Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

The internet was amazing in the 90s and early 2000s.  Then chatroom and forum 
trolls and russian spammers infested everything.  And it all crashed and died.

IMO the internet is now called facebook, instagram, twitter and youtube.   
because its the corner Americans have been backed into.   But now that is also 
under attack, and the negatives are starting to outweight the positives, so it 
will be interesting what the future holds.

Just like Tsutomu Shimomura,  I believe the same morals and principles we apply 
in the physical realm need to be applied to the digital realm before anything 
changes for the better.  People feel way too entitled and untouchable.

But before that happens its probably only going to get worse.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/f9053b81-1b59-4f02-a1ee-2d66d36e2c2a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

On Monday, March 4, 2019 at 10:04:38 AM UTC-5, qube...@tutanota.com wrote:
> Feb 23, 2019, 12:23 AM by raahe...@gmail.com:
> 
> > and it would still require alot more discipline and restraint not to post 
> > exposing information about yourself online,  that would defeat the purpose 
> > of using something like facebook or twitter imno.Again not something I 
> > could see practical for daily life.   Are there propagandists  and 
> > government agents on these sites.  Of course,  but even they have a 
> > separate personal digital life somewhere.The world is getting faker by 
> > the minute,  we don't need more fakes.
> >
> 
> This: "The world is getting faker by the minute,  we don't need more fakes."
> 
> I cant agree more cooloutac. Lets than not engage in the services which are 
> faking everything with their censorship, manipulations, social engineering, 
> surveillance, human rights violations for their profit and other uncountable 
> malicious reasons, which are today very well documented. Lets use .onion 
> sites for expressing your opinions instead. Where you can just finally come, 
> and say what you fucking really think about the matter openly in your real 
> words, without any fake poses forced on you. And get a real, uncensored 
> feedback too. Does this makes sense?
> 
> 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "qubes-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to > qubes-users+unsubscr...@googlegroups.com 
> > > .
> > To post to this group, send email to > qubes-users@googlegroups.com 
> > > .
> > To view this discussion on the web visit > 
> > https://groups.google.com/d/msgid/qubes-users/8db1a24d-a13a-457c-980e-9ec3043e0...@googlegroups.com
> >  
> > >
> >  .
> > For more options, visit > https://groups.google.com/d/optout 
> > > .
> >

If you notice I'm not afraid to express myself without Tor. Anonymity in this 
way is cowardly and usually a bad thing.  Leads to people acting and behaving 
and ways they normally wouldn't because they know they are not respectful.   
some examples are why e-sports is not a billion dollar industry like athletic 
sports.   Its why social media has had overly negative impacts in recent years.

If people aren't accountable for their actions we wouldn't be living in a very 
nice world.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/b712f00f-32a5-4536-8b8f-cf9724c78110%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

On Monday, March 4, 2019 at 10:04:38 AM UTC-5, qube...@tutanota.com wrote:
> Feb 23, 2019, 12:23 AM by raahe...@gmail.com:
> 
> > and it would still require alot more discipline and restraint not to post 
> > exposing information about yourself online,  that would defeat the purpose 
> > of using something like facebook or twitter imno.Again not something I 
> > could see practical for daily life.   Are there propagandists  and 
> > government agents on these sites.  Of course,  but even they have a 
> > separate personal digital life somewhere.The world is getting faker by 
> > the minute,  we don't need more fakes.
> >
> 
> This: "The world is getting faker by the minute,  we don't need more fakes."
> 
> I cant agree more cooloutac. Lets than not engage in the services which are 
> faking everything with their censorship, manipulations, social engineering, 
> surveillance, human rights violations for their profit and other uncountable 
> malicious reasons, which are today very well documented. Lets use .onion 
> sites for expressing your opinions instead. Where you can just finally come, 
> and say what you fucking really think about the matter openly in your real 
> words, without any fake poses forced on you. And get a real, uncensored 
> feedback too. Does this makes sense?
> 
> 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "qubes-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to > qubes-users+unsubscr...@googlegroups.com 
> > > .
> > To post to this group, send email to > qubes-users@googlegroups.com 
> > > .
> > To view this discussion on the web visit > 
> > https://groups.google.com/d/msgid/qubes-users/8db1a24d-a13a-457c-980e-9ec3043e0...@googlegroups.com
> >  
> > >
> >  .
> > For more options, visit > https://groups.google.com/d/optout 
> > > .
> >

