Pages:
Author

Topic: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor (Read 6774 times)

newbie
Activity: 33
Merit: 0
electrum BTC wallet is installed by default nowadays.

Whonix VirtualBox 15.0.1.3.4 - Testers Wanted!

https://forums.whonix.org/t/whonix-virtualbox-15-0-1-3-4-testers-wanted/9496

...which comes with Monero GUI installed by default.
hero member
Activity: 1220
Merit: 612
OGRaccoon
Top project whonix comes with the cubes os which is very nice indeed.
I would recommend the use of Whonix in the cubes environment works very well.

Keep up the good work! 
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
newbie
Activity: 33
Merit: 0
Whonix for VirtualBox with CLI - Command Line Interface 14.0.0.9.4 - No graphical user interface. (No GUI) - Headless - Testers Wanted!

https://forums.whonix.org/t/whonix-for-virtualbox-with-cli-command-line-interface-14-0-0-9-4-no-graphical-user-interface-no-gui-headless-testers-wanted/6313
newbie
Activity: 33
Merit: 0
newbie
Activity: 33
Merit: 0
newbie
Activity: 33
Merit: 0
Any more thoughts on integrating Electrum as mentioned early in this thread?
That is a rather difficult ongoing development discussion, see:
https://phabricator.whonix.org/T215
hero member
Activity: 761
Merit: 606
I love this project idea.  I have run Whonix and find its pretty user friendly.  One note would be to consider over time:  many BTC users are buying hardware wallets and pairing them with a good software setup.  By preventing private keys from ever touching a computer it affords maximum protection.  Accommodating hardware wallets would encourage more participation.  Just pointing out the "end game".


Any more thoughts on integrating Electrum as mentioned early in this thread?
newbie
Activity: 33
Merit: 0
full member
Activity: 228
Merit: 100
CIYAM - UI/UX design
newbie
Activity: 33
Merit: 0
Can do it, why not. (Not a must, only if you like of course.)
full member
Activity: 228
Merit: 100
CIYAM - UI/UX design
hey adrelanos,

should i post the new logo here then too? Or do you want to do this?!
newbie
Activity: 33
Merit: 0
Yes, that needs update/rewrite.

Quote
Quote
There doesn't seem to be a modern MAC, instead there's systrace which has been criticized for having fundamental security problems (this may or may not have changed since then)

Why don't you take a FreeBSD? There is a complete modern MAC.

Does FreeBSD have a secure package manager?

Does it defend this (w)?

Does it cover the TUF threat model (w)?

Can every user download from an already existing '''signed''' repository or is it required to run an own repository?

Quote
Quote
OpenBSD's target audience aren't end users, that's why they don't care to provide signed updates for the masses, see How to check downloaded package on OpenBSD 5.1?.

OpenBSD produce OpenSSH, there is rsync gateway for download packages, also there is AFS(Andrew File System) with alot of mirrors of OpenBSD repositories.
Not sure how rsync helps? Its just a great tool to conveniently sync files, but doesn't help with verification, unless download over ssh.

AFS: Any link to information how to use it?

Who signs packages? Must mirrors be trusted or do signatures come from OpenBSD?

Quote
Quote
OpenBSD's website isn't reachable over SSL or as a Tor hidden service. How are users supposed to securely view the OpenBSD site and not learn things set up by a man-in-the-middle?

You develop over TOR, Do you know how it can help you browse OpenBSD's website? You still worry about the middle?

Yes.

user <-> user ISP <-> internet <-> OpenBSD ISP <-> OpenBSD server
       MITM less likely for this route |  no help for this route



legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

Quote
the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet".

You might find some of the information above relevant ...
newbie
Activity: 10
Merit: 0
My 10cents for offtopic,

Read you FAQ

https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21

Quote
There doesn't seem to be a modern MAC, instead there's systrace which has been criticized for having fundamental security problems (this may or may not have changed since then)

Why don't you take a FreeBSD? There is a complete modern MAC.


Quote
OpenBSD is also a very small OS (small TCB),
It is not a Linux zoo, you right. It is secure focused OS.


Quote
OpenBSD's target audience aren't end users, that's why they don't care to provide signed updates for the masses, see How to check downloaded package on OpenBSD 5.1?.

OpenBSD produce OpenSSH, there is rsync gateway for download packages, also there is AFS(Andrew File System) with alot of mirrors of OpenBSD repositories.


Quote
OpenBSD's website isn't reachable over SSL or as a Tor hidden service. How are users supposed to securely view the OpenBSD site and not learn things set up by a man-in-the-middle?

You develop over TOR, Do you know how it can help you browse OpenBSD's website? You still worry about the middle?


Quote
"buy the CDs"

Let me tell you once again, look at AFS( Andrew File System ).

Anyway, Linux - is a great choose, too. Good luck you with your job!
newbie
Activity: 33
Merit: 0
What if you are not under active surveillance? I want to avoid passive data collection.

The second part of my answer was supposed to answer that.

Quote
For the other cases, that depends if Tor does protect from nsa. The answer to that is not really clear:
https://lists.torproject.org/pipermail/tor-talk/2013-July/029014.html

And even if Tor was a whole lot better, you can never prove a negative. So I am hesitate with any broad claims and would be skeptical if some other project claimed that.

Also Whonix does not make such broad claims. For an related statement about three letter agencies, also see:
https://whonix.org/wiki/Dev/Technical_Introduction#With_more_technical_terms
newbie
Activity: 16
Merit: 0
What if you are not under active surveillance? I want to avoid passive data collection.
Pages:
Jump to: