/ which caused users to run into full disk error messages. ^[35]
• Resolved an occasional error message whereby Whonix ™ templates incorrectly reported they were not connected to the Whonix-Gateway ™ ProxyVM. ^[36]
• Resolved the broken anon-ws-disable-stackedtor function in Qubes-Whonix ™. ^[37]
• Enforced the opening of all links from sys-whonix, whonix-gw and whonix-ws in the anon-whonix AppVM to prevent error messages. ^[38]

Builds[edit]

• Corrected the build failure of Whonix-Workstation ™ template in Qubes-Whonix ™ R3.2 and added the qubes-template-whonix to continuous integration service TravisCI. ^[39]
• Resolved Whonix ™ template build failures in Qubes R4 related to Tor Browser downloads. ^[40]
• Changed the Qubes-Whonix ™ build process to install Whonix ™ from the Whonix ™ binary APT repository. This simplifies code, results in faster builds, removes build dependencies inside the template, and reduces the overall template size. ^[41]
• Allowed the Whonix ™ build script to run as root and reworked user_name. ^[42]

Code[edit]

• Removed fetching of Whonix ™ source code in qubes-template-whonix. ^[43]
• Removed the qubes-update-check system service from Qubes-Whonix ™ TemplateVMs, since it was unnecessary. ^{[44] [45]}
• Reworked / removed a number of installed packages in Qubes-Whonix ™ which are only required for the Non-Qubes-Whonix ™ desktop. ^{[46] [47]}
• Removed the default username and password in the Qubes-Whonix ™ terminal, because it is not required. ^[48]

Improved Functionality and Usability[edit]

• Ported whonixcheck and tb-updater to Qubes' qrexec-based updates proxy, since TemplateVMs are non-networked by default in Qubes R4. ^[49]
• Changed the tb-updater configuration to use Qubes updates proxy, since Qubes R4 sets the NetVM of TemplateVMs to none by default. ^[50]
• Implemented the ability to install Whonix-Workstation ™ and Whonix-Gateway ™ from dom0 with a sudo apt-get install whonix-(workstation|gateway) feature. ^[51]
• Ported the bind-directories functionality upstream to Qubes. ^[52]
• Implemented the new bind-directories functionality in Qubes-Whonix ™. ^[53]
• Implemented a check for whether the whonix-gw ProxyVM (sys-whonix) has a NetVM which is set to "none", with a warning shown if this is the case. ^[54]
• Implemented a new feature so that following an update of the Whonix-Workstation ™ TemplateVM, newly created AppVMs based on the updated TemplateVM come with an up-to-date version of Tor Browser. ^[55]
• Modified whonixcheck to check if: Whonix-Gateway ™ is running in a NetVM or ProxyVM; Whonix-Workstation ™ is running in an AppVM; and to skip the test if a TemplateVM is detected. ^[56]

Security Enhancements[edit]

• Prevented /usr/lib/qubes/qubes-setup-dnat-to-ns from running in Qubes-Whonix ™ to stop it from modifying firewall rules. ^[57]

Whonix ™ 14 Changelog[edit]

Whonix ™ 14 was released on August 6, 2018. Significantly, Whonix ™ 14 is based on the Debian stretch (Debian 9) distribution which was released in mid-2017, instead of Debian jessie (Debian 8). ^[58] Users now have access to numerous updated and new software packages, a more modern branch of GnuPG, and more. ^{[59] [60] [61]}

All Platforms[edit]

AppArmor[edit]

• Fixed the whonixcheck AppArmor profile to remove continuous denied messages relating to signal. ^[62]
• Fixed the AppArmor profile for obfs4proxy to enable correct functioning of Tor Bridges in Whonix-Gateway ™. ^[63]
• Fixed the Tor Browser AppArmor profile to allow correct functionality. ^[64]
• Corrected the tor-controlport-filter AppArmor profile to ensure correct functioning. ^[65]
• Removed the Pidgin AppArmor profile, since Pidgin is recommended against for security reasons. ^[66]
• Hardened the Control Port Filter AppArmor profile. ^[67]
• Disabled installation of apparmor-notify (AppArmor notifications) by default, thereby removing the reporting of mostly harmless denied messages. ^{[68] [69]}

