Discussion in 'privacy technology' started by JoeAverage, Nov 3, 2013.
Totally agree your ISP knowing your on the Tor network throws up more eyebrows then Spock.
I have flirted with this idea for awhile now, but always chicken out fearing I don't possess the expertise to pull it off the way it need be done and will just end up wasting a ton of time and going crazy in the process.
I also really like what you're doing with pfsense... that's something I "may" be able to wrap my brain around, a bit more user friendly & convenient. I think I'd go that route instead. It's a perfect compromise.
i have to agree....all of this is 100% unknown to me so i just hope over the next year or two trolling around i can learn enough. I know over the next few months i'll just be wikipediaing and googling whonix...because who knew right? Ha sorry bad mom joke.
bTW i use TOR without VPN...that is something i hope to solve in the near future. Only started to learn this security stuff in the last 12 months....a little before the whole NSA thing...after that it was high gear....well actually it was ! 1 year ago. When i made an account here lol. Can't believe it was that long ago.
Unfamiliar stuff can be intimidating. For me, sadly enough, it's iptables Fans love the fact that it's not organized around a flow from input to output. Rules affect all "in flight" packets, no matter where they entered. And rules can be chained, and route packets in complex ways. Cool as it may be, it intimidates me. I like pf much better. I can write rules for packets that are going from X to Y. Anyway ...
The setup that you describe -- VPN on host, VirtualBox running Whonix -- requires NO change in defaults, except for the firewall setup on the host machine (ha ha).
You install a VPN client on the host. In Windows, or with some VPNs (such as Mullvad) in Linux, you just install the provider's client. The Mullvad client even comes with leak protection. In Windows, I gather that the Comodo firewall setup is straightforward. In Linux, you can use either the old XeroBank Shorewall setup, or adrelanos' VPN-Firewall (which is tighter).
Installing VirtualBox is easy. And so is importing the Whonix VM appliances. You don't need to change the defaults. By default, the WAN adapter of the Tor gateway VM is NATed to the host, and so connects through the host VPN. By default, the LAN adapters of the Tor gateway and workstation VMs are attached to a VirtualBox internal network (whonix). You just run the VMs, and work in the workstation VM. The setup is totally locked down. As long as you don't mess with the Tor gateway VM, there's nothing (as far as I know) that you (or adversaries that gain access) can do in the workstation VM that will deanonymize you. If an adversary broke out of the workstation VM, all bets are off, of course. But I doubt that there are many adversaries that could manage that.
There is one tweak that I recommend to the Whonix gateway VM. Reduce its RAM from 768 MB to 127 MB. Having low RAM won't affect its functionality. It just doesn't run its KDE desktop, which (in my opinion) is a waste of RAM, because you don't do anything there except update packages.
Whonix - Step-by-Step Instructions
Is this right mirmir? its always nice to know if I am wrong or right. Always still learning
@Mirimir - This stuck out. Is there an NSA implication here?
what does that even mean? what mirimir said? I am a little lost
Yes, that's right. The VPN only sees that you're connecting to Tor entry guards, but nothing else about your Tor circuits or websites that you access via Tor.
I stand firmly behind a VPN on a host with Whonix running inside the tunnel. Its a proven connection. If you want you can even wrap the VPN inside SSH/SSL in addition.
As far as breaking out of the Workstation that would take an extreme level of expertise. When Whonix was designed it was constructed so that it is the Gateway that makes the connection and masks the users ID stuff. The Whonix Workstation can in fact be quite severally infected with malware and the Gateway will NOT reveal sensitive stuff about the connection or host. All the machine ids, and browser fingerprints are set to a standard so you are not unique at all, unless being a TOR users is how you define unique. There is nothing from within Workstation to BETRAY you unless there is some large operator error or use of the system for personal banking, email, etc..
I keep a "template" workstation updated and clean as can be. When I log on I clone the perfectly clean Workstation and use it to my content. Then I delete it and use a perfectly clean one tomorrow. That only takes a few minutes each day and I am starting without tracks except to debian for apt-get updates, etc...
