Title: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on October 20, 2012, 03:14:18 AM Introduction:
Quote Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. https://whonix.org/w/images/9/90/Whonix.jpg The official Bitcoin-qt client works, thanks to the Transparent Proxy feature, very well in Whonix out of the box. Connections to normal and hidden servers work. Setting up a hidden Bitcoin server should also work, since Whonix supports everything Tor support and more, just with stronger guarantees of hiding IP/location. The usual IP/DNS leak issues vanish. This topic is supposed to find and solve any Tor/anonymity related problems with respect to Bitcoin. I am also probing for general interest in this project. The offical Bitcoin-qt client is unfortunately not yet included into Whonix by default, because Bitcoin-qt didn't make it into Wheezy. It has to be installed manually (works well). I am also open for other clients. Another advantage is, that any Bitcoin client, no matter if it has proxy settings or not, can be used safely over Tor. I am currently looking at and into electrum. Whatever you wanted to do over Tor, it likely works well and safely in Whonix. Of course it inherits all weaknesses of Tor (exit node sniffing...), but it makes it much harder to misconfigure something on your side. Please give me feedback about Whonix and free your mind about a future Bitcoin integration. Homepage with documentation: https://www.whonix.org Screenshots: https://whonix.org/wiki/Screenshots Announcement: https://lists.torproject.org/pipermail/tor-talk/2012-October/025921.html Connectivity is very good. Hidden services can be connected without proxy settings, without torsocks etc. Code: ~ $ nslookup idnxcnkne4qt76tg.onion Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: gusti on October 20, 2012, 03:22:00 AM Cool, I will give it a try. Do you know how it compare to TAILS ?
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: adrelanos on October 20, 2012, 10:26:46 PM Cool, I will give it a try. Do you know how it compare to TAILS ? Yes, this has been extensively compared.https://whonix.org/wiki/Comparison_with_Others Feel free to ask if there are still questions open. Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: adrelanos on October 21, 2012, 09:44:40 AM Sorry to hijack, I don't see it as hijacking. but OpenBSD and FreeBSD developers disagree, they claim virtualbox or hypervisor is just bugs on top of an already buggy arch and the idea that they can't break out from their weak software isolation is ideology not computer science. Look up virtualization on both mailing lists for more info, esp Theo De Raadts comments: By the way, there is a statement about OpenBSD:https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21 Quote from: Theo De Raadt x86 virtualization is about basically placing another nearly full BSD has different goals. My impression is they lack the goal to bring more security to the masses.kernel, full of new bugs, on top of a nasty x86 architecture which barely has correct page protection. Then running your operating system on the other side of this brand new pile of shit. You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes. You've seen something on the shelf, and it has all sorts of pretty colours, and you've bought it. That's all x86 virtualization is. This massive move towards VM use is a worrying trend and I am scared of the side effects we will face from so many people (essentially) choosing to run 2-3 operating systems instead of 1 ... and doing this when their guest choice is 'OpenBSD for security'. I really wonder how people arrive at such a position... without logic or technological understanding, I suppose. https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21 The Virtual Box concern is very valid. I added a new FAQ entry for it: https://whonix.org/wiki/FAQ#Isn.27t_Virtual_Box_an_insecure_choice.3F Feel free to further comment on it. Wouldn't it be better to run an actual firewall, and dmz with your tor server in it then proxy all your communications through it with pf rules? This can be accomplished with tiny boxes, old servers and even a couple of $200 laptops instead of virtualization. Yes. You can do that with Whonix already. It is recommend on the Security page. Please see:https://whonix.org/wiki/Physical_Isolation Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: adrelanos on July 17, 2013, 10:02:20 PM Our new website is online!
https://whonix.org We are also looking for developers to make Whonix even better! https://whonix.org/w/images/a/a3/Whonix-ad.png Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: marcus_of_augustus on July 18, 2013, 11:37:01 AM Does it spoof MAC address?
