this post was submitted on 26 Sep 2021
14 points (100.0% liked)

Privacy

31874 readers
551 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm curious if whonix actually provides any value rather than just running tor locally?

Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?

all 18 comments
sorted by: hot top controversial new old
[–] gary_host_laptop@lemmy.ml 13 points 3 years ago (3 children)

I guess since they weren't caught there's nothing to report about it so we probably wouldn't know... so I assume yes. Also Whonix works in perfect combination with QubesOS, so at that level of opsec is fucking hella hard to caught someone, IMO.

[–] redbook@lemmy.ml 3 points 3 years ago (1 children)

Qubes is good and the approach that it has is in my view the best approach to security, security by compartmentalizing and is the same security tactic that certain three letter agencies use to stop leaks from happening.

Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn't built with security in mind.

And also Qubes isn't a silver bullet at all - it uses the xen hypervisor which has had vulnerabilities in the past https://www.cvedetails.com/vulnerability-list.php?vendor_id=6276&product_id=0&version_id=0&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=296&sha=7354f1cd84d744aba90e37868d68b6095ad317f5

Plus the hardware compatibility makes it almost impossible to use on the majority of devices.

[–] AgreeableLandscape@lemmy.ml 3 points 3 years ago* (last edited 3 years ago) (1 children)

Qubes is good for security between computing contexts on the machine itself (though, not perfect as you mentioned), but by itself isn't meant to anonymize you on the internet.

Daniel the guy that does GrapheneOS basically says that its compartmentalizing garbage because linux isn’t built with security in mind.

Is Linux not designed for security? I'd have assumed it's one of the more mature security wise due to its prevalence in servers.

Wither way, I guess you can use BSD in the containers if that's a real concern. Though, this is why I wish there was a viable desktop microkernel OS. Such an OS might even be able to replace the need for a hypervisor like in Qubes, if it has built-in compartmentalization for userspace programs.

[–] redbook@lemmy.ml 2 points 3 years ago (1 children)

Yeah I think that BSD is the most secure operating system to-date and these are the guys that created ssh, the service that is used by most people in the world for connecting to theirs servers. So the folks that develop BSD really know what they are doing when it comes to security.

I've not actually tried openBSD myself, but I can already tell you that having that setup correctly so that you have containers that use openBSD instead of linux will be a pain in the ass for compatibility and is likely going to be extremely difficult to setup correctly on qubes. But in my view is likely the most secure you can get with Qubes OS.

[–] AgreeableLandscape@lemmy.ml 1 points 3 years ago* (last edited 3 years ago)

For people who don't want to or aren't knowledgeable enough to go through all that trouble, what would you think about just having multiple bootable partitions (presumably with BSD ideally), each independently encrypted with a different password? That way in theory if a single OS instance is compromised, it can't access the information on any of the other instances since only the booted one is decrypted from the perspective of any malware.

[–] nVZWmCa67Tq0SQkXPR@lemmy.ml 2 points 3 years ago (1 children)

The only problem with Qubes + Whonix combination is well it's not newbie friendly at all.

[–] gary_host_laptop@lemmy.ml 5 points 3 years ago (2 children)

It shouldn't be, using Qubes+Whonix is for people who have the need for a super secure system, from starters you have a hardware barrier that would prevent a lot of people from using it. I mean, you can use it just because yes but I don't think there's much benefit.

[–] AgreeableLandscape@lemmy.ml 1 points 3 years ago* (last edited 3 years ago) (1 children)

from starters you have a hardware barrier that would prevent a lot of people from using it

What hardware barrier? I was under the assumption that you just need virtualization support in your CPU (which almost every consumer model also have nowadays), as well as simply more RAM for storing the parallel running operating systems.

[–] gary_host_laptop@lemmy.ml 1 points 3 years ago (1 children)

You need a CRAZY amount of RAM, not just more RAM. At least having 128GB RAM as a bare minimum is not something I'd ever seen in my third world country, even for people with moderately good PCs. The price for that amount of RAM where I live is 972.96USD.

[–] AgreeableLandscape@lemmy.ml 1 points 3 years ago* (last edited 3 years ago) (1 children)

I'm assuming this is because Qubes OS allocates RAM independently for each VM, regardless of how much the VM is actually using? Does Xen not have the ability to use a pool of RAM and just overlap the empty space? I was under the assumption that enterprise level hypervisors could do that. Even if you have five VMs, if four of them are idle, in theory only a little more than one OS's worth of RAM should actually be filled with active data.

[–] gary_host_laptop@lemmy.ml 2 points 3 years ago (1 children)

Qubes does not only use compartmentalization for stuff like browsing, if I remember correctly your /home folder is also a separate VM and I think there was something similar to this happening too, so I assume there's always at least like 3 or 4 VMs running. Either way AFAIK you still need that amount, regardless of if there's an alternative, which makes it non usable for poor people.

[–] AgreeableLandscape@lemmy.ml 1 points 3 years ago* (last edited 3 years ago)

Fair enough. I said this in another comment already, but for this reason I really wish there was a viable desktop OS that uses a microkernel, since such an OS can be much more easily designed do secure compartmentalization without the need for VMs or duplicate parallel processes in general. A micorkernel OS still has more computational overhead than one monolithic kernel, but would be much more resource frugal than multiple VMs.

[–] nVZWmCa67Tq0SQkXPR@lemmy.ml 1 points 3 years ago (1 children)

Yeah it depends on your threat model but even if you have the right hardware, it would still be pretty hard if you are a newbie who say, has recently switched to Linux.

[–] AgreeableLandscape@lemmy.ml 1 points 3 years ago* (last edited 3 years ago)

Furthermore, Linux knowledge will only help you to an extent with Qubes. You should ideally also be familiar with how Xen works and how it's configured.

[–] relejek@lemmy.ml 2 points 3 years ago* (last edited 3 years ago) (1 children)

This. When the safety tool/system is so good that you don't realise if it is working or not. I think a better question would be "whether anyone was compromised while* using it?"

Edit: a word.

[–] PandaCoderPL@lemmy.ml 3 points 3 years ago

I'm curious if whonix actually provides any value rather than just running tor locally?

It's definitely more resistant to any exploits because Whonix Workstation doesn't know your real IP address.

Like has there ever been a case when because tor was run locally on someones computer over using whonix for tor that they were compromised?

If someone got saved from being identified then you probably will not hear about it anywhere but there were cases where Whonix would save someone from being identified if they only used it. As an example see Buster Hernandez's case (more details here: https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez). He was running Tor locally (because he was using Tails) and he got caught.