/netplus/ - Networks and Plus

I presume this board is partly made to help retarded faggots like me. If I used Whonix on a computer while using another computer with chrome and shit on the same network, would I be screwing myself over?

>>16

>>16

Not at all, that's absolutely fine.

The only consideration is the host machine itself. Whonix is a combination of two virtual machines that are run on Virtualbox which is available for GNU/Linux, windows mac and *BSD. The host machine on which you run a virtual machine has complete control over those virtual machines, so if you where to run whonix on a windows host that was vulnerable/infected in some way then you run the risk that the virtual machines that run on top of it, in this case whonix, are compromised.

Whonix itself runs in a 'virtual network' that is not reachable by other computers on the same network as the host, unless you go out of your way to set that up.

My advice to you would be that if you are concerned about a adversary who is highly advanced, determined and specifically targeting you then make sure that your host machine is very secure. If you want to setup a dedicated whonix machine, then Triquel GNU/linux then run whonix on Virtualbox as normal is fine.

>>16

Don't use Chrome.

>>12

>Whonix forces ALL your traffic over the tor network

So how is different from Tails?

>>21

*it

>>21

>>21

Tails and whonix have different goals and use cases. Tails focuses on being an 'amnesic' 'live environment', that is it runs completely in memory with the goal being to 'leave no trace'. Whonix on the other had is intended as a persistent operating system more suitable for everyday use.

The big security design advantage of Whonix over tails is that it separates the tor program itself and the browser and other applications into separate virtual machines, the benefit of this is that if your workstation machine becomes compromised, say by malware or a browser exploit, even if they gain root access to the workstation they have no control over the tor program running on the other machine and the virtual network that the machines run in ensure that the only way out is still though tor. This assumes of course that they can not break out of the virtual machine, something that is not inconceivable.

I would recommend whonix for the everyday user running in a trusted environment (perhaps running on a encrypted host) and tails for running in a temporary, hostile environment like a computer café or someone else's machine.

Hi guys,

I have some questions to ask.

1. Why is it called Whonix?

2. How long does it usually take for the Whonix team to update Whonix with the latest version of Tor, once it's been released?

3. Are there any significant differences/modifications/shortcomings in between the Tor Browser Bundle, and the browser in Whonix?

4. If I only use the Tor Browser Bundle running inside Sandboxie on a Windows machine, and I don't want or need to use the Tor network with any other programs, are there any real benefits to using Whonix instead?

5. Do any of you recommend not to use Whonix on a Windows Machine? If so, are the hazards/vulnerabilities very minimal and circumstantial, or are they quite significant?

Any help would be very much appreciated. Thank you.

>>47

Also, sorry I forgot but I had one last question:

6. Is it possible to directly download and save files to an external drive via Whonix, and if so, does this temporarily compromise the security of the workstation (malware trying to get out into the host etc.) at the moment Whonix is allowing files to transfer to the host system?

>>47

>>48

1. huh, no idea, never thought about it

2. it uses the official tor project repository

3. minor tweaks to make it work with the whonix router, when running the update script for it it gives you the options of choosing the alpha versions but advises against it

4. i am not familiar with 'sandboxie' so i will not comment on it. if you are only looking to use a web browser and are not concerned about possible browser exploits or malware that might reveal your location then running tor browser bundle alone may be all your require/want

5. Microsoft Windows is non-free, closed source software, so it's impossible to me to make any comment one way or the other regarding it's overall security or lack thereof. For this reason i recommend against it.

6. Virtualbox has a feature for passing USB devices though to a guest machine.. see https://www.whonix.org/wiki/File_Transfer#Adding_USB_device_to_VirtualBox for the advise

Is whonix the best in it's class? what are it's main competetors? and is it going to get some updates or improvements soon to make it more user friendly, intuitive UI?

>>54

check out

https://www.whonix.org/wiki/Comparison_with_Others

>>21

Whonix has stronger isolation, and apart from theoretically stronger security, it allows you to run your own programs and configuration without fear of leaking an IP, and even run programs that don't understand proxies.

Tail's applications are individually configured to access Tor and non-Tor traffic is blocked by firewall. It'ss more restrictive and apps need more configuration, so the practical disadvantage is it's harder to run your own apps, though not impossible.