Bug Fixes[edit]

• Corrected the broken whonix-setup-wizard autostart on Whonix-Gateway ™. ^[70]
• Fixed sdwdate-gui freezing when using right-click in the menu. ^[71]
• Fixed dependency issues which prevented the whonix-setup-wizard gui from starting. ^[72]
• Implemented the correct Tor --verify command for Whonix-Gateway ™ torrc configuration checks to prevent the reporting of false positives. ^[73]
• Modified the uwt wrapper script to correctly handle symbolic links. ^[74]
• Changed the Whonix-Gateway ™ firewall prerouting rules for socks ports so they do not interfere with trans port traffic. ^[75]
• Modified whonixcheck to first test if network interfaces are up to prevent the test from failing unnecessarily. ^[76]
• Fixed a whonixcheck whonix-firewall check race condition. ^[77]

Builds[edit]

• Resolved genmkfile build dependencies for building Whonix-Workstation ™ and Whonix-Gateway ™. ^[78]
• Confirmed the new and upgraded Whonix ™ 14 builds are identical. ^{[79] [80]}
• Fixed debian/control parsing with respect to make_deb_build_dependencies / make_deb_runtime_dependencies. ^[81]

Code[edit]

• Updated Whonix ™ code for Tor Browser tb-updater. ^[82]
• Changed the bindp compile to postinstall to make it cross-platform (Qubes, 64-bit, 32-bit). ^[83]
• Rewrote sclockadj in C and updated the sdwdate package to compile sclockadj. ^{[84] [85]}
• Implemented symlinks for onion-grater profiles to maintain functionality following profile upgrades. ^[86]
• Enhanced onion checking in sdwdate to improve the unit test. ^[87]
• Ported msgcollector to python3 and python3-pyqt5. ^[88]
• Ported whonix-setup-wizard to python3. ^[89]
• Ported python-guimessages to python3. ^[90]
• Rewrote sdwdate to ensure python exceptions are written to the journal. ^[91]
• Rewrote control-port-filter-python to ensure exceptions are written to the journal. ^[92]
• Re-added some non-essential packages to Whonix ™ that were removed from Debian stretch. ^{[93] [94]}
• Ported helper-scripts so they instead use Tor authentication cookies. ^[95]
• Ported whonixcheck check_tor_socks_port_reachability.bsh to use the Tor unix domain socket socks file. ^[96]
• Ported anon-ws-disable-stacked-tor to systemd socket activation to remove unnecessary, idle socat listeners. ^{[97] [98]}
• Removed auditd configuration folder parsing /etc/audit/rules.d/ by default, since the feature has been implemented upstream.
• Implemented anonymous counting of Whonix ™ users via the whonixcheck Whonix ™ News function. ^{[99] [100]}
• Implemented, but did not activate changes to the Whonix ™ firewall so: sdwdate is stopped before suspend; timesync-fail-closed mode is set before suspend; sdwdate is restarted after resume; and Whonix ™ firewall enters full mode after resume following successful sdwdate activation. ^[101]
• Configured auditd to process the configuration folder /etc/audit/rules.d/ by default to aid debugging. ^{[102] [103]}
• Implemented monitoring of changes to /var/lib/tor/lock access rights via auditd to aid debugging. ^[104]
• Modified anon-ws-disable-stacked-tor to maintain Tor Browser functionality with Unix domain socket files redirection and prevent Tor over Tor scenarios. ^[105]
• Configured whonixcheck to test for failed daemons. ^[106]
• Implemented a sdwdate sd_notify systemd watchdog. ^[107]
• Disabled systemd-resolved and instead implemented a /lib/systemd/system/systemd-resolved.service.d/ drop-in. ^[108]
• Ported /usr/sbin/service to systemctl as the latter runs non-interactively. ^[109]
• Disabled timedatectl network time synchronization in Debian stretch to prevent conflicts with sdwdate. ^[110]
• Removed brltty, brltty-speechd and brltty-x11 since they create a local listener port which may conflict with onion-grater. ^[111]
• Modified anon-ws-disable-stacked-tor systemd-unit-files-generator so it is configurable. ^[112]
• Rewrote slockadj3 in C and determined how to prevent spamming of sclockadj3 time changes to logs. ^{[113] [114] [115] [116]}