Issues like having to manually update all the time to new versions by 
reinstalling is a real pain.   Not very user friendly. Fact I was getting 
clock errors, etc.   But most of the issues have to do with tor.  Dns not 
matching,  updates taking long time or timing out,  invalid signatures.   Its 
because tor users are targeted.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/48ed8a63-9392-494a-9d12-33bf899bae1d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[qubes-fan]

Feb 23, 2019, 12:23 AM by raahe...@gmail.com:

> and it would still require alot more discipline and restraint not to post 
> exposing information about yourself online,  that would defeat the purpose of 
> using something like facebook or twitter imno.Again not something I could 
> see practical for daily life.   Are there propagandists  and government 
> agents on these sites.  Of course,  but even they have a separate personal 
> digital life somewhere.The world is getting faker by the minute,  we 
> don't need more fakes.
>

This: "The world is getting faker by the minute,  we don't need more fakes."

I cant agree more cooloutac. Lets than not engage in the services which are 
faking everything with their censorship, manipulations, social engineering, 
surveillance, human rights violations for their profit and other uncountable 
malicious reasons, which are today very well documented. Lets use .onion sites 
for expressing your opinions instead. Where you can just finally come, and say 
what you fucking really think about the matter openly in your real words, 
without any fake poses forced on you. And get a real, uncensored feedback too. 
Does this makes sense?


> -- 
> You received this message because you are subscribed to the Google Groups 
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to > qubes-users+unsubscr...@googlegroups.com 
> > .
> To post to this group, send email to > qubes-users@googlegroups.com 
> > .
> To view this discussion on the web visit > 
> https://groups.google.com/d/msgid/qubes-users/8db1a24d-a13a-457c-980e-9ec3043e0...@googlegroups.com
>  
> >
>  .
> For more options, visit > https://groups.google.com/d/optout 
> > .
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/L_8E1d5--3-1%40tutanota.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[qubes-fan]

Feb 23, 2019, 12:17 AM by raahe...@gmail.com:

> On Wednesday, February 20, 2019 at 4:17:45 AM UTC-5, qube...@tutanota.com 
> wrote:
>
>> I trust Whonix  the same as I trust Qubes and TAILS, or Debian, Fedora, Xen. 
>> I don't have enough intelligence, that would convince me otherwise. And I do 
>> research quite often when periodically adjusting my FMECA. Which is just a 
>> professional deformation. 
>> Every project, however secret, secure, top notch it seems to be, is 
>> vulnerable this or that way, and will always remain so. Some of the attacks 
>> are common, some are specific. Once old attacks are covered, new emerge. 
>> That is life. Disregard a project, only because one of the emerging attacks, 
>> is pathetic (I know not your case, you have different reasons mentioned), as 
>> this attack (ausie law like, or malicious dev) is possible for every other 
>> project too, including your refrigerator, assembled on the production line 
>> with malicious guy, willing to do evil. Living somewhere in cave is not a 
>> solution.
>>
>> Interestingly I don't have much problem with Whonix in Qubes, and I like it 
>> very much. Working very well. I use it on daily basis as my primary template 
>> in Qubes, for my company management, email, chat, browsing, research, and 
>> privately as well, because I believe that anonymity is a very strong 
>> security attitude to thread mitigation, even I understand well the 
>> limitations of Tor and Whonix as well. They are clear about what they can do 
>> and what not. Are they a magical wand, solving all problems of the world? 
>> No, and they don't claim that.
>> Most of the time I try to prefer connections to .onion websites rather than 
>> clearnet, because I don't see any benefit from exposing myself to 
>> surveillance capitalism. I like v3 onions, and prefer to use it wherever 
>> possible. I love to see myself as a person, not as a product. When chatting 
>> on XMPP with OTR I use .onion server for my identity and ask the other site 
>> to do the same, as I don't see any benefit using clernet server. Tor allows 
>> me to mitigate some risks, and of course opening me to another ones. This 
>> comparison is still putting the weight *for-tor-whonix-in-qubes*. Others may 
>> have it different, depending on ones OPSEC and ones willingness to give 
>> his/her life away for free to any random observer. 
>>
>> I hope Whonix will go on further with their excellent job, same as Qubes or 
>> TAILS or Torproject. 
>>
>> I would just stress out the importance to include the high-risk, high-impact 
>> emerging threads into their thread model and try to mitigate these risks 
>> same way, as other risks included there already - recognized. If you set up 
>> your bullet-proof environment and than by crossing a nation border just 
>> breaks it down by one simple question of the officer, than resistance of 
>> your security setup is extremely weak and breakable any time. More and more 
>> states will go on with this attacks in the near future. Australia is only 
>> the first one to make it so clear. There are tools and ways available for 
>> mitigation, for Plausible Deniability for example, like Hidden Operating 
>> System, Hidden Volumes, but are not included in the standard package of the 
>> projects yet. If I was a programmer, I would sure contribute, but I am not. 
>> And so the only point is to mention it, and try to stress it enough, to 
>> motivate people with skill-set to contribute for all of us.
>>
>>
>>
>>
>> Feb 20, 2019, 6:15 AM by >> raahe...@gmail.com >> 
>> :
>>
>> > I read that whonix thread.  Still not sure why whonix doesn't have a 
>> > canary.  What could it hurt?  Any aspect of the project could be 
>> > compromised for any reason.   Thats the same as people saying I have 
>> > nothing to hide so why worry.  In the other thread Patrick says US laws 
>> > affect all countries.
>> >
>> > And don't feel bad.  Patrick banned me from the forums too once a long 
>> > while ago.  I told him I'd never post there again and never did. lol.
>> >
>> > I was constantly having issues with whonix.   You are a target just for 
>> > using it.  You really have to pay attention when you are updating it.
>> >
>> > Sill never understood why the user qubes-whonix left the project in 
>> > flamboyant fashion claiming it was just a "cool experiment" and its 
>> > "security was not taken seriously" ...
>> >
>> > I stopped using whonix after the annoying clock issue.  And then couldn't 
>> > be troubled to install the latest version and just removed it instead. 
>> >
>> > I'm sure it has its purposes and some people need it.  But I don't.  The 
>> > websites I use qubes for ban tor or it just has no benefit.  Anonymity is 
>> > different then privacy.
>> >
>> > -- 
>> > You received this message because you are subscribed to the Google Groups 
>> > "qubes-users" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an 
>> > 

