On this page we give an overview on the continuous progress for Whonix and Kicksecure and on the most active contributors.

Introduction[edit]

Kicksecure (and Whonix) are both long standing projects with an established history and both are still continuously further developed.
On this page we like to give an overview on the continuous progress for Kicksecure (and Whonix) and on the most active contributors. They write content, they research, they implement and much more.
Each contributor has a chapter.

arraybolt3[edit]

2024-11-20[edit]

Create draft implementation of restricted filesystems for Calamares[edit]

Date: 2024-11-20

Created a work-in-progress implementation of the "let me restrict what filesystems the user can use" feature request for Calamares. This hasn't been tested yet, and it may need substantial changes before it can be merged, but an initial attempt at implementing it is now public and available for discussion.

Debug why Calamares 3.3.11 isn't migrating to Trixie[edit]

Date: 2024-11-20

Found out why Calamares 3.3.11 has been stuck in Sid. Turns out there's a project, calamares-extensions, which the Calamares devs also control, and that they had taken a module from and put it into Calamares itself. This resulted in a file conflict between an old version of calamares-extensions and the newer version of Calamares. Asked the Calamares devs to finalize the release of calamares-extensions so this can be resolved.

Attempt to create MRE for live-build apt-cacher-ng conflict[edit]

Date: 2024-11-20

Wrote and tested a detailed minimal reproducible example for the live-build apt-cacher-ng conflict we ran into with repository-dist. Sadly, while the example I built seems like it should reproduce the issue, I somehow misconfigured apt-cacher-ng on my test VM and wasn't able to reproduce the issue as a result. Need to come back to this.

Remove GRUB boot menu distro icons[edit]

Date: 2024-11-20

Removed the weird-looking distro icons for Kicksecure and Whonix from the corresponding GRUB menus. These looked out-of-place, and would have probably continued to look out of place even if they weren't static.

2024-11-19[edit]

Audit sudoers configuration files[edit]

Date: 2024-11-19

Audited Kicksecure and Whonix's sudoers configuration files. Shared results of the audit with Patrick.

live-build, use security.debian.org when bootstrapping[edit]

Date: 2024-11-19

Added the ability for live-build to use a security mirror of the user's choice when bootstrapping an ISO build with mmdebstrap. Added changes to the mmdebstrap upstream merge request, merged them into my main live-build fork branch, and added code to derivative-maker that uses the new feature.

2024-11-18[edit]

Research ArchiveBox[edit]

Date: 2024-11-18

Found answers for each of the questions we had about ArchiveBox's functionality and installation sources, and recorded them under the ArchiveBox task in dev/todo.

More live-build work[edit]

Date: 2024-11-18

Fixed an issue where the kernel packages were hardcoded to the amd64 architecture in derivative-maker's live-build configuration.

Also attempted to add security mirror support to our version of live-build's mmdebstrap mode. This ended up failing because of multiple hurdles that were hit - one has to pass entire source lines to mmdebstrap in order for it to work in this kind of multi-mirror setup, but at the same time passing entire source lines to live-build as bootstrap mirrors causes it to misbehave badly when writing the chroot's sources.list file. This will require further development to make work right.

Debug and fix ISO build failure on Qubes OS[edit]

Date: 2024-11-18

Reproduced, debugged, fixed, and tested the fix for an issue that would result in ISO build failures on Qubes OS. (/home was being mounted with nodev, causing live-build to break.)

2024-11-17[edit]

Review and clean up sdwdate's url_to_unixtime component[edit]

Date: 2024-11-17

Did a security review on url_to_unixtime. Found a few minor issues, documented them, also documented things that looked good. Forked sdwdate and pushed fixes for all fixable issues to my fork for review.

Test hardened JSON parsing in Tor Browser version detection[edit]

Date: 2024-11-17

Created and executed a full test plan for the Tor Browser version detection code. It is now ready for review.