>>47

4. TBB + Sandboxie is similar to running TBB + AppArmor in Linux. Tails runs TBB + AppArmor. But in addition it runs a firewall and some other precautions. Now, Whonix is a stronger model than Tails. So you gain theoretical security against browser compromise. The only thing Sandboxie might do that Whonix doesn't (last I checked) is prevent the browser from saving to persistence.

>>57

But I have to point out that Sandboxie isn't very comparable to what Whonix does on its own. It's really more like AppArmor with a tweaked profile. I think you can install AppArmor in Whonix or maybe it's already there in newer versions, I haven't checked 10 yet.

Is it entirely likely that Windows 8 or Windows 10 has/will have an auto-detection feature to know when someone has installed Whonix, or the Tor Browser Bundle? Thus dropping a hint to the NSA or whoever else is concerned, putting you on a list for investigation via back door?

Also, what is the number one OS that you guys recommend to use with Whonix? And if it's Linux, what version of it?

>>59

Windows is closed source so can so say anything for sure but i would say it's pretty unlikely. They can identify people using tor simply by monitoring the directory servers, which they do. see http://www.linuxjournal.com/content/nsa-linux-journal-extremist-forum-and-its-readers-get-flagged-extra-surveillance

http://www.theregister.co.uk/2014/07/03/nsa_xkeyscore_stasi_scandal/

So I want a secure system from which I can browse the Internet in peace.

My idea is to use Alpine Linux as a Xen dom0, then run Whonix for Tor and probably something like Trisquel for i2p, Retroshare etc. Alpine Linux seems to make sense in that you get a lightweight host with a grsecurity patched kernel. A hosted Windows7 with PCI-passthrough for a GPU should also be possible.

The hardware should probably be AMD, seeing as they are more liberal with hardware virtualization features and seem less integrated in the NSA programs. AMD GPUs also work pretty well with FOSS drivers these days (this is from personal experience).

Anything I'm missing? Anyone doing or planning on doing anything similar?

>>70

maybe you would be interested in qubes OS

https://www.qubes-os.org/

https://www.whonix.org/wiki/Qubes

similar sort of idea, it's on my list of things to try out when I get around to it

>>74

I can't seem to find out if Qubes uses a hardened kernel or not, or if the network bridge is hardened.

It seems like an easy approach though.

>>47

>1. Why is it called Whonix?

Whonix? Eunuchs!

Hi guys,

Just wondering if it's possible/viable to run a Linux OS inside of a Virtual box/machine on a Windows PC, and then run Whonix inside another Virtual box/machine inside the other Linux OS that would be running inside the Virtual box/machine on the Windows PC?

Not sure if that made sense, but this is basically the flow of what I mean:

Windows > Virtual box/machine > Linux OS > Virtual box/machine > Whonix

Basically I'm trying to safely run Whonix in Windows, i.e. have my cake and eat it too.

Cheers for any help.

>>94

Oh wait, is the like 'Linux, Whonix?' Linux + Who = Whonux, but sounding right it's Whonix? Like as in Linux where you don't know who the user is, so it's Whonix?

>>144

That's would not help anything even if you got it to work. Just run Whonix in virtualbox on windows if you are really determined to run windows as you host.

I once read an interesting quote: "If something is for free, then you are the product". So my question is, what is the incentive for the Whonix development team?

>>148

Whonix is a free (as in freedom) software project based on other free software projects (eg. debian GNU/Linux, tor), developed by a community of people who use their time to produce something for themselves, each other and the world in general.

You are welcome to review, modify, redistribute all of the source code of Whonix and the projects it's based on/included with.

Learn more about free software here

https://www.fsf.org/about/what-is-free-software

Can someone explain to me AppArmour and is it necessary if I only use the browser and gpg(email)?

>>158

>>158

AppArmor is a kernel module that allows you to create permission profiles for specific applications to restrict/allow access to different parts of your system, similar to SELinux.

see

https://en.wikipedia.org/wiki/AppArmor

http://wiki.apparmor.net/index.php/Main_Page

here is an example of an Apparmor profile

https://github.com/Whonix/apparmor-profile-torbrowser/blob/master/etc/apparmor.d/home.*.tor-browser_*.Browser.firefox

For info about AppArmor in Whonix and to install profiles see

https://www.whonix.org/blog/apparmor-and-whonix

https://www.whonix.org/wiki/AppArmor

>and is it necessary

depends entirely on your level of tin foil. if you have no experience with it and do desire to learn about it then there is a good change it will end in frustration, if you are really deadly serious about separating you mail client from your web browser then simply running two separate Whonix workstations will give you greater protection in any case.