Improved Functionality and Usability[edit]

• Implemented the major new Anon Connection Wizard feature to simplify connections to the Tor network via a Tor bridge and/or a proxy. ^[117]
• Integrated the Tor Pluggable Transport meek_lite. ^[118]
• Integrated anon-connection-wizard into whonix-setup-wizard, so that the latter can now start the former. ^[119]
• Removed the Control Port Filter Proxy script from anon-ws-disable-stacked-tor since it is no longer required for proper Tor connections or Tor Browser functions (its functionality is now replaced by onion-grater ^[archive]). This means Ricochet, Zeronet and OnionShare are now compatible with Whonix ™. ^{[120] [121] [122]}
• Installed necessary dependencies for proper ZeroNet functionality. ^[123]
• Installed onioncircuits by default in Whonix-Gateway ™. ^[124]
• Added --list-interface to tor-controlport-filter, as it works better with dynamic IP addresses. ^[125]
• Added a /etc/tor-controlport-filter.d configuration extension feature. ^[126]
• Fixed the control-port-filer-python configuration to rewrite HS_DESC replies by Tor, so OnionShare is supported. ^[127]
• Merged the tor-controlport-filter by Tails for various enhancements. ^[128]
• Implemented more user-friendly error messages (instead of tb-starter error handlers) when non-Whonix ™ related Tor Browser issues cause start-tor-browser to fail and exit zero. ^[129]
• Implemented sane built-in defaults for whonix-gw-firewall, whonix-ws-firewall, whonixcheck, sdwdate, uwt, onion-grater, rads, open-link-confirmation, tb-starter and tb-updater, even if configuration files do not exist. ^[130]
• Changed uwt to set AllowOutboundLocalhost / AllowInbound which can help make servers utilizing Tor onion services work. ^[131]
• Implemented a sd_notify watchdog feature for onion-grater so the service is restarted if it appears to be running, but has became unresponsive. ^[132]
• Created a bindp Whonix ™ package to enable Whonix-Workstation ™ applications that use Tor ephemeral onion services to bind on all interfaces as necessary. ^[133]
• Modified sdwdate to check if the clock is changed "behind the back" of the program and suggest a manual user fix. ^[134]
• Improved default torsocks information / warning messages when wrapped commands are invoked to reduce user confusion. ^[135]
• Both Non-Qubes-Whonix ™ and Qubes-Whonix ™ are now compatible with the Tor Project's sandboxed Tor Browser. ^[136]

Security Enhancements[edit]

• Confirmed functionality of the kloak anti-keystroke deanonymization tool in Whonix ™. ^{[137] [138]}
• Identified more reliable onion servers as appropriate time sources for sdwdate, which enables correct network time synchronization for anonymity-focused distributions. ^[139]
• Implemented Tails' Control Port Filter Proxy in Whonix ™ and merged recent changes since it was forked. ^{[140] [141]}
• Fixed security and hardening (stack canary) issues with the bindp libindp.so package (which were merged upstream). ^[142]
• Uploaded Tor version 0.3.3.9 (stable) release to the Whonix ™ repository to enable full v3 onion functionality for both hosting of onion services and access to v3 onion addresses in Tor Browser. ^[143]
• Onion sources are now preferred for Whonix ™ updates/upgrades for greater security. Note: this change has been reverted due to the unreliable nature of onion connections at present - see footnote. ^[144]
• Disabled the apt-timer in Debian stretch to prevent auto updates, thereby preventing the attendant security risks associated with background updates without user input. ^[145]
• Disabled nautilus previews by default due to the security risks. ^[146]
• Implemented uwt to set TORSOCKS_ISOLATE_PID in Debian Stretch so all uwt wrapped applications are stream isolated. ^[147]
• Implemented tor+http / apt-transport-tor rather than Acquire::BlockDotOnion "false" for better security and stream isolation. ^[148]
• Disabled the systemd DNS resolver feature in order to reduce the attack surface and to remove the potential for adverse anonymity impacts. ^[149]
• Established a dedicated Whonix ™.org repository, with appropriate redirects from Whonix ™ mirrors. ^[150]
• Removed the DHCP client from Whonix-Gateway ™ and switched to a static network configuration so the dhclient is no longer present on all interfaces, including the internal network. ^[151]
• Disabled VLC metadata collection by default. ^[152]
• Disabled "Obey DRM limitations" in Okular, ^[153] since Digital Rights Management (DRM) can be used as a tracking vector. ^{[154] [155]}

Non-Qubes-Whonix[edit]

Bug Fixes[edit]

• Increased the Whonix-Gateway ™ VRAM in VirtualBox from 8 to 16 MB to avoid error messages and possible video problems when using full screen mode. ^[157]
• Corrected sdwdate-gui systray so it properly registers in kde systray and does not appear as a gap in the Entry column. ^[158]
• Corrected the sdwdate-gui tray icon so it is visible in Debian stretch. ^[159]
• Corrected the virtualization detection method to properly recognize KVM. ^[160]

Builds[edit]

• Reduced the size of the default, binary Whonix ™ images by approximately 50 per cent using zerofree. ^{[161] [162] [163] [164]}

Code[edit]

• Removed kmix-disable-autostart since it is no longer required to make sure the clipboard history icon is loaded into the system tray. ^[165]

Improved Functionality and Usability[edit]

• Created the grub-live package which can run Whonix ™ as a live system. ^{[166] [167]}
• Added Kscreen to Whonix ™ by default in order to allow DPI scaling and other basic desktop features of Plasma 5. ^[168]
• Removed the VirtualBox shared folder and confirmed automounting of shares is enabled in Debian stretch. ^[169]

Security Enhancements[edit]

• Removed okular from anon-shared-applications-kde to anon-workstation-default-applications so it is not installed on Whonix-Gateway ™. ^[170]
• Hide the CPUID in VirtualBox 5 by setting generic values via HostCPUID. ^[171]

Qubes-Whonix ™[edit]

Bug Fixes[edit]