Test plan:

* [x] Install updated packages
* [x] Ensure Tor Browser is not installed
* [x] Run AnonDist. Finds correct version of Tor Browser and offers to install it?
* [x] Installation succeeds?
* [x] Update derivative-maker
* [x] Sync tb-updater and developer-meta-files with updated versions
* [x] Run `dm-packaging-helper-script pkg_tor_browser_version_update`. Correctly updated normal, alpha, and arm64 browser versions?
* [x] Run tb-updater unit test with `bash -x unit_test`. Passes?

Harden JSON parsing in Tor Browser version detection (wip)[edit]

Date: 2024-11-17

Wrote code that made parsing JSON for Tor Browser version detection significantly safer. This still needs to be thoroughly tested and peer-reviewed, but it's working pretty decently so far. Implementation is documented on the dev/todo page.

Polish archiver script, begin mass link archival[edit]

Date: 2024-11-17

Added the last bit of needed polish to the archiver script (skipping archive.org Wayback Machine links), then started the script running. It may take a very long time to finish archiving everything, but it runs unattended and rate-limits itself, so it should work.

2024-11-16[edit]

Write mass link archiver script[edit]

Date: 2024-11-16

Mostly finished a script that extracts all links from the Kicksecure and Whonix wikis, and archives them using archive.today if necessary. Uses mediawiki-shell's existing features to do link extraction. The script still needs to omit archive.org links and onion links, but that's about the only feature it's missing. The script intentionally operates very slowly, in order to avoid overloading the archive.today service.

Enhance mediawiki-link-to-archive with archive.today support[edit]

Date: 2024-11-16

Wrote the code needed for adding archive.today links to the Wiki, documented the intended behavior of the code, and documented followup steps that need to be done in order to deploy it.

Review kloak makefile enhancements[edit]

Date: 2024-11-16

Reviewed contributed enhancements to kloak's makefile, suggesting several changes and commenting on follow-up changes that would be required.

2024-11-15[edit]

Research archive.today link protection operation[edit]

Date: 2024-11-15

Researched what steps would be needed to archive all pages linked to on the Kicksecure and Whonix wikis, and studied how to best add those links to the wikis. Added all researched info to dev/todo page, including adding a task for making the archive.today frontend capable of extracting the date and time of the last snapshot.

Redo Tor Browser version detection logic in dm-packaging-helper-script[edit]

Date: 2024-11-15

The logic for detecting Tor Browser versions that I originally wrote worked, but used a non-ideal method of version detection that was different than code already present in tb-updater. To resolve this, pkg_tor_browser_version_update now actually uses tb-updater's Tor Browser version detection code, giving us a single source of truth for both tools. Also fixed an easy-to-resolve Shellcheck issue while I was there.

Polish archive.today frontend, add to helper-scripts[edit]

Date: 2024-11-15

Finished the Python-based archive.today frontend. Both Tor and clearnet access work. Added to helper-scripts, deleted the now-obsolete repo used to share the WIP version with Patrick .

2024-11-14[edit]

Finish most of py-archive-today's features and publish on Github[edit]

Date: 2024-11-14

The tool is now capable of both archiving new URLs and searching for already archived ones. Unlike the Go frontend it draws inspiration from, it is able to detect when the page that is being archived is still being saved but isn't fully saved, and can wait until the page is fully saved, then spit out the final URL. This should make it significantly more useful.

Fix live-build crash due to apt-cacher-ng[edit]

Date: 2024-11-14

Finished creating a working fix for live-build crashing due to apt-cacher-ng HTTPS tunneling not being enabled. Required changes to repository-dist and derivative-maker. Fixes are published in my forks of both repos.

2024-11-13[edit]

Start developing archive.today CLI frontend[edit]

Date: 2024-11-13

Began working on an archive.today CLI frontend written in Python. Python was chosen primarily due to its memory safety, the very low number of third-party dependencies needed to handle web requests and parsing, and the trustworthiness of the one third-party dependency that I did want to use (namely Requests). So far the documentation/specification for the tool is written, the CLI parser is done, and finding archived pages works. Tor support and the ability to archive new pages are next on the todo list.

