Topic: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor (Read 6774 times)

electrum BTC wallet is installed by default nowadays.

Whonix VirtualBox 15.0.1.3.4 - Testers Wanted!

https://forums.whonix.org/t/whonix-virtualbox-15-0-1-3-4-testers-wanted/9496

...which comes with Monero GUI installed by default.

Top project whonix comes with the cubes os which is very nice indeed.
I would recommend the use of Whonix in the cubes environment works very well.

Keep up the good work! 

Thanx

Whonix Virtualbox with XFCE 14.0.0.9.6 Stable Released!

Whonix Virtualbox with CLI 14.0.0.9.6 Stable Released!

Whonix for VirtualBox with XFCE Desktop Environment 14.0.0.9.4 - Testers Wanted!

Can I combine Whonix-Gateway CLI with Whonix-Workstation XFCE? Yes!

Whonix for VirtualBox with CLI - Command Line Interface 14.0.0.9.4 - No graphical user interface. (No GUI) - Headless - Testers Wanted!

https://forums.whonix.org/t/whonix-for-virtualbox-with-cli-command-line-interface-14-0-0-9-4-no-graphical-user-interface-no-gui-headless-testers-wanted/6313

Whonix XFCE coming to light

https://forums.whonix.org/t/whonix-xfce-development/6213

Hardened Debian - Security Focused Linux Distribution based on Debian - In Development - Feedback Wanted!

https://forums.whonix.org/t/hardened-debian-security-focused-linux-distribution-based-on-debian-in-development-feedback-wanted/5943

We got the great news, Whonix 14 stable is out and hot:

https://forums.whonix.org/t/whonix-14-has-been-released/5404

That is a rather difficult ongoing development discussion, see:
https://phabricator.whonix.org/T215

I love this project idea.  I have run Whonix and find its pretty user friendly.  One note would be to consider over time:  many BTC users are buying hardware wallets and pairing them with a good software setup.  By preventing private keys from ever touching a computer it affords maximum protection.  Accommodating hardware wallets would encourage more participation.  Just pointing out the "end game".


Any more thoughts on integrating Electrum as mentioned early in this thread?

Our new website is online:
https://www.whonix.org

Logo V1



Logo V2



Emblema


more on my designblog http://jantenner81.wordpress.com

Can do it, why not. (Not a must, only if you like of course.)

hey adrelanos,

should i post the new logo here then too? Or do you want to do this?!

Yes, that needs update/rewrite.


Does FreeBSD have a secure package manager?

Does it defend this (w)?

Does it cover the TUF threat model (w)?

Can every user download from an already existing '''signed''' repository or is it required to run an own repository?

Not sure how rsync helps? Its just a great tool to conveniently sync files, but doesn't help with verification, unless download over ssh.

AFS: Any link to information how to use it?

Who signs packages? Must mirrors be trusted or do signatures come from OpenBSD?


Yes.

user <-> user ISP <-> internet <-> OpenBSD ISP <-> OpenBSD server
       MITM less likely for this route |  no help for this route

http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data


You might find some of the information above relevant ...

My 10cents for offtopic,

Read you FAQ

https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21


Why don't you take a FreeBSD? There is a complete modern MAC.


It is not a Linux zoo, you right. It is secure focused OS.



OpenBSD produce OpenSSH, there is rsync gateway for download packages, also there is AFS(Andrew File System) with alot of mirrors of OpenBSD repositories.



You develop over TOR, Do you know how it can help you browse OpenBSD's website? You still worry about the middle?



Let me tell you once again, look at AFS( Andrew File System ).

Anyway, Linux - is a great choose, too. Good luck you with your job!

The second part of my answer was supposed to answer that.

What if you are not under active surveillance? I want to avoid passive data collection.

The second part of my answer was supposed to answer that.

Does this protect you against the nsa

cool idea. will give it a try  +1

@adrelanos: you got PM

True. 01BTC10 said it already. This is only an issue in public networks, i.e. WiFi hotspots.

I don't understand how the ISP could record your MAC address unless they have access to your router. MAC address is only needed on LAN and is not broadcast to the WAN.

Of the connecting device running WHONIX. It is a known vulnerability of Tor routing that many (all?) ISPs record MAC addresses. So that when you connect without WHONIX the MAC address will be the same as when connecting with WHONIX, unless it spoofs the MAC address on the network connection.


Yeah, I bet there is ... the ISPs are selling their customers out by not keeping private data private. These are not new problems.

(is there a typo in the thread subject? makes me think of )

From whom?

Applications usually don't send the MAC address to anyone else and malicious applications inside a Whonix-Workstation VM could only send a virtual MAC address (which isn't your real one) to someone.

In home networks, there is no reason to change it, since its never send to the ISP.

In public networks it gets really difficult. Just using a random MAC address isn't sane. It depends on threat models, what is best.

There is a whole documentation chapter about that topic: See:
https://whonix.org/wiki/Pre_Install_Advice#MAC_Address

And to find out how difficult it was to solve the controversy of MAC addresses in public networks, see:
https://whonix.org/wiki/Dev/MAC

At the moment no one knows the answers, its only clear, that it's not as simple as "use a random MAC".

Does it spoof MAC address?

Our new website is online!
https://whonix.org

We are also looking for developers to make Whonix even better!
https://whonix.org/w/images/a/a3/Whonix-ad.png

I don't see it as hijacking.

By the way, there is a statement about OpenBSD:
https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21

Yes. You can do that with Whonix already. It is recommend on the Security page. Please see:
https://whonix.org/wiki/Physical_Isolation

Yes, this has been extensively compared.

https://whonix.org/wiki/Comparison_with_Others

Feel free to ask if there are still questions open.

Cool, I will give it a try. Do you know how it compare to TAILS ?

Introduction:

https://whonix.org/w/images/9/90/Whonix.jpg

The official Bitcoin-qt client works, thanks to the Transparent Proxy feature, very well in Whonix out of the box. Connections to normal and hidden servers work. Setting up a hidden Bitcoin server should also work, since Whonix supports everything Tor support and more, just with stronger guarantees of hiding IP/location. The usual IP/DNS leak issues vanish.

This topic is supposed to find and solve any Tor/anonymity related problems with respect to Bitcoin. I am also probing for general interest in this project.

The offical Bitcoin-qt client is unfortunately not yet included into Whonix by default, because Bitcoin-qt didn't make it into Wheezy. It has to be installed manually (works well). I am also open for other clients.

Another advantage is, that any Bitcoin client, no matter if it has proxy settings or not, can be used safely over Tor. I am currently looking at and into electrum.

Whatever you wanted to do over Tor, it likely works well and safely in Whonix. Of course it inherits all weaknesses of Tor (exit node sniffing...), but it makes it much harder to misconfigure something on your side.

Please give me feedback about Whonix and free your mind about a future Bitcoin integration.

Homepage with documentation:
https://www.whonix.org

Screenshots:
https://whonix.org/wiki/Screenshots

Announcement:
https://lists.torproject.org/pipermail/tor-talk/2012-October/025921.html

Connectivity is very good. Hidden services can be connected without proxy settings, without torsocks etc.