• Implemented whonixcheck fixes for Qubes R4. ^[172]
• Corrected false positive failure messages for the updates proxy test in Qubes R4. ^{[173] [174]}
• Resolved non-functionality of Tor Browser due to jemalloc corruption. ^[175]
• Resolved segfaults in Tor Browser caused by excessive string length in the XDG_CONFIG_DIRS environment variable. ^[176]
• Resolved accumulation of old Tor Browser instances in /var/cache/tb-binary/.tb/ which caused users to run into full disk error messages. ^[177]
• Corrected dependencies in the qubes-whonix package to resolve issues when upgrading to Debian stretch. ^[178]
• Fixed a corridor lintian warning on Debian related to systemd documentation. ^[179]
• Resolved error messages associated with tput using an empty TERM environment variable. ^[180]
• Resolved the failure of tb-updater to copy Tor Browser into the user's home directory on first VM startup in Qubes R4. ^{[181] [182] [183]}
• Implemented the correct appmenus for Qubes-Whonix ™ 14 TemplateVMs and fixed missing appmenu entries. ^{[184] [185]}
• Resolved the false positive timedatectl error message when using whonixcheck. ^[186]
• Corrected the absent 'Connected to Tor.' message, which arose due to a missing notification daemon. ^[187]
• Resolved non-persistence of files in /usr/local, such as the Tor configuration file. ^{[188] [189]}
• Implemented a qvm-features-request whonix-ws=1, so that newly created Whonix-Workstation ™ AppVMs inherit the anon-vm tag. ^{[190] [191] [192]}
• Created qubes-core-admin-addon-whonix to enforce the anon-vm tag for newly created Whonix-Workstation ™ AppVMs. ^[193]
• Removed redundant warning messages affecting Whonix-Workstation ™ DisposableVMs that related to the first invocation of an open-link-confirmation. ^[194]
• Fixed an apt-get package issue whereby some users were downgraded to a known vulnerable version. ^{[195] [196]}
• Corrected an aptitude update failure which affected all Qubes-Whonix ™ VMs. ^[197]
• Installed Tor Browser by default in Whonix-Workstation ™-DisposableVMs, as it was previously missing upon VM launch. ^[198]
• Fixed the periodic failure of Whonix-Workstation ™ AppVMs to start correctly, which prevented the launch of any user applications. ^[199]
• Fixed an error which caused /etc in Qubes-Whonix ™ templates to be owned by user:user ^[200]

Builds[edit]

• Corrected the build failure of the Whonix-Workstation ™ template in Qubes-Whonix ™ R3.2 and added qubes-template-whonix to the continuous integration service TravisCI. ^[201]
• Removed older unstable Whonix ™ 14 builds from Qubes' unstable repository. ^[202]
• Resolved unexpected build failures. ^[203]
• Removed Whonix ™ 14 templates from Qubes' unstable repository, since testing versions now reside in qubes-templates-community-testing. ^[204]
• Backported versioning of Whonix ™ template names from Qubes R4 to Qubes R3.2 to simplify the installation procedure for users on the earlier platform. ^[205]

Code[edit]

• Removed cups and system-config-printer from Whonix-Workstation ™, since printing capabilities are better suited to alternate VMs and this also removes a local TCP listener that is otherwise created. ^[206]
• Corrected anon-meta-packages compatibility for Qubes R3.2 and R4. ^[207]
• Installed pulseaudio-qubes for audio support and removed pulseaudio and VLC from sys-whonix. ^[208]
• Created a qvm-features-request whonix-gw=1 as a prerequisite for sdwdate-gui-qubes. ^[209]

Improved Functionality and Usability[edit]

• Confirmed full Qubes-Whonix ™ compatibility with Qubes R4. ^[210]
• Confirmed Qubes-Whonix-Workstation has full DispVM support. ^[211]
• Created a tb-updater storage path for Qubes R4 so new AppVMs and DisposableVMs have a copy of the latest Tor Browser version. ^{[212] [213]}
• Created Qubes-Whonix ™ 14 SaltStack state files with flexible versioning for future releases. ^{[214] [215]}
• Modified Qubes-Whonix ™ Salt code so the repository is not hard-coded, allowing users to choose either the qubes-templates-community or qubes-templates-community-testing repository. ^[216]

Licensing[edit]

• Added a COPYING file to the Qubes-Whonix ™ template repository to assure users they are covered by a free software license. ^{[217] [218]}

Security Enhancements[edit]

• Added Qubes-Whonix ™ tags on domain-load rather than upon VM creation to avoid missing tags for users that upgrade. ^[219]

---

Whonix ™ 14 Updates[edit]

As Whonix ™ is now a rolling distribution, users will benefit from regular small security and usability improvements, features and bug fixes as they enter the Whonix ™ stable repository. Those will be announced here.