Debug live-build crash due to apt-cacher-ng[edit]

Date: 2024-11-13

ISO builds are crashing due to a poor interaction between apt-cacher-ng and the sources.list files we ship in anon-apt-sources-list and repository-dist. I did quite a bit of research into how to resolve this, but was only able to determine three less-than-ideal solutions, which are documented on the dev/todo page at https://www.kicksecure.com/wiki/Dev/todo#live-build_-_build_broken_-_kicksecure_repository_apt-cacher-ng_configuration. Ultimately it looks like we'll probably end up having to work around this using live-build scripts, calamares, and debian-installer.

2024-11-12[edit]

Test and review archive.today CLI frontend[edit]

Date: 2024-11-12

Tested the archive.today frontend, documented how to make it work and what it does so far. Also filed a feature request, and reviewed the code. So far it looks usable and appears to be safe, although the safety review is not complete yet.

Work on graphical-session.target bug in Qubes OS[edit]

Date: 2024-11-12

Attempted a fix, and researched possible solutions, including discussion with Marek.

2024-11-11[edit]

Implemented Tor Browser version detection in dm-packaging-helper-script[edit]

Date: 2024-11-11

Reads from Tor's website and from Sourceforge to determine the latest versions of Tor Browser, Tor Browser Alpha, and Tor Browser ARM64. Automatically updates the tbb_hardcoded_version files from tb-updater with the retrieved info.

Research doas suitability for Kicksecure and Whonix[edit]

Date: 2024-11-11

Investigated whether doas was usable in Kicksecure, whether it would work around the sudo faillock bugs we were encountering, if it was possible to port our sudoers config to doas, and if possible, how much work it would be. Posted all results on the Whonix forums at https://forums.whonix.org/t/replace-sudo-with-doas/17482/18.

Start testing archive.is utility[edit]

Date: 2024-11-11

Successfully built the archive.is utility using Go 1.22 from bookworm-backports. Unfortunately I wasn't able to finish testing the utility for functionality as archive.today's archiver seems to not be working, even in a Firefox browser window. Will try again tomorrow most likely.

Make dm-check-unicode look nicer[edit]

Date: 2024-11-11

Split up the whitelisting pattern so that each file went on its own line, by converting the whitelist pattern string into an array and then assembling it into a pattern string using sed.

Fix debian.list file installation in derivative-maker live-build support[edit]

Date: 2024-11-11

Tested a fix for the installation of /etc/apt/sources.list.d/debian.list that did not require renaming the file. Fix worked, pushed.

2024-11-10[edit]

Prepare to split security-misc into shared, desktop, and server packages[edit]

Date: 2024-11-10

As discussed at https://github.com/Kicksecure/security-misc/issues/187. Looked at all files in security-misc, and categorized them into shared, desktop, and server categories, with rationale for each choice. Currently available for discussion at https://forums.kicksecure.com/t/splitting-security-misc-into-shared-desktop-and-server-packages/674, will implement once consensus is reached.

File Calamares feature request for specifying filesystem restrictions[edit]

Date: 2024-11-10

Filed a feature request to Calamares, requesting that distros be given the ability to restrict what filesystems are used at what mountpoints. This could be used to avoid the root-on-fat32 issue the user at https://forums.kicksecure.com/t/kicksecure-installation-cannot-set-timezone-link-creation-failed-target-usr-share-timezone-link-name-etc-localtime/652 ran into.

Make derivative-maker install live-build during build process[edit]

Date: 2024-11-10

Kicksecure now has a live-build fork and submodule in derivative-maker, but was not installing live-build automatically. The code for this has now been written and tested.

Refactor GRUB themes[edit]

Date: 2024-11-10

The GRUB themes we're using as a base had some font files shipped alongside that were difficult to audit. Some of them were also derived from the Ubuntu font family, who's license is considered non-free in Debian. There was also lots of duplicate code between the three GRUB themes for Kicksecure, Whonix-Gateway, and Whonix-Workstation. To resolve this, the GRUB themes were refactored, the Ubuntu font was replaced with Inter, and the custom GRUB fonts are generated at package build time from the originals already present in the Debian archive.

2024-11-09[edit]

Finish testing refactored dm-packaging-helper-script[edit]

Date: 2024-11-09

Tested almost all features of dm-packaging-helper-script, with the exception of those that write to Git repositories. Fixed lots of bugs in the process. Ready for final review.

2024-11-08[edit]

Finish refactoring dm-packaging-helper-script, start testing[edit]

Date: 2024-11-08

All functions of the original dm-packaging-helper-script are now implemented, with the exception of those that are outdated and did not need to be reimplemented. Currently testing all of the functions one by one, fixing bugs as I go. I've currently managed to at least somewhat test (and if necessary, repair) everything up to and including pkg_git_commit_readme. The current state of the refactor is now public as well.

Finish initial review of IPv6 support PRs[edit]

Date: 2024-11-08

Finished reviewing the changes in the IPv6 support PRs. Still need to test them and see how they work.

2024-11-07[edit]

Begin reviewing IPv6 support PRs[edit]

Date: 2024-11-07

Reviewed some of the PRs mentioned in https://forums.whonix.org/t/add-ipv6-support/19893 for correctness and potential malicious behavior. Left several comments where things looked incorrect. So far I've reviewed the whonix-gw-network-conf, whonix-ws-network-conf, anon-gw-anonymizer-config, and whonix-firewall PRs. The only really strange commit I've seen so far is https://github.com/Whonix/whonix-firewall/pull/10/commits/4e202b11e84168d3415a4637768df6a692de6841, which references some IPv6 addresses that don't seem to be specified anywhere else.

Remove superfluous icons from GRUB themes[edit]

Date: 2024-11-07

In the interest of keeping a smaller attack surface and using less disk space, Patrick requested that I remove icons for other operating systems from the Kicksecure and Whonix GRUB themes. This is now done and tested.

Polish dummy-dependency script[edit]

Date: 2024-11-07

Discussed needed improvements with Patrick, implemented and tested them.

2024-11-06[edit]

Further progress refactoring dm-packaging-helper-script[edit]

Date: 2024-11-06

Currently finished with all commands up to and including pkg_need_version_bump_do.

Write dummy-dependency script[edit]

Date: 2024-11-06

Wrote a script that dynamically generates, and optionally installs, dummy packages that can be used to work around dependency bugs in other packages. The script works in my tests. Also added the needed dependency on equivs to helper-scripts, and ensured helper-scripts built properly after my changes.

Implement and publish minor fixes for metapackages[edit]

Date: 2024-11-06

Published updates to kicksecure-meta-packages and anon-meta-packages, following all feedback from https://forums.kicksecure.com/t/metapackages-tweak-suggestions/663/2.

2024-11-05[edit]

Debug apt solver problems with Recommends and Suggests[edit]

Date: 2024-11-05

Discussed issues with the behavior of apt recommends with Patrick. After much testing, a possible bug was discovered in which a suggests link could result in a package being incorrectly retained on the system. It remains to be seen whether this is reasonably possible to solve or not.

More dm-packaging-helper-script refactoring[edit]

Date: 2024-11-05

Currently have completed everything up to and including the pkg_git_reset function.

Suggest addition of a Weak-Depends field to debian/control[edit]

Date: 2024-11-05

Sent a detailed email to the debian-devel mailing list describing the issue of recommended packages pulling in too much (what I called "Recommended bloat") and how to solve it using Patrick's "Weak-Depends" suggestion.

