[liberationtech] Whonix Anonymous Operating System Version 7 Released!

Eugen Leitl eugen at leitl.org
Sat Oct 12 12:16:51 PDT 2013


----- Forwarded message from adrelanos <adrelanos at riseup.net> -----

Date: Sat, 12 Oct 2013 18:53:38 +0000
From: adrelanos <adrelanos at riseup.net>
To: liberationtech <liberationtech at lists.stanford.edu>
Subject: [liberationtech] Whonix Anonymous Operating System Version 7 Released!
Message-ID: <52599AB2.5070305 at riseup.net>
Reply-To: liberationtech <liberationtech at lists.stanford.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Whonix is an operating system focused on anonymity, privacy and
security. It's based on the Tor anonymity network, Debian GNU/Linux
and the principle of security by isolation. DNS leaks are impossible,
and not even malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a
gateway, which we call Whonix-Gateway. The other, which we call
Whonix-Workstation, is on a completely isolated network. Only
connections through Tor are possible.

Download: https://www.whonix.org/wiki/Download

Users of Whonix 0.5.6 and below:

There is no upgrade path from Whonix 0.5.6 to Whonix 7. You have to
manually download new Whonix images.

Call for Help:

If you know shell scripting (/bin/bash) and linux sysadmin, please
join us! There are plenty of ways to make Whonix safer. We are also
looking for an https direct download mirror.

Whonix 7 Changelog:

* Updated Tor to 0.2.4.

* Installed obfs3 by default. (for obfsproxy bridges)

* New Identity button on Tor Browser is now functional thanks to the
Control Port Filter Proxy (#3).

* Tor Browser is now the system default browser (#86). In addition,
when opening a link or an html file it will ask for confirmation to
avoid accidental linking. (configurable)

* Graphical Whonix-Gateway (#26). Optionally, if you reduce
Whonix-Gateway RAM to below 500 MB, let's say to 128 MB, you
automagically end up with the usual non-graphical Whonix-Gateway.
(configurable)

* Whonix now includes an updater. It can not be promised that you will
never have to download a new image for next stable releases, but we
are on that way. Interested testers may have to download images of
testing releases from time to time.

* Tor networking is disabled for the first start of Whonix-Gateway.
The connection wizard (whonixsetup) will automatically start to help
enabling Tor or setting up bridges. This is useful for people using
bridges to connect to the Tor network to hide the fact that they are
using Tor.

* The current Tor Browser Bundle (TBB) Alpha, which will soon become
the new TBB stable, will work out of the box in Whonix, even if you
download and install it manually from torproject.org. This is useful
for the case that the Whonix Tor Browser updater breaks due to changes
on torproject.org. Tor over Tor situation will be automatically
prevented on manual installs.

* Boot Clock Randomization.

* Time Sanity Check.

* Higher console resolution: 1024x768 (without X).

* Disabled the throw-keyids option on gpg.conf due to usability
issues. Enable it manually if you need it.

* Fixed uwt. To do certain tasks such as installing the Adobe Flash
plugin or running update-command-not-found you no longer need to
"chmod -x /usr/local/bin/curl".

* Deactivated the kgpg tray icon by default (#10), not perfect, but
less confusing, since it will now start in foreground by default and
no longer as tray icon (which was automatically and confusingly hidden
by default).

* Downloading Tor Browser and signature from idnxcnkne4qt76tg.onion
instead of torproject.org for better security when run inside Whonix.

* Time Privacy wrapper (optional).

* Enable "apparmor=1 security=apparmor" by default (didn't enable
enforce mode or add any useful profiles yet).

* Manpages for scripts which come with Whonix.

* Flexible modular .d style configuration folders: /etc/whonix.d/,
/etc/whonix_firewall.d/, /etc/controlportfilt.d/.

* Moved blog to wordpress.com, better than sourceforge, because
wordpress.com supports SSL, closed #23.

* Lots of other improvements and bug fixes which can be found under
the git log.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJSWZqwAAoJEJwTGtNxOq7vH9YP/jwBuyMyFZ4hP9AMgPHjMTHG
uxYRy7mHzJIum9goghWrAgYTys3oGyHDSMTuhErcJ+bEV4jb2WAqifUa+iId8rs/
6HeHfssctY7fHoxbaKbapMlCJ6JN0pU23RtsWsZcn5jXaldmtVHMlS4PWMuU56Mh
oSuH2cw6KvsKo/QO3F7xVnYy4VNX28oEeF3dWf4keZN8Sr+Nezlci0nPYYuHCNv/
DUwv1kpSW5B5+Ki5xJW9CgiGeOtw7kwL2w4gbcI7yAywEWytCkVeDHCF/sHdqYf/
PcCpQ23FQmRBB3MKLNF1qr47uj1ninbM+EPLtZQV9vVx3Qpgcv9mnMEV2zu1/geu
ydjXMZv+v3UmFvG//Uttciga7Dk4XXpY8HKglS0YkRY0E7KLOkdRvO2Y2G57EQMC
Pp2UoSWv43gBtoeKNIJXwjrm7UDPvhB6UHavORIB7feeBI4ke0FN6vJ81jpwUvIm
PV2yBXfBguByZvG2oRUbQbgKFcg/OfD+ydOG+SJwcqNops28VjJ7qcgsUFb4vk/m
v83DzogQOB0Wz0iWBlZkBTH8OI7+HebX+ocrLuGQif9z2OHGQ2UzeKgFlg97gj6N
l2rD0JWHbqPhXvLKJIzNZAWN9QAuIo0QCPPcpBWKvlaQTKalxnFsm7Gz4Pg5eSdZ
cgSrquvrMEOLlNGRagZ9
=nyvS
-----END PGP SIGNATURE-----
-- 
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list