Documentation[edit]

• Simplified Whonix ™ Documentation. ^{[220] [221]}
• Documented multiple Qubes TemplateVMs. ^{[222] [223] [224]}
• Documented a recovery procedure after a (suspected) compromise. ^{[225] [226]}
• Created a systemd-socket-proxyd instructions template. ^{[227] [228]}
• Conducted research into Single Tor-Gateway with Multiple Workstations versus Multiple Tor-Gateways mapped 1:1 to Workstation VMs. ^{[229] [230]}
• Documented identity correlation attacks and defenses / removing the Apache recommendation. ^{[231] [232] [233] [234]}
• Created an apt-get Qubes template. ^{[235] [236]}
• Documented how to use SecBrowser and configured a secbrowser wrapper that disables Tor. ^{[237] [238]}
• Updated the Control Port Filter Proxy wiki page. ^[239]
• Created documentation for ZeroNet support. ^{[240] [241]}
• Finalized wiki edits for numerous, outstanding documentation fixes and additions. ^[242]

Website Fixes and Outreach[edit]

• Website fixes: implemented the proposed download directory structure as well as download redirects, stable download links and permalinks. ^[243]
• Implemented numerous mediawiki fixes for better website presentation. ^[244]
• Opened a Peertube video channel. ^{[245] [246]}
• Updated Release Announcements to collate all places where this should be posted. ^[247]
• Post Whonix release announcements in crypto currency Reddit forums. ^[248]
• Researched social media strategies to increase Whonix ™ awareness. ^[249]
• Established mirroring of all Whonix ™ announcements. ^[250]
• Bookmarked the outreach workboard. ^{[251] [252]}
• Signed the Whonix ™ developer team up to various developer mailing lists. ^[253]

All Platforms[edit]

AppArmor[edit]

• Corrected the dnscrypt-proxy AppArmor profile for full functionality. ^[254]
• Removed unnecessary and extensive capabilities from the Tor Browser AppArmor profile. ^{[255] [256] [257]}
• Amended the Tor Browser AppArmor profiles so 8.* versions correctly launch. ^{[258] [259]}
• Added capability sys_module to whonixcheck because it is required for ifconfig. ^{[260] [261]}
• Added a wildcard for non-Tor or modified Tor Browser Bundles. ^{[262] [263]}
• Deprecated /etc/apparmor.d/home.tor-browser.start-tor-browser due to broken functionality. ^[264]
• Added various permissions to the XChat AppArmor profile for greater functionality. ^[265]

Bug Fixes[edit]

• Implemented an automated /var/lib/tor permission fix. ^{[266] [267]}
• Installed the missing pinentry-qt package so Enigmail decryption is functional. ^{[268] [269]}
• Fixed the Whonix custom firewall settings start menu entry in Whonix XFCE. ^[270]
• Fixed the false-positive "Tor Browser not installed" message in tb-starter. ^[271]
• Onion-grater: fix Tor control auth cookie authentication even if HashedControlPassword is set. ^[272]
• Fixed output when using open-link-confirmation. ^[273]
• Change etc/.skel to etc/skel/Downloads in all code. ^{[274] [275]}

Builds[edit]

• Released new Whonix 14 builds to address the APT security update bug. ^{[276] [277]}

Code[edit]

