[Whonix-devel] Whonix 15.0.0.3.6 - Development Discussion and Testers Wanted! introduction of sdwdate-gui; Tor Browser first startup popup, disabled whonixcheck “Connecting to Tor…” passive popup

Patrick Schleizer patrick-mailinglists at whonix.org
Fri Aug 9 10:00:00 CEST 2019


The Whonix 15.0.0.3.6 release comes with numerous security enhancements,
usability improvements and minor bugfixes. [1] The purpose of this post
is to discuss potentially controversial changes as well as to call for
testers.

Potentially controversial changes:

##########

- add Tor Browser first startup popup to ask whether security slider
should be set to safest [2] [3] - Qubes users will be asked that when
creating a new Whonix-Workstation AppVM and each time they start a
DispVM - unless they preseed the answer to the question by changing a
configuration file as described in the popup.

##########

- disable whonixcheck “Connecting to Tor…”, “Connected to Tor.” messages
- In favor of sdwdate-gui. whonixcheck connectivity check code checks
Tor as well as sdwdate. Due to Tor/onion slowness it often times out.
Since improving that code [4] is difficult, sdwdate-gui is used instead
as a solution that provides better visual feedback to users.

##########

- Start sdwdate-gui [5] [6], which is a systray by default in
Whonix-Gateway.

##########

- Due to sdwdate-gui, Qubes-Whonix who use multiple Whonix-Gateway [7]
should note updated instructions for multiple Whonix-Workstation [8] due
introduction of sdwdate-gui. Essentially, Whonix-Workstation's using any
Whonix-Gateway named other than sys-whonix need to configure their
Whonix-Workstation by declaring the name of their Whonix-Gateway VM.

Sparing users from needing to change this setting would require upstream
Qubes feature request "way to find out name of gateway from witin VM -
qubesdb-read /qubes-gateway-name to get implemented" [9] or some other
solution.

Not following these instructions would lead to the following confusion.
Someone who didn't start sys-whonix, starting an AppVM using
sys-whonix-two would wonder why sys-whonix gets started. It would get
started by Qubes qrexec. The sdwdate-gui entry for that AppVM would be
registered in sys-whonix's sdwdate-gui rather than in sys-whonix-two's
sdwdate-gui.

I have no idea how many users will be affected. How many are using
multiple Whonix-Gateway.

Since the name of the VM running sdwdate-gui is currently pre-configured
to sys-whonix, I am wondering if sdwdate-gui should run in any other VM
by default? Do we already have any VM running in Qubes anyhow that would
be more suitable?

##########

Testers wanted!

How to test?

Switch to testers repository.

https://www.whonix.org/wiki/Project-APT-Repository

Upgrade as usual.

Cheers,
Patrick

[1] (The release announcement is VirtualBox specific but the changelog
applies to Qubes-Whonix users using Whonix testers repository equally.)
https://forums.whonix.org/t/whonix-virtualbox-15-0-0-3-6-testers-wanted-stronger-linux-user-account-isolation-and-more-hardening/7891

[2]
https://forums.whonix.org/t/add-tor-browser-first-startup-popup-to-ask-whether-security-slider-should-be-set-to-safest/7591

[3]
> **First Start of Tor Browser (AnonDist) - Security vs Usability
Trade-off**
>
> In the stock Tor Browser configuration, JavaScript is enabled by
default for greater usability. The Tor Project provides a rationale for
this decision.
>
> The producers of Tor Browser decided the security slider setting to be
set to "Standard" by default. Quote Tor Browser Manual:
>
>> You can further increase your security by choosing to disable certain
web features that can be used to attack your security and anonymity. You
can do this by increasing Tor Browser's Security Settings in the shield
menu. Increasing Tor Browser's security level will stop some web pages
from functioning properly, so you should weigh your security needs
against the degree of usability you require.
> This popup question does not restrict your freedom to change security
slider settings at any time.
>
> Responsible for this popup question is Tor Browser Starter by Whonix
developers. It is an usability feature, which might break in future.
Therefore the user is advised to verify that the security slider has the
expected setting. Please donate!
>
> Preseeding:
>
> It is possible to avoid this popup question by preseeding the answer
to it. For that create a file /etc/torbrowser.d/50_user.conf with the
follow contents, if you want to answer "Yes".
>> tb_security_slider_safest=true
> Or if you want to answer "No".
>> tb_security_slider_safest=false
>
> Technical Details:
>
> This script is: /usr/bin/torbrowser
> Function: tb_security_slider
> All this would do is copying file
/usr/share/torbrowser/security-slider-highest.js to
/var/cache/tb-binary/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/user.js.

> cp /usr/share/torbrowser/security-slider-highest.js
/var/cache/tb-binary/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/user.js
>
> **Set Tor Browser Security Slider to Safest?**

[4]
https://github.com/Whonix/whonixcheck/blob/master/usr/lib/whonixcheck/check_tor_bootstrap.bsh

[5] https://www.whonix.org/wiki/sdwdate-gui
[6] https://github.com/Whonix/sdwdate-gui

[7] https://www.whonix.org/wiki/Multiple_Whonix-Gateway
[8] https://www.whonix.org/wiki/Multiple_Whonix-Workstation#qubes

[9] https://github.com/QubesOS/qubes-issues/issues/4117


More information about the Whonix-devel mailing list