On Wednesday, February 20, 2019 at 4:17:45 AM UTC-5, qube...@tutanota.com wrote: > I trust Whonix the same as I trust Qubes and TAILS, or Debian, Fedora, Xen. > I don't have enough intelligence, that would convince me otherwise. And I do > research quite often when periodically adjusting my FMECA. Which is just a > professional deformation. > Every project, however secret, secure, top notch it seems to be, is > vulnerable this or that way, and will always remain so. Some of the attacks > are common, some are specific. Once old attacks are covered, new emerge. That > is life. Disregard a project, only because one of the emerging attacks, is > pathetic (I know not your case, you have different reasons mentioned), as > this attack (ausie law like, or malicious dev) is possible for every other > project too, including your refrigerator, assembled on the production line > with malicious guy, willing to do evil. Living somewhere in cave is not a > solution. > > Interestingly I don't have much problem with Whonix in Qubes, and I like it > very much. Working very well. I use it on daily basis as my primary template > in Qubes, for my company management, email, chat, browsing, research, and > privately as well, because I believe that anonymity is a very strong security > attitude to thread mitigation, even I understand well the limitations of Tor > and Whonix as well. They are clear about what they can do and what not. Are > they a magical wand, solving all problems of the world? No, and they don't > claim that. > Most of the time I try to prefer connections to .onion websites rather than > clearnet, because I don't see any benefit from exposing myself to > surveillance capitalism. I like v3 onions, and prefer to use it wherever > possible. I love to see myself as a person, not as a product. When chatting > on XMPP with OTR I use .onion server for my identity and ask the other site > to do the same, as I don't see any benefit using clernet server. Tor allows > me to mitigate some risks, and of course opening me to another ones. This > comparison is still putting the weight *for-tor-whonix-in-qubes*. Others may > have it different, depending on ones OPSEC and ones willingness to give > his/her life away for free to any random observer. > > I hope Whonix will go on further with their excellent job, same as Qubes or > TAILS or Torproject. > > I would just stress out the importance to include the high-risk, high-impact > emerging threads into their thread model and try to mitigate these risks same > way, as other risks included there already - recognized. If you set up your > bullet-proof environment and than by crossing a nation border just breaks it > down by one simple question of the officer, than resistance of your security > setup is extremely weak and breakable any time. More and more states will go > on with this attacks in the near future. Australia is only the first one to > make it so clear. There are tools and ways available for mitigation, for > Plausible Deniability for example, like Hidden Operating System, Hidden > Volumes, but are not included in the standard package of the projects yet. If > I was a programmer, I would sure contribute, but I am not. And so the only > point is to mention it, and try to stress it enough, to motivate people with > skill-set to contribute for all of us. > > > > > Feb 20, 2019, 6:15 AM by raahe...@gmail.com: > > > I read that whonix thread. Still not sure why whonix doesn't have a > > canary. What could it hurt? Any aspect of the project could be > > compromised for any reason. Thats the same as people saying I have > > nothing to hide so why worry. In the other thread Patrick says US laws > > affect all countries. > > > > And don't feel bad. Patrick banned me from the forums too once a long > > while ago. I told him I'd never post there again and never did. lol. > > > > I was constantly having issues with whonix. You are a target just for > > using it. You really have to pay attention when you are updating it. > > > > Sill never understood why the user qubes-whonix left the project in > > flamboyant fashion claiming it was just a "cool experiment" and its > > "security was not taken seriously" ... > > > > I stopped using whonix after the annoying clock issue. And then couldn't > > be troubled to install the latest version and just removed it instead. > > > > I'm sure it has its purposes and some people need it. But I don't. The > > websites I use qubes for ban tor or it just has no benefit. Anonymity is > > different then privacy. > > > > -- > > You received this message because you are subscribed to the Google Groups > > "qubes-users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to > qubes-users+unsubscr...@googlegroups.com > > <mailto:qubes-users+unsubscr...@googlegroups.com>> . > > To post to this group, send email to > qubes-users@googlegroups.com > > <mailto:qubes-users@googlegroups.com>> . > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/qubes-users/db18e185-a602-4b05-8111-0cae75355...@googlegroups.com > > > > <https://groups.google.com/d/msgid/qubes-users/db18e185-a602-4b05-8111-0cae75355cdd%40googlegroups.com>> > > . > > For more options, visit > https://groups.google.com/d/optout > > <https://groups.google.com/d/optout>> . > >
You could live like a monk. Which is the only way to be truly secure, but you would be missing out on many life experiences. But to each his own. LIke I said, I was using tor to check certificates and update my qubes. But its so dam slow, the whonix qubes is always so sketchy with errors, and there isn't much support help for it. So I stopped using it. I'm a gamer and I'm talking to you from a non hardened windows 10 machine right now lmao.. Qubes is my family machine and for more sensitive tasks. And mostly for sites that block tor. Like banking, I shop online for example, download files from USB disks, its for daily tasks besides entertainment. Don't most IRC networks even block tor now? Tor to me is almost dangerous to use. I'd only use tor as my daily connection right now if I was fearing for my life or fear of imprisonment. And then I'd probably be using tails with a disposable flash drive. I think alot of the problems in society stem from the fact we apply different principals and morals to the physical world from the digital realm. They really are not different at all no matter how much people treat them differently. Now these false sense of entitlements are carrying over to the physical world and its scary. When it really should be the other way around. The reason why I say privacy and anonymity are two diff things. And way apart from security. is For example if I log into a facebook .onion site. Its still my identity. All that information about you is still being sold to ad agencies. Governments are still watching it. The only benefit I can see, is again, people hiding their location for fear of their life or imprisonment. And actually be using it you are using up bandwidth those people could be using, just to feel special. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7670d567-71f4-4b07-a3a1-27601f860629%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