Fix Kloak default values[edit]

Date: 2024-11-05

Fixed inconsistent info about default timeout and delay values in kloak. Also commented on the rationale for the exact manner in which the fix was done.

2024-11-04[edit]

Continue refactoring dm-packaging-helper-script[edit]

Date: 2024-11-04

Finished framework code, began implementing the actual commands supported by the script. In particular, the pkg_descr_creator, pkg_descr_merger, pkg_descr_merge_all, and internal_descr_writer functions got a major overhaul, adding support for discrete Kicksecure and Whonix projects to the code (this functionality didn't exist before and was marked as "TODO" in the original implementation). All command functions from the top of the original script down to pkg_compat_delete are currently implemented. Still need to test everything, and there are lots more functions to copy over and adjust, but it's coming along nicely.

2024-11-03[edit]

Review Whonix metapackages, post Kicksecure metapackage review on forums[edit]

Date: 2024-11-03

Posted the Kicksecure metapackage review for discussion. Also reviewed Whonix's metapackages briefly, only saw one potentially mis-located package, that being hunspell, which was already mentioned in the Kicksecure metapackage review and which is now documented in the review Github gist.

Finish Whonix and Kicksecure GRUB themes[edit]

Date: 2024-11-03

Finally have all of the details of the GRUB themes for Whonix and Kicksecure worked out. Branches of each repo that needed modifications are present in the dev/todo list and moved to the review queue.

2024-11-02[edit]

Begin refactoring dm-packaging-helper-script[edit]

Date: 2024-11-02

Started the work of refactoring dm-packaging-helper-script. The end-goal is to make it easy to understand, more maintainable, and to remove the use of environment variables as a primary method of passing data to the script. Currently have most of the initialization and framework code laid down, and have gotten an understanding of how the existing script works in general. This is in preparation for adding tb-updater version update functionality to the script.

2024-11-01[edit]

Polish Whonix GRUB themes[edit]

Date: 2024-11-01

Got both Whonix and Kicksecure GRUB themes looking and working properly. Had one final question for Patrick (do we want to support people switching between BIOS and UEFI modes), once that's answered I'll be able to make any final changes, then push to Git.

Document Super Grub2 Disk usage[edit]

Date: 2024-11-01

Documented how to install and use Super Grub2 Disk in the Broken Boot Wiki page. Documentation includes a description of how each boot mode works and when it should be used.

2024-10-31[edit]

Review Kicksecure metapackages[edit]

Date: 2024-10-31

Reviewed the Kicksecure metapackages, noting down potential ways to improve on the existing structure. Also wrote a small script for visualizing dependency interactions, which may be handy for future review. I did not manage to review the Whonix metapackages yet, though I did mention some things related to Whonix in the review. The review itself can be seen here: https://gist.github.com/ArrayBolt3/1312aa401d0b7ade970210b3f526f9e8

Polish GRUB theme for Kicksecure[edit]

Date: 2024-10-31

Made the GRUB theme for Kicksecure look nice and work well. Most issues with the previous theming have been solved, with the only remaining issue being one that we may not care about.

Review Super Grub2 Disk functionality[edit]

Date: 2024-10-31

Tested Super Grub2 Disk's ability to boot installed Kicksecure systems. It works really well, for both encrypted and unencrypted installations. Did not test LVM. Might be a good idea to add info about this to the broken boot recovery page.

Research TCG DRTM[edit]

Date: 2024-10-31

Researched what a Dynamic Root of Trust for Measurement is, how it is useful, and what implementations exist for x86 systems. Added relevant documentation and explanations to the confidential computing page.

2024-10-30[edit]

Fix live-build dracut loopback boot bug[edit]

Date: 2024-10-30

Dracut requires the use of a different kernel parameter for loopback ISO booting than live-boot requires. Added support to live-build to set the parameter properly depending on the initramfs image type in use.