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: adrelanos on July 19, 2013, 05:32:50 PM Does it spoof MAC address? From whom?Applications usually don't send the MAC address to anyone else and malicious applications inside a Whonix-Workstation VM could only send a virtual MAC address (which isn't your real one) to someone. In home networks, there is no reason to change it, since its never send to the ISP. In public networks it gets really difficult. Just using a random MAC address isn't sane. It depends on threat models, what is best. There is a whole documentation chapter about that topic: See: https://whonix.org/wiki/Pre_Install_Advice#MAC_Address And to find out how difficult it was to solve the controversy of MAC addresses in public networks, see: https://whonix.org/wiki/Dev/MAC At the moment no one knows the answers, its only clear, that it's not as simple as "use a random MAC". Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: threeip on July 19, 2013, 05:41:38 PM (is there a typo in the thread subject? makes me think of http://files.gamebanana.com/img/ico/sprays/snake_2.png)
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoil client/server over Tor Post by: marcus_of_augustus on July 20, 2013, 01:50:31 AM Of the connecting device running WHONIX. It is a known vulnerability of Tor routing that many (all?) ISPs record MAC addresses. So that when you connect without WHONIX the MAC address will be the same as when connecting with WHONIX, unless it spoofs the MAC address on the network connection. Quote In home networks, there is no reason to change it, since its never send to the ISP. In public networks it gets really difficult. Just using a random MAC address isn't sane. It depends on threat models, what is best. There is a whole documentation chapter about that topic: See: https://whonix.org/wiki/Pre_Install_Advice#MAC_Address And to find out how difficult it was to solve the controversy of MAC addresses in public networks, see: https://whonix.org/wiki/Dev/MAC At the moment no one knows the answers, its only clear, that it's not as simple as "use a random MAC". Yeah, I bet there is ... the ISPs are selling their customers out by not keeping private data private. These are not new problems. Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: 01BTC10 on July 20, 2013, 01:59:10 AM I don't understand how the ISP could record your MAC address unless they have access to your router. MAC address is only needed on LAN and is not broadcast to the WAN.
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on July 22, 2013, 12:11:38 PM True. 01BTC10 said it already. This is only an issue in public networks, i.e. WiFi hotspots.
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: jantenner81 on July 24, 2013, 07:16:04 AM cool idea. will give it a try +1
@adrelanos: you got PM Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: pcpro101 on July 24, 2013, 09:57:37 AM Does this protect you against the nsa
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on July 24, 2013, 12:01:50 PM What if you are not under active surveillance? I want to avoid passive data collection. The second part of my answer was supposed to answer that. Quote For the other cases, that depends if Tor does protect from nsa. The answer to that is not really clear: https://lists.torproject.org/pipermail/tor-talk/2013-July/029014.html And even if Tor was a whole lot better, you can never prove a negative. So I am hesitate with any broad claims and would be skeptical if some other project claimed that. Also Whonix does not make such broad claims. For an related statement about three letter agencies, also see: https://whonix.org/wiki/Dev/Technical_Introduction#With_more_technical_terms Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: pcpro101 on July 24, 2013, 12:41:48 PM What if you are not under active surveillance? I want to avoid passive data collection.
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on July 25, 2013, 04:49:06 PM What if you are not under active surveillance? I want to avoid passive data collection. The second part of my answer was supposed to answer that. Quote For the other cases, that depends if Tor does protect from nsa. The answer to that is not really clear: https://lists.torproject.org/pipermail/tor-talk/2013-July/029014.html And even if Tor was a whole lot better, you can never prove a negative. So I am hesitate with any broad claims and would be skeptical if some other project claimed that. Also Whonix does not make such broad claims. For an related statement about three letter agencies, also see: https://whonix.org/wiki/Dev/Technical_Introduction#With_more_technical_terms Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: an0nymous on August 01, 2013, 05:55:53 PM My 10cents for offtopic,
Read you FAQ https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21 Quote There doesn't seem to be a modern MAC, instead there's systrace which has been criticized for having fundamental security problems (this may or may not have changed since then) Why don't you take a FreeBSD? There is a complete modern MAC. Quote OpenBSD is also a very small OS (small TCB), It is not a Linux zoo, you right. It is secure focused OS.Quote OpenBSD's target audience aren't end users, that's why they don't care to provide signed updates for the masses, see How to check downloaded package on OpenBSD 5.1?. OpenBSD produce OpenSSH, there is rsync gateway for download packages, also there is AFS(Andrew File System) with alot of mirrors of OpenBSD repositories. Quote OpenBSD's website isn't reachable over SSL or as a Tor hidden service. How are users supposed to securely view the OpenBSD site and not learn things set up by a man-in-the-middle? You develop over TOR, Do you know how it can help you browse OpenBSD's website? You still worry about the middle? Quote "buy the CDs" Let me tell you once again, look at AFS( Andrew File System ). Anyway, Linux - is a great choose, too. Good luck you with your job! Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: marcus_of_augustus on August 02, 2013, 12:21:53 AM http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data (http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data)
Quote the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet". You might find some of the information above relevant ... Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on August 05, 2013, 10:48:14 PM My 10cents for offtopic, Yes, that needs update/rewrite.Read you FAQ https://whonix.org/wiki/FAQ#Why_aren.27t_you_using_OpenBSD.2C_it.27s_the_most_secure_OS_ever.21.21.211.21 Quote Quote There doesn't seem to be a modern MAC, instead there's systrace which has been criticized for having fundamental security problems (this may or may not have changed since then) Why don't you take a FreeBSD? There is a complete modern MAC. Does FreeBSD have a secure package manager? Does it defend this (https://www.cs.arizona.edu/stork/packagemanagersecurity/) (w (http://www.webcitation.org/6Ev4smCoD))? Does it cover the TUF threat model (https://www.updateframework.com/wiki/Docs/Security) (w (http://www.webcitation.org/6Ev4owhEP))? Can every user download from an already existing '''signed''' repository or is it required to run an own repository? Quote Quote OpenBSD's target audience aren't end users, that's why they don't care to provide signed updates for the masses, see How to check downloaded package on OpenBSD 5.1?. OpenBSD produce OpenSSH, there is rsync gateway for download packages, also there is AFS(Andrew File System) with alot of mirrors of OpenBSD repositories. AFS: Any link to information how to use it? Who signs packages? Must mirrors be trusted or do signatures come from OpenBSD? Quote Quote OpenBSD's website isn't reachable over SSL or as a Tor hidden service. How are users supposed to securely view the OpenBSD site and not learn things set up by a man-in-the-middle? You develop over TOR, Do you know how it can help you browse OpenBSD's website? You still worry about the middle? Yes. user <-> user ISP <-> internet <-> OpenBSD ISP <-> OpenBSD server MITM less likely for this route | no help for this route Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: jantenner81 on August 06, 2013, 06:27:52 PM hey adrelanos,
should i post the new logo here then too? Or do you want to do this?! Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on August 06, 2013, 09:17:15 PM Can do it, why not. (Not a must, only if you like of course.)