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[Patrick Schleizer]

cooloutac:
> The reason why I say privacy and anonymity are two diff things.  And way 
> apart from security. is For example if I log into a facebook .onion site.  
> Its still my identity.  All that information about you is still being sold to 
> ad agencies.  Governments are still watching it.   The only benefit I can 
> see, is again,   people hiding their location for fear of their life or 
> imprisonment.

Alternative end-to-end encryption without TLS certificate authorities
involved.

> And actually be using it you are using up bandwidth those people could be 
> using, just to feel special.

Citation required.

At no point Tor Project had the position that people should limit
themselves if possible, except for Bittorrent traffic. On the contrary.
They welcome Tor adaption.

See PDF:

Anonymity Loves Company: Usability and the Network Effect

By Roger Dingledine and Nick Mathewson (Tor founders and core developers)

https://freehaven.net/anonbib/cache/usability:weis2006.pdf

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/4164f23b-06e2-e284-9f4e-dde38ea93ead%40whonix.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

and it would still require alot more discipline and restraint not to post 
exposing information about yourself online,  that would defeat the purpose of 
using something like facebook or twitter imno.Again not something I could 
see practical for daily life.   Are there propagandists  and government agents 
on these sites.  Of course,  but even they have a separate personal digital 
life somewhere.The world is getting faker by the minute,  we don't need 
more fakes.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8db1a24d-a13a-457c-980e-9ec3043e09e1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