>>17

>if you where to run whonix on a windows host that was vulnerable/infected in some way then you run the risk that the virtual machines that run on top of it, in this case whonix, are compromised.

Wouldn't this only be in the extremely rare event that you had malware/viruses that were specifically designed to target the virtual machine, and then Whonix, in a way that ruin's your anonymity/security?

>>163

pretty much. it may not be as far fetched as you may think though.

https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/crisis_the_advanced_malware.pdf

>>164

Interesting. So the advanced malware like the "Crisis" malware mentioned in the article there, only be interested in keylogging etc for the purposes of stealing credit card info and accounts?

Also, wouldn't it be fair to assume that if you had such malware/viruses/spyware on your Windows PC capable of breaking your anonymity etc, you would need to already be under some kind of back door attack from an adversary?

>>165

>only be interested in keylogging etc for the purposes of stealing credit card info and accounts?

in that particular case symantec more or less points to a state actor/s.

from that document

"Finally, it is worth considering whether the author of the Crisis malware program was responsible for releasing

the threat into the wild. Some security product vendors and researchers believe that a group in Italy constructed

the Crisis malware as a product to sell to law enforcement agencies. In fact, several of the functions of the Crisis

malware, such as recording sounds and stealing address book information, are suitable for private investigations

or espionage. The brochure on the group’s website and the functionality of the Crisis malware are indeed quite

similar. However, this does not necessarily prove who was responsible for creating Crisis"

>Also, wouldn't it be fair to assume that if you had such malware/viruses/spyware on your Windows PC capable of breaking your anonymity etc, you would need to already be under some kind of back door attack from an adversary?

as with all things security you have to consider who you are, what you are trying to hide, from whom you are trying to hide it from, what their goals are and how far they are willing/capable of going.

it's not imposable that malware targeting whonix VMs on a mass scale exists, however probably more likely that malware targeting whonix exists for targeted use. if you are some average guy who just wants a little privacy and maybe even to buy a little weed online maybe don't worry so much, if you are a important political figure or someone who is running a drug market however, well maybe you should be a little more concerned.

>>166

>it's not imposable that malware targeting whonix VMs on a mass scale exists, however probably more likely that malware targeting whonix exists for targeted use.

Very interesting. It seems to be a bit of a 'chicken and the egg' situation here I think.

Perhaps rather than this kind of malware/spyware like Crisis being randomly distributed to everyone in the world who may have Whonix installed on their Windows PC, or just PC in the world, there could instead be a feature in built into Windows that is routinely updated, which detects when you are using two VMs simultaneously (for Whonix) and possibly detecting other signifiers of Whonix use. This would then prompt an agency to distribute the malware via backdoor to your PC. If they have any idea as city/state location, then process of elimination would aid them further. I mean if I can think of it, then surely they would have thought of it many times over, especially since Microsoft is in co-operation with NSA etc.

I have read that even Linux OS custodians/administrators have been approached, and had pressure applied to allow some kind of back door. Perhaps it's only a matter of time for this.

All in all though, as I said, it's probably a bit of a 'chicken and egg' situation, so if they have nothing on you apart from the fact that you're showing signs of Whonix use, there's still your safety in numbers.

I'm only speculating though, and your input would be very much appreciated. Cheers.

Hi there, is it possible to run a VPN in the Whonix gateway, or to run the Whonix gateway's connection to the internet through a VPN that's running on the host machine? Thanks.

Literally Whonix?

>173

Search ivpn website security section for help.

>186

Https://ivpn.net/privacy/privacy_guides

>>173

Using windows

Run in a browser ip-check.info

Run openvpn as admin. and start vpn

Go to step 1

Make sure u visit dnsleaktest.com

Start whonix gateway

Wait until time sync started before u start 'workstation'

Step 1 again

>>195

>using windows

why? what about a linux distro?

>>327

still trying to figure out what distro go use.

Considering alpine at the moment.

Is it possible to install kernel 4.2 in Qubes OS? I can't start or configure X because kernel is missing amdgpu driver (GPU is R9 285). X -configure just says "Number of created screens does not match number of detected devices. Configuration failed.". Qubes Live USB boots but after Fedora's blue loading bar there is just blinking _ on top of the screen. Ctrl-Alt-F2 gives console access though so I think it's just X start failure.

Should configure a VPN through the workstation or on the host?

Which is easiest?