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: jantenner81 on August 07, 2013, 08:40:47 AM Logo V1 http://jantenner81.files.wordpress.com/2013/08/logo1.png Logo V2 http://jantenner81.files.wordpress.com/2013/08/logo2.png Emblema http://jantenner81.files.wordpress.com/2013/08/emblem.png more on my designblog http://jantenner81.wordpress.com (http://jantenner81.wordpress.com) Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on October 26, 2016, 09:56:00 PM Our new website is online:
https://www.whonix.org Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: Coin-Keeper on October 26, 2016, 10:13:09 PM I love this project idea. I have run Whonix and find its pretty user friendly. One note would be to consider over time: many BTC users are buying hardware wallets and pairing them with a good software setup. By preventing private keys from ever touching a computer it affords maximum protection. Accommodating hardware wallets would encourage more participation. Just pointing out the "end game".
Any more thoughts on integrating Electrum as mentioned early in this thread? Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on November 20, 2016, 11:31:29 PM Any more thoughts on integrating Electrum as mentioned early in this thread? That is a rather difficult ongoing development discussion, see:https://phabricator.whonix.org/T215 Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on September 10, 2018, 07:04:40 PM We got the great news, Whonix 14 stable is out and hot:
https://forums.whonix.org/t/whonix-14-has-been-released/5404 Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on September 18, 2018, 07:30:09 PM Hardened Debian - Security Focused Linux Distribution based on Debian - In Development - Feedback Wanted!
https://forums.whonix.org/t/hardened-debian-security-focused-linux-distribution-based-on-debian-in-development-feedback-wanted/5943 Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on October 27, 2018, 01:29:52 PM Whonix XFCE coming to light
https://forums.whonix.org/t/whonix-xfce-development/6213 Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on November 15, 2018, 07:47:53 AM Whonix for VirtualBox with CLI - Command Line Interface 14.0.0.9.4 - No graphical user interface. (No GUI) - Headless - Testers Wanted!
https://forums.whonix.org/t/whonix-for-virtualbox-with-cli-command-line-interface-14-0-0-9-4-no-graphical-user-interface-no-gui-headless-testers-wanted/6313 Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on November 16, 2018, 07:51:36 AM Whonix for VirtualBox with XFCE Desktop Environment 14.0.0.9.4 - Testers Wanted! (https://forums.whonix.org/t/whonix-for-virtualbox-with-xfce-desktop-environment-14-0-0-9-4-testers-wanted/6314)
Can I combine Whonix-Gateway CLI with Whonix-Workstation XFCE? Yes! (https://forums.whonix.org/t/can-i-combine-whonix-gateway-cli-with-whonix-workstation-xfce-yes/6308) Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on November 23, 2018, 11:22:19 AM Whonix Virtualbox with XFCE 14.0.0.9.6 Stable Released! (https://www.whonix.org/wiki/VirtualBox)
Whonix Virtualbox with CLI 14.0.0.9.6 Stable Released! (https://www.whonix.org/wiki/VirtualBox) Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: marcus_of_augustus on May 10, 2019, 02:42:22 AM Thanx
Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: DaCryptoRaccoon on May 10, 2019, 12:53:29 PM Top project whonix comes with the cubes os which is very nice indeed.
I would recommend the use of Whonix in the cubes environment works very well. Keep up the good work! Title: Re: Whonix Anonymous Operating System, anything, any Bitcoin client/server over Tor Post by: adrelanos on May 07, 2020, 03:26:09 PM electrum BTC wallet is installed by default nowadays.
Whonix VirtualBox 15.0.1.3.4 - Testers Wanted! https://forums.whonix.org/t/whonix-virtualbox-15-0-1-3-4-testers-wanted/9496 ...which comes with Monero GUI installed by default. |