• whonixcheck: grep journal for "fail", "error" and "denied". ^[278]
• Re-implemented Tor Browser local version number detection. ^[279]
• Decided against virtualizer configurations which attempt to hide the CPU model. ^{[280] [281] [282]}
• Moved kcalc, okular, gwenview, kgpg, libkf5kipi31.0.0 and libkf5kipi-data from hardened-desktop-applications-kde to non-qubes-whonix-workstation-kde and qubes-whonix-workstation. ^[283]
• Simplified code by using apt-key rather than custom code when adding a gpg key. ^[284]
• Fixed the mime type in whonix-repository. ^[285]
• Refactored the whonixcheck code and included an option to show "sudo apt-get-update-plus dist-upgrade" if it is available. ^{[286] [287]}
• Ported the IP check in whonixcheck to https://check.torproject.org/api/ip ^{[archive] [288]}
• sdwdate-gui: permission lockdown, fixed merge conflicts, avoidance of 'clock is fast' false positives and other miscellaneous fixes. ^{[289] [290] [291] [292]}
• anon-ws-disable-stacked-tor: set 'restart' rather than 'start' to support running scripts. ^[293]
• Added a mechanism to add variables to Debian packaging maintainance scripts. ^{[294] [295]}
• Thunderbird is no longer installed by default in Whonix ™. ^{[296] [297]}
• Beautified the Whonix landing page for Tor Browser v8.0+. ^{[298] [299]}
• Implemented use of /usr/lib/helper-scripts/terminal-wrapper rather than hardcoding Konsole. ^{[300] [301] [302] [303]}
• Deprecated anon-workstation-extra-applications, anon-workstation-langpack-common and anon-shared-desktop-langpack-kde. ^{[304] [305]}

Improved Functionality and Usability[edit]

• Changed (Qubes-)Whonix default applications from KDE to XFCE. ^{[306] [307] [308]}
• Installed magic-wormhole by default as an OnionShare alternative. ^{[309] [310] [311]}
• Set mousepad as the default editor for sudoedit. ^{[312] [313]}
• Added support for XFCE, thunar and gksudo in Whonix-Gateway. ^[314]
• Allow multiple flashproxy ports in Whonix firewall. ^{[315] [316] [317] [318]}
• Disabled Whonix ™ onion apt sources by default due to unreliability. ^{[319] [320] [321]}
• Added a new branch for compression/decompression tools. ^{[322] [323] [324]}
• Implemented support for the new Snowflake pluggable transport in Anon-Connection-Wizard. ^[325]
• Implemented the Tor Controller GUI in Whonix ™ with various fixes. ^[326]

Security Enhancements[edit]

• Removed mapaddress entries in torrc for 1.1.1.1 and 2.2.2.2 due to the fingerprinting risk. ^{[327] [328]}
• Run whonixcheck in Whonix-Workstation on first time boot. ^{[329] [330]}
• Added a spectre/meltdown test to whonixcheck. ^{[331] [332]}
• Enforce connections to deb.debian.org instead of us.debian.org and now use https (SSL/TLS) by default, as well as fixing build --connection onion. ^{[333] [334]}
• Implemented optional tb-updater onion mirrors download support. ^{[335] [336]}
• Corrected systemd hardening for onion-grater. ^[337]
• Added systemd sandboxing for sdwdate. ^[338]
• Enforced tor+http in apt sources lists to make use of apt-transport-tor. ^{[339] [340] [341] [342]}
• Disabled uncommon network protocols for improved security. ^{[343] [344] [345]}
• Added a Bitcoin Core onion-grater profile. ^{[346] [347] [348] [349]}

Non-Qubes-Whonix[edit]

Bug Fixes[edit]

• Disabled KDE session restoration to prevent VirtualBox error notifications upon boot in either Whonix-Gateway or Whonix-Workstation. ^{[350] [351] [352]}
• Start the KDE desktop session login with an empty session / resolve the kdesudo error popup window related to sdwdate-gui. ^[353]
• Fixed the Whonix-Gateway XFCE / CLI keyboard layout error. ^[354]
• Fixed a lintian error for sdwdate-gui / missing xml files for specific desktop environments. ^{[355] [356] [357]}

Code[edit]