Investigate loopback.cfg boot support[edit]

Date: 2024-10-30

Investigated the feasibility of booting Kicksecure as a loopback ISO using SuperGrub2Disk. Ultimately, it looks like it can be made to work, but there are two hurdles that need to be resolved first, both of which are now documented in dev/todo. Next steps are to see if the dracut bug is still an issue in Trixie, and to make another live-build merge request.

Fix append-once and livecheck bugs[edit]

Date: 2024-10-30

Fixed a bug in append-once where multi-line string appends could fail if one of the lines in the multi-line chunk being appended already existed in the target. Also fixed a bug in livecheck where lsblk ran too early, resulting in the system erroneously reporting it was running in read-only mode on some boots.

2024-10-29[edit]

Create prototype of GRUB theme for Whonix[edit]

Date: 2024-10-29

Tried porting the Kicksecure GRUB theme to Whonix. Ran into some issues, mainly with screen resolution on BIOS-based VirtualBox VMs. Also need to explore the creation of separate thems for Whonix Gateway and Whonix Workstation - I had initially not done this since I wasn't sure how to fit the extra info into the design of the GRUB theme. Prototype screenshots shared with Patrick.

Test live-build suitability for generating non-live images[edit]

Date: 2024-10-29

Experimented with using live-build with --system normal --binary-image hdd options for generating preinstalled, non-live systems. It's not as smooth of an experience as generating live images, but it is usable and potentially suitable for replacing grml-debootstrap. Recorded findings in the dev/todo page.

Create GRUB theme for Kicksecure[edit]

Date: 2024-10-29

After a conversation with Patrick, we decided to not use desktop-base as part of the implementation of the GRUB theme. Instead I took one of the GRUB themes linked in the Kicksecure GRUB theme task, modified it to work correctly with Kicksecure, and tested it. It may need another iteration of work since the theme will probably have distorted aspect ratio in some scenarios. (Edit: actually, this will definitely take another iteration of work because the BIOS GRUB theme will NOT work in VirtualBox. I set the resolution to 1280x960, which VirtualBox's graphics does not support as a "standard" resolution. 1024x768 works however.)

Report ISN security issue to IETF[edit]

Date: 2024-10-29

Wrote a vulnerability report and sent it. Report is at https://mailarchive.ietf.org/arch/msg/tcpm/_T3Itdx06xzAgwcfe90KP_vTCq8/. This is intentionally public, as the IETF apparently handles their vulnerability reports publicly, as confirmed by the fact that someone with access to the non-public mailing list I CC'd on the message forwarded it to the mailing list after the email system apparently failed to deliver the message to the right mailing list.

2024-10-28[edit]

Make livecheck only run detection once[edit]

Date: 2024-10-28

Added code to livecheck so that it would only run live mode detection once, and thereafter would use cached data about the system state. Also made the check interval way longer to reduce resource consumption.

Start generating desktop-base compliant branding[edit]

Date: 2024-10-28

This started as a mission to create a GRUB theme or GRUB background image for Kicksecure. Doing this revealed that the GRUB background image mechanism in Debian depended on a package called desktop-base, which turns out to be a theming/branding package that affects many different parts of Debian. It uses the Debian alternatives system to allow derivatives or vendors to override the branding as desired. It is undesirable to entirely supplant this package with Conflicts/Replaces, since that could theoretically cause breakage. However, pulling it in requires making a lot of Kicksecure-specific branding to override the Debian-specific bits. So far I have prepared GRUB background images, Kicksecure emblems, and multiple different variants of the logo, using Inkscape and GIMP. I stopped here however, as I realized I didn't know where some of the data I needed was (in particular I don't know where the default wallpaper in Kicksecure is stored), and I wasn't sure if desktop-config-dist was the right package to do it in.

Research proving issues with TCP ISNs[edit]

Date: 2024-10-28

Did research to determine how to prove that ISNs that integrate time values are dangerous. Shared with Patrick.