On Wednesday, February 20, 2019 at 4:17:45 AM UTC-5, qube...@tutanota.com wrote:
> I trust Whonix  the same as I trust Qubes and TAILS, or Debian, Fedora, Xen. 
> I don't have enough intelligence, that would convince me otherwise. And I do 
> research quite often when periodically adjusting my FMECA. Which is just a 
> professional deformation. 
> Every project, however secret, secure, top notch it seems to be, is 
> vulnerable this or that way, and will always remain so. Some of the attacks 
> are common, some are specific. Once old attacks are covered, new emerge. That 
> is life. Disregard a project, only because one of the emerging attacks, is 
> pathetic (I know not your case, you have different reasons mentioned), as 
> this attack (ausie law like, or malicious dev) is possible for every other 
> project too, including your refrigerator, assembled on the production line 
> with malicious guy, willing to do evil. Living somewhere in cave is not a 
> solution.
> 
> Interestingly I don't have much problem with Whonix in Qubes, and I like it 
> very much. Working very well. I use it on daily basis as my primary template 
> in Qubes, for my company management, email, chat, browsing, research, and 
> privately as well, because I believe that anonymity is a very strong security 
> attitude to thread mitigation, even I understand well the limitations of Tor 
> and Whonix as well. They are clear about what they can do and what not. Are 
> they a magical wand, solving all problems of the world? No, and they don't 
> claim that.
> Most of the time I try to prefer connections to .onion websites rather than 
> clearnet, because I don't see any benefit from exposing myself to 
> surveillance capitalism. I like v3 onions, and prefer to use it wherever 
> possible. I love to see myself as a person, not as a product. When chatting 
> on XMPP with OTR I use .onion server for my identity and ask the other site 
> to do the same, as I don't see any benefit using clernet server. Tor allows 
> me to mitigate some risks, and of course opening me to another ones. This 
> comparison is still putting the weight *for-tor-whonix-in-qubes*. Others may 
> have it different, depending on ones OPSEC and ones willingness to give 
> his/her life away for free to any random observer. 
> 
> I hope Whonix will go on further with their excellent job, same as Qubes or 
> TAILS or Torproject. 
> 
> I would just stress out the importance to include the high-risk, high-impact 
> emerging threads into their thread model and try to mitigate these risks same 
> way, as other risks included there already - recognized. If you set up your 
> bullet-proof environment and than by crossing a nation border just breaks it 
> down by one simple question of the officer, than resistance of your security 
> setup is extremely weak and breakable any time. More and more states will go 
> on with this attacks in the near future. Australia is only the first one to 
> make it so clear. There are tools and ways available for mitigation, for 
> Plausible Deniability for example, like Hidden Operating System, Hidden 
> Volumes, but are not included in the standard package of the projects yet. If 
> I was a programmer, I would sure contribute, but I am not. And so the only 
> point is to mention it, and try to stress it enough, to motivate people with 
> skill-set to contribute for all of us.
> 
> 
> 
> 
> Feb 20, 2019, 6:15 AM by raahe...@gmail.com:
> 
> > I read that whonix thread.  Still not sure why whonix doesn't have a 
> > canary.  What could it hurt?  Any aspect of the project could be 
> > compromised for any reason.   Thats the same as people saying I have 
> > nothing to hide so why worry.  In the other thread Patrick says US laws 
> > affect all countries.
> >
> > And don't feel bad.  Patrick banned me from the forums too once a long 
> > while ago.  I told him I'd never post there again and never did. lol.
> >
> > I was constantly having issues with whonix.   You are a target just for 
> > using it.  You really have to pay attention when you are updating it.
> >
> > Sill never understood why the user qubes-whonix left the project in 
> > flamboyant fashion claiming it was just a "cool experiment" and its 
> > "security was not taken seriously" ...
> >
> > I stopped using whonix after the annoying clock issue.  And then couldn't 
> > be troubled to install the latest version and just removed it instead. 
> >
> > I'm sure it has its purposes and some people need it.  But I don't.  The 
> > websites I use qubes for ban tor or it just has no benefit.  Anonymity is 
> > different then privacy.
> >
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "qubes-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to > qubes-users+unsubscr...@googlegroups.com 
> > > .
> > To post to this group, send email to > 

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[cooloutac]

On Thursday, February 21, 2019 at 4:16:52 PM UTC-5, Patrick Schleizer wrote:
> cooloutac:
> > I read that whonix thread.  Still not sure why whonix doesn't have a 
> > canary.  What could it hurt?  Any aspect of the project could be 
> > compromised for any reason.   Thats the same as people saying I have 
> > nothing to hide so why worry.  In the other thread Patrick says US laws 
> > affect all countries.
> > 
> > Patrick banned me from the forums too once a long while ago.  I told him 
> > I'd never post there again and never did. lol.
> 
> "banned" is wrong. Ban referring to a block from posting to Whonix
> forum. That was never the case.
> 
> Reference:
> 
> https://forums.whonix.org/t/forward-and-reverse-dns-dont-match-up/2147

Ok well then I banned myself before flipping out lol.  I'm sure I have more 
threads then that.  

 But I for one wouldn't trust you the same as trusting someone like Marek.  And 
thats what it boils down to.  You are a little too emotional and have multiple 
agendas in your life.  But at least you're not as bad as the subgraph os guy.  
And hey I wouldn't trust me if I was running a project either lol.

Nor would I trust it as much as a project like debian that has so many more 
free software eyes on it.

Everytime I came to you with a problem you had an attitude.  I never 
experienced that on qubes forums.  And  updating whonix is so sketchy and such 
a pain in the ass I gave up on it.  I have no need for it.  I think it creates 
more security problems then it solves in qubes.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d781fe36-bb77-48a7-ac4c-1f0901713684%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[Patrick Schleizer]

cooloutac:
> I read that whonix thread.  Still not sure why whonix doesn't have a canary.  
> What could it hurt?  Any aspect of the project could be compromised for any 
> reason.   Thats the same as people saying I have nothing to hide so why 
> worry.  In the other thread Patrick says US laws affect all countries.
> 
> Patrick banned me from the forums too once a long while ago.  I told him I'd 
> never post there again and never did. lol.

