On Wednesday, February 20, 2019 at 4:17:45 AM UTC-5, qube...@tutanota.com wrote:
> I trust Whonix  the same as I trust Qubes and TAILS, or Debian, Fedora, Xen. 
> I don't have enough intelligence, that would convince me otherwise. And I do 
> research quite often when periodically adjusting my FMECA. Which is just a 
> professional deformation. 
> Every project, however secret, secure, top notch it seems to be, is 
> vulnerable this or that way, and will always remain so. Some of the attacks 
> are common, some are specific. Once old attacks are covered, new emerge. That 
> is life. Disregard a project, only because one of the emerging attacks, is 
> pathetic (I know not your case, you have different reasons mentioned), as 
> this attack (ausie law like, or malicious dev) is possible for every other 
> project too, including your refrigerator, assembled on the production line 
> with malicious guy, willing to do evil. Living somewhere in cave is not a 
> solution.
> Interestingly I don't have much problem with Whonix in Qubes, and I like it 
> very much. Working very well. I use it on daily basis as my primary template 
> in Qubes, for my company management, email, chat, browsing, research, and 
> privately as well, because I believe that anonymity is a very strong security 
> attitude to thread mitigation, even I understand well the limitations of Tor 
> and Whonix as well. They are clear about what they can do and what not. Are 
> they a magical wand, solving all problems of the world? No, and they don't 
> claim that.
> Most of the time I try to prefer connections to .onion websites rather than 
> clearnet, because I don't see any benefit from exposing myself to 
> surveillance capitalism. I like v3 onions, and prefer to use it wherever 
> possible. I love to see myself as a person, not as a product. When chatting 
> on XMPP with OTR I use .onion server for my identity and ask the other site 
> to do the same, as I don't see any benefit using clernet server. Tor allows 
> me to mitigate some risks, and of course opening me to another ones. This 
> comparison is still putting the weight *for-tor-whonix-in-qubes*. Others may 
> have it different, depending on ones OPSEC and ones willingness to give 
> his/her life away for free to any random observer. 
> I hope Whonix will go on further with their excellent job, same as Qubes or 
> TAILS or Torproject. 
> I would just stress out the importance to include the high-risk, high-impact 
> emerging threads into their thread model and try to mitigate these risks same 
> way, as other risks included there already - recognized. If you set up your 
> bullet-proof environment and than by crossing a nation border just breaks it 
> down by one simple question of the officer, than resistance of your security 
> setup is extremely weak and breakable any time. More and more states will go 
> on with this attacks in the near future. Australia is only the first one to 
> make it so clear. There are tools and ways available for mitigation, for 
> Plausible Deniability for example, like Hidden Operating System, Hidden 
> Volumes, but are not included in the standard package of the projects yet. If 
> I was a programmer, I would sure contribute, but I am not. And so the only 
> point is to mention it, and try to stress it enough, to motivate people with 
> skill-set to contribute for all of us.
> Feb 20, 2019, 6:15 AM by raahe...@gmail.com:
> > I read that whonix thread.  Still not sure why whonix doesn't have a 
> > canary.  What could it hurt?  Any aspect of the project could be 
> > compromised for any reason.   Thats the same as people saying I have 
> > nothing to hide so why worry.  In the other thread Patrick says US laws 
> > affect all countries.
> >
> > And don't feel bad.  Patrick banned me from the forums too once a long 
> > while ago.  I told him I'd never post there again and never did. lol.
> >
> > I was constantly having issues with whonix.   You are a target just for 
> > using it.  You really have to pay attention when you are updating it.
> >
> > Sill never understood why the user qubes-whonix left the project in 
> > flamboyant fashion claiming it was just a "cool experiment" and its 
> > "security was not taken seriously" ...
> >
> > I stopped using whonix after the annoying clock issue.  And then couldn't 
> > be troubled to install the latest version and just removed it instead. 
> >
> > I'm sure it has its purposes and some people need it.  But I don't.  The 
> > websites I use qubes for ban tor or it just has no benefit.  Anonymity is 
> > different then privacy.
> >
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "qubes-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to > qubes-users+unsubscr...@googlegroups.com 
> > <mailto:qubes-users+unsubscr...@googlegroups.com>> .
> > To post to this group, send email to > qubes-users@googlegroups.com 
> > <mailto:qubes-users@googlegroups.com>> .
> > To view this discussion on the web visit > 
> > https://groups.google.com/d/msgid/qubes-users/db18e185-a602-4b05-8111-0cae75355...@googlegroups.com
> >  
> > <https://groups.google.com/d/msgid/qubes-users/db18e185-a602-4b05-8111-0cae75355cdd%40googlegroups.com>>
> >  .
> > For more options, visit > https://groups.google.com/d/optout 
> > <https://groups.google.com/d/optout>> .
> >

You could live like a monk.  Which is the only way to be truly secure,  but you 
would be missing out on many life experiences.  But to each his own.

LIke I said,  I was using tor to check certificates and update my qubes.  But 
its so dam slow,  the whonix qubes is always so sketchy with errors, and there 
isn't much support help for it.  So I stopped using it. 

I'm a gamer and I'm talking to you from a non hardened windows 10 machine right 
now lmao..   Qubes is my family machine and for more sensitive tasks. And 
mostly for sites that block tor.  Like banking,  I shop online for example, 
download files from USB disks,  its for daily tasks besides entertainment.  

   Don't most IRC networks even block tor now?  Tor to me is almost dangerous 
to use.

I'd only use tor as my daily connection right now if I was fearing for my life 
or fear of imprisonment.   And then I'd probably be using tails with a 
disposable flash drive.  

I think alot of the problems in society stem from the fact we apply different 
principals and morals to the physical world from the digital realm.  They 
really are not different at all no matter how much people treat them 
differently.   Now these false sense of entitlements are carrying over to the 
physical world and its scary.    When it really should be the other way around.

The reason why I say privacy and anonymity are two diff things.  And way apart 
from security. is For example if I log into a facebook .onion site.  Its still 
my identity.  All that information about you is still being sold to ad 
agencies.  Governments are still watching it.   The only benefit I can see, is 
again,   people hiding their location for fear of their life or imprisonment.

And actually be using it you are using up bandwidth those people could be 
using, just to feel special.

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to