lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <52599AAB.2090401@riseup.net>
Date: Sat, 12 Oct 2013 18:53:31 +0000
From: adrelanos <adrelanos@...eup.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Whonix Anonymous Operating System Version 7
	Released!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Whonix is an operating system focused on anonymity, privacy and
security. It's based on the Tor anonymity network, Debian GNU/Linux
and the principle of security by isolation. DNS leaks are impossible,
and not even malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a
gateway, which we call Whonix-Gateway. The other, which we call
Whonix-Workstation, is on a completely isolated network. Only
connections through Tor are possible.

Download: https://www.whonix.org/wiki/Download

Users of Whonix 0.5.6 and below:

There is no upgrade path from Whonix 0.5.6 to Whonix 7. You have to
manually download new Whonix images.

Call for Help:

If you know shell scripting (/bin/bash) and linux sysadmin, please
join us! There are plenty of ways to make Whonix safer. We are also
looking for an https direct download mirror.

Whonix 7 Changelog:

* Updated Tor to 0.2.4.

* Installed obfs3 by default. (for obfsproxy bridges)

* New Identity button on Tor Browser is now functional thanks to the
Control Port Filter Proxy (#3).

* Tor Browser is now the system default browser (#86). In addition,
when opening a link or an html file it will ask for confirmation to
avoid accidental linking. (configurable)

* Graphical Whonix-Gateway (#26). Optionally, if you reduce
Whonix-Gateway RAM to below 500 MB, let's say to 128 MB, you
automagically end up with the usual non-graphical Whonix-Gateway.
(configurable)

* Whonix now includes an updater. It can not be promised that you will
never have to download a new image for next stable releases, but we
are on that way. Interested testers may have to download images of
testing releases from time to time.

* Tor networking is disabled for the first start of Whonix-Gateway.
The connection wizard (whonixsetup) will automatically start to help
enabling Tor or setting up bridges. This is useful for people using
bridges to connect to the Tor network to hide the fact that they are
using Tor.

* The current Tor Browser Bundle (TBB) Alpha, which will soon become
the new TBB stable, will work out of the box in Whonix, even if you
download and install it manually from torproject.org. This is useful
for the case that the Whonix Tor Browser updater breaks due to changes
on torproject.org. Tor over Tor situation will be automatically
prevented on manual installs.

* Boot Clock Randomization.

* Time Sanity Check.

* Higher console resolution: 1024x768 (without X).

* Disabled the throw-keyids option on gpg.conf due to usability
issues. Enable it manually if you need it.

* Fixed uwt. To do certain tasks such as installing the Adobe Flash
plugin or running update-command-not-found you no longer need to
"chmod -x /usr/local/bin/curl".

* Deactivated the kgpg tray icon by default (#10), not perfect, but
less confusing, since it will now start in foreground by default and
no longer as tray icon (which was automatically and confusingly hidden
by default).

* Downloading Tor Browser and signature from idnxcnkne4qt76tg.onion
instead of torproject.org for better security when run inside Whonix.

* Time Privacy wrapper (optional).

* Enable "apparmor=1 security=apparmor" by default (didn't enable
enforce mode or add any useful profiles yet).

* Manpages for scripts which come with Whonix.

* Flexible modular .d style configuration folders: /etc/whonix.d/,
/etc/whonix_firewall.d/, /etc/controlportfilt.d/.

* Moved blog to wordpress.com, better than sourceforge, because
wordpress.com supports SSL, closed #23.

* Lots of other improvements and bug fixes which can be found under
the git log.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJSWZqqAAoJEJwTGtNxOq7vtkkP/io2e0AEARzaGgtFIKG2ipw7
/RUoaNQiN+kCCcJvc9ccUVvjXEDAyQg8QqBfHE8MSW2/OtxUd4S8mtX9w21fOiEy
X9iA1Ejs/ibrXS8nFogxfNLM8esILqCcv00eAq8OmQPbJvW8Dw1BCVZ2aruxpC71
cTWzxtl28hzB3Yft4A+wd6GYz8vEhTK0+OQ96RLDo9srTNgVDJ9/WxDDjUYPD8ps
ih01/F2qGtRSWl04523NAQMCVj70m8vGP2CR1MBO6r6JVFNBVMKcUEZwXEA4Y2Mh
G9LXcv/HBz5HzEYxt8DfWS5dChf5Z4b4qccmzvldp0ZuE3RRnzMcTviG6PNpfWiz
R4xvJ/skeqESnUn0ut4S4NarNV2fYRUwk0RvxoWLycNVdpseWNGHMAqnBVfCO9L+
DFCw5hWKJyNLlgPtgcjM5yp5icJLT1Zli2fHUjmYXU3YW/BgiTTWUQneaR5ONIPI
LHdOGajiENXjNhHAppzogyp8waaAZUdiGPD56tyMHTo5iIrLRKSP+EhWGtJWUFd9
EvMzO9/Cu8IKbsE31ChIkR/bAuRuljS+VQ5aOwHciN76/AnGMJiQdP1kDHiwYmZ4
raImU3AHakLSMhisNaHnldABxt2SJoEZrH3o69M3lKH/ETEHLYs4yvTCZ/1bL+9B
denxNP4uq9goH6tPBSU5
=08eb
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