"banned" is wrong. Ban referring to a block from posting to Whonix
forum. That was never the case.

Reference:

https://forums.whonix.org/t/forward-and-reverse-dns-dont-match-up/2147

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a24f3d1a-cd22-dabf-5429-a244b8b94e9a%40whonix.org.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Re: Valid Concerns Regarding Integrity of Whonix Project

[qubes-fan]

I trust Whonix  the same as I trust Qubes and TAILS, or Debian, Fedora, Xen. I 
don't have enough intelligence, that would convince me otherwise. And I do 
research quite often when periodically adjusting my FMECA. Which is just a 
professional deformation. 
Every project, however secret, secure, top notch it seems to be, is vulnerable 
this or that way, and will always remain so. Some of the attacks are common, 
some are specific. Once old attacks are covered, new emerge. That is life. 
Disregard a project, only because one of the emerging attacks, is pathetic (I 
know not your case, you have different reasons mentioned), as this attack 
(ausie law like, or malicious dev) is possible for every other project too, 
including your refrigerator, assembled on the production line with malicious 
guy, willing to do evil. Living somewhere in cave is not a solution.

Interestingly I don't have much problem with Whonix in Qubes, and I like it 
very much. Working very well. I use it on daily basis as my primary template in 
Qubes, for my company management, email, chat, browsing, research, and 
privately as well, because I believe that anonymity is a very strong security 
attitude to thread mitigation, even I understand well the limitations of Tor 
and Whonix as well. They are clear about what they can do and what not. Are 
they a magical wand, solving all problems of the world? No, and they don't 
claim that.
Most of the time I try to prefer connections to .onion websites rather than 
clearnet, because I don't see any benefit from exposing myself to surveillance 
capitalism. I like v3 onions, and prefer to use it wherever possible. I love to 
see myself as a person, not as a product. When chatting on XMPP with OTR I use 
.onion server for my identity and ask the other site to do the same, as I don't 
see any benefit using clernet server. Tor allows me to mitigate some risks, and 
of course opening me to another ones. This comparison is still putting the 
weight *for-tor-whonix-in-qubes*. Others may have it different, depending on 
ones OPSEC and ones willingness to give his/her life away for free to any 
random observer. 

I hope Whonix will go on further with their excellent job, same as Qubes or 
TAILS or Torproject. 

I would just stress out the importance to include the high-risk, high-impact 
emerging threads into their thread model and try to mitigate these risks same 
way, as other risks included there already - recognized. If you set up your 
bullet-proof environment and than by crossing a nation border just breaks it 
down by one simple question of the officer, than resistance of your security 
setup is extremely weak and breakable any time. More and more states will go on 
with this attacks in the near future. Australia is only the first one to make 
it so clear. There are tools and ways available for mitigation, for Plausible 
Deniability for example, like Hidden Operating System, Hidden Volumes, but are 
not included in the standard package of the projects yet. If I was a 
programmer, I would sure contribute, but I am not. And so the only point is to 
mention it, and try to stress it enough, to motivate people with skill-set to 
contribute for all of us.




Feb 20, 2019, 6:15 AM by raahe...@gmail.com:

> I read that whonix thread.  Still not sure why whonix doesn't have a canary.  
> What could it hurt?  Any aspect of the project could be compromised for any 
> reason.   Thats the same as people saying I have nothing to hide so why 
> worry.  In the other thread Patrick says US laws affect all countries.
>
> And don't feel bad.  Patrick banned me from the forums too once a long while 
> ago.  I told him I'd never post there again and never did. lol.
>
> I was constantly having issues with whonix.   You are a target just for using 
> it.  You really have to pay attention when you are updating it.
>
> Sill never understood why the user qubes-whonix left the project in 
> flamboyant fashion claiming it was just a "cool experiment" and its "security 
> was not taken seriously" ...
>
> I stopped using whonix after the annoying clock issue.  And then couldn't be 
> troubled to install the latest version and just removed it instead. 
>
> I'm sure it has its purposes and some people need it.  But I don't.  The 
> websites I use qubes for ban tor or it just has no benefit.  Anonymity is 
> different then privacy.
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to > qubes-users+unsubscr...@googlegroups.com 
> > .
> To post to this group, send email to > qubes-users@googlegroups.com 
> > .
> To view this discussion on the web visit > 
> https://groups.google.com/d/msgid/qubes-users/db18e185-a602-4b05-8111-0cae75355...@googlegroups.com
>  
>