Yes, that's a CYA reference to NSA and such.
I don't know whether they have VM breakout exploits.
There are rumors of course, but
There's a risk that malware in the workstation VM could gain access to the host OS. As Palancar notes, that's unlikely. However, Qubes developers question that assumption for VMware, VirtualBox, etc. But they don't mention example exploits, as far as I've seen. Adrelanos doesn't claim that it's impossible.
Devil's advocate. If your host is tunneled tightly and you have kept it anonymous (e.g. a hidden OS that is never used for personal stuff that is trackable) it may not do you much good to gain minimal access to the host.
Let me remind users, which are trying to be fully security aware, that Whonix recommends that we NEVER use the host for anything other than supporting Whonix VM's. Just updates and nothing else. If a host is used according to instructions we would all be alot safer. And remember the other suggestion is full encryption of the host for physical security.
thx 'sigh' of relief
I gave whonix a test run but noticed few issues.
whonix has a issue with updating the Tor browser its update feature is not working only advises you to do it manually which is all linux type commands based so did not bother, not sure if this would be bad the version that existed seemed pretty up to date.
Other then that I also noticed the tor browser has "java" enabled by default!
Otherwise whonix is nice and SuperTor, as Palancar said it isolates and gets rid of that browser fingerprint making you one of the million+ users but I do wonder if one had a solid VPN set up with rules to prevent DNS/ISP IP leaks and java disabled/cookies/flash off if the Tor browser bundle would still hide your "browser fingerprint" just as well...
yea no cript is running by default didn't know that until i heard the News that NSA put a bug in it or whatever and was tracking everything -_-
Yeah your right! also just watched winkos (thx!) linked tutorials to whonix.
So 3 niggles In whonix but easily fixed
whonix updates feature does not work via shortcut so browser not up to date
java enabled to on by default
Only small niggles and can be easily fixed mind, I see the videos showing how to update and upgrade via sudo commands and other 2 can be just flicked on in a second
Given the state of viruses and malware and potential DNS/IP leaks I can understand Whonix is the best solution going.
Straight TOR will not be as strong as Whonix. If you want to get a handle on the why, then log into the Whonix site and read about security by isolation. You can read about this in several locations outside of theirs too. The concept of dual VM's and how Whonix Gateway communicates with the Workstation to prevent a "bullet hole" is a great read.
As far as updating the TOR browser (only in the Workstation); I keep an icon on the desktop and a simple click does all the work. Do you not have such an Icon or is yours not working? I haven't needed mine in the past few days.
Yeah agree isolation is the key and this makes whonix tops.
Their is "update Tor browser" shortcut on whonix but it has not worked, a thread was posted up on here:
The creator said its Tor guys fault, it regularly gets broken down due to debian packages not being updated properly.
Even someone else updated it manually but it said it was then unknown and not up to date so the mind boggles.
I just tried to update the tor bb but its tricky at best if your new to linux and commands, think ill leave it its pretty up to date anyhow.
Going to follow the rest of the video tutorial suggestions and update as much as possible and change password for now.
+2. This has always been a part of my approach, in whatever regard I can possibly apply it to. I have so many different partitions on my HD's I almost ran out of letters in the alphabet.
I believe things also run both quicker and more stable when they have their own dedicated partition.
But even if I felt it yielded none of those benefits I still do it just because I'm an organization freak.
Maybe I should check out this Whonix thing before April 2014 rolls around...
Only advantage to petitions is short stroking and that is only good for the first 10% of the drive after that benefit drops fast
Use to do the same with partitions... but I noticed its faster and nicer to have one giant drive more so when cut and copying files, also cleaning programs like ccleaner+privazer work much better to delete files like cache or even worse residual traces of files scattered around different sectors on the hdd !
Having multiple partitions I may forget to scan a partition and miss them.
But I do miss having that organization and separate drives if my Windows was to get mucked up I know id be in for a long night but now I run drive snapshot for quick backups so easily fixed.
I feel isolation and running virtual machines and combining them all with encryption gives the best privacy and security overall.