• Closed all KDE-related requests and bug fixes following the shift to XFCE. ^[358] This includes:
  • Change default application to not use kmail. ^[359]
  • Change KDE theme and KDE mouse theme. ^[360]
  • Disable the Baloo file indexer. ^[361]
  • Add /media to desktop icons. ^[362]
  • Add /media to pinned places in Dolphin. ^[363]
  • Disable/remove KDE system and network settings. ^[364]
  • Disable web shortcuts. ^[365]
  • settings-plasma search/configure search configurations from Whonix-Gateway. ^[366]
  • Non-Qubes-Whonix KDE plasma 5 fixes. ^[367]
• Implemented numerous XFCE fixes: Whonix builds, desktop shortcuts, xfce4-terminal, related meta-packages and general fixes. ^{[368] [369] [370] [371] [372]}
• Created a configuration file for Whonix XFCE Desktop. ^[373]
• Updated the check for installed meta packages for Whonix XFCE and Whonix CLI. ^[374]
• Removed pulseaudio from hardened-desktop-applications-xfce. ^[375]
• Removed Ristretto from hardened-desktop-applications-xfce. ^{[376] [377]}
• Deprecated non-qubes-vm-enhancements-gui. ^{[378] [379]}
• Merged whonix-shared-packages-recommended-cli into whonix-shared-packages-dependencies-cli. ^[380]
• Port to and take ownership of /etc/xdg/xfce4/xfconf/xfce-perchannel-xml ^{[381] [382] [383]}
• Modified whonix-firewall to remove the old IP 192.168.0.10 reference in non-qubes-whonix-gateway. ^[384]
• Minimized VirtualBox Whonix-Gateway CLI differences with non-qubes-whonix-workstation cli. ^{[385] [386]}

Improved Functionality and Usability[edit]

• Implemented Whonix for arm64 / Raspberry Pi (RPi). ^[387]
• Implemented a unified Whonix download rather than separate Whonix-Gateway / Whonix-Workstation downloads. ^{[388] [389] [390]}
• Re-enabled hidden files and volume management. ^[391]
• Whonix Setup Wizard: added instructions on how to change keyboard layout in XFCE. ^[392]
• Added mupdf and Ristretto to non-qubes-whonix-workstation-xfce. ^[393]
• Show the pulseaudio plugin by default. ^[394]
• Increased Whonix-Workstation VRAM in Non-Qubes-Whonix to 2GB to improve performance. ^{[395] [396]}

Security Enhancements[edit]

• Disabled maximizing of the Tor Browser window when moving to the top of the screen. ^{[397] [398]}
• Disabled previews / thumbnails in Thunar for better security. ^[399]

Qubes-Whonix ™[edit]

Bug Fixes[edit]

• Corrected Tor Browser in whonix-ws-14 based VMs sometimes blocking JavaScript on first start. ^{[400] [401] [402]}
• Qubes templates: removed the broken graphical updater (Apper). ^{[403] [404]}
• Resolved the command failure when running qubesctl state.sls qvm.anon-whonix. ^{[405] [406]}
• Added missing Whonix tags anon-vm / anon-gateway to user-created, Whonix-based VMs. ^{[407] [408]}
• Fixed failure of Whonix-Gateway to respond after an update. ^{[409] [410]}
• Corrected an update error caused by an expired release file. ^[411]
• Corrected a false whonixcheck notification about outdated packages after performing an in-place upgrade. ^[412]

Builds[edit]

• Amended builder.conf so template build commands are not ignored. ^[413]
• Deprecated Whonix 13. ^[414]

Code[edit]

• Set $tag:anon-vm $anyvm deny in template-whonix-ws.sls. ^[415]
• Removed the default installation of emacs and vim. ^[416]
• Modified the Spectre / Meltdown check so it only runs in Qubes R4 and above. ^[417]

Security Enhancements[edit]

• Confirmed Qubes-Whonix TemplateMVs cannot upgrade in timesync-fail-closed mode. ^[418]
• Confirmed the efficacy of jitterentropy random number generation in Xen. ^[419]

Footnotes[edit]

---

---

Follow:

Donate:

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee ^[archive] of the Open Invention Network ^[archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian ^[archive]. Debian is a registered trademark ^[archive] owned by Software in the Public Interest, Inc ^[archive].

Whonix ™ is produced independently from the Tor® ^[archive] anonymity software and carries no guarantee from The Tor Project ^[archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.