More improvements to Qubes event buffering support[edit]

Date: 2024-10-28

Implemented all requested changes from another reviewer. Ensured that the code still built properly, smoke-tested on Qubes OS R4.3, and submitted for another review.

Review kloak spec file for Fedora[edit]

Date: 2024-10-28

Ensured that a contributed spec file for Fedora was non-malicious. Also verified that the file successfully build a kloak RPM.

Fix remaining derivative-maker live-build patch issues, submit for review[edit]

Date: 2024-10-28

All known issues with derivative-maker live-build support have now been worked out. PR is marked as ready for review.

2024-10-27[edit]

Test derivative-maker with live-build patch, add debian-installer support[edit]

Date: 2024-10-27

Tested a few other build modes of derivative-maker and ensured they worked properly even with the new code changes. After that, I worked on getting debian-installer rebranded and working properly, which proved to be a larger job than expected. In the end, things seem to be working very well, with only a few rough edges that need fixed up.

2024-10-26[edit]

Fix bugs in derivative-maker live-build support[edit]

Date: 2024-10-26

Identified several issues with the new live-build support by comparing the list of all files on a VMs installed using old and new ISOs. All of these issues ended up having relatively simple fixes, which I have (mostly) verified work properly. At this point I just need to test things thoroughly, then live-build support should be ready for review

2024-10-25[edit]

Add BTRFS support to live-config-dist[edit]

Date: 2024-10-25

Added BTRFS as an option on the Partitions screen, using Calamares configuration options in live-config-dist. Tested by installing a BTRFS-based installation of Kicksecure, worked for me. Added btrfs-progs as a dependency to kicksecure-recommended-cli since it's necessary for a BTRFS installation to work.

Release second prototype of derivative-maker live-build support[edit]

Date: 2024-10-25

The ISO build is now working without errors on my end, and after an audit of packages and files on old and new ISOs it looks like most major issues have been resolved. Forks of derivative-maker, live-build, dist-base-files, live-config-dist, and anon-apt-sources-list have been updated with most recent iteration of code.

Prepare VirtualBox link update script for review[edit]

Date: 2024-10-25

Replaced custom Python script with str_replace, added wiki editing capabilities, placed in developer-meta-files. Tested live by using https://www.kicksecure.com/w/index.php?title=Testpage&stable=0, code seemed to work as intended. Code has been given to Patrick to review, it should be tested more thoroughly before being deployed in production.

More polishing of derivative-maker live-build builds[edit]

Date: 2024-10-25

Finally got the ISO to build again. Detection of kernel parameters is done using grub-mkconfig rather than direct configuration file parsing, user creation is done by dist-base-files as previously, apt list files are correct and are handled by anon-apt-sources-list and repository-dist. Some changes were needed to individual packages, and there are still some issues (notably the user is created without sudo privileges due to a mistaken rm I added that was cleaning up a file too early). However, this is much closer, and I expect to be able to publish the code I have locally relatively soon.

2024-10-23[edit]

Continue polishing derivative-maker live-build support[edit]

Date: 2024-10-23

Attempted to fix up kernel parameter autodetection at ISO build time, user account creation method, and apt configuration files. Also switched to multi-stage live-build rather than using lb build directly. I did not manage to get a working ISO before the day was over, however I made significant progress on it and believe that the revamped code should be able to produce working ISOs soon. Updated code will be published once it can successfully build an ISO.

Prototype automatic URL updating code for VBox links[edit]

Date: 2024-10-23

Wrote a prototype implementation for https://www.kicksecure.com/wiki/Dev/todo#automate_VirtualBox_version_update_in_the_wiki that can read from VirtualBox's download page, read from the Wiki, determine if the Wiki's VBox URL is up-to-date, and update it if not. Currently it does not update the Wiki itself, but instead prints out the text it would write. Needs some internal polish (specifically it should use Kicksecure's str_replace) and needs the actual Wiki write functionality implemented, then it should be ready to use.

2024-10-22[edit]

Polish derivative-maker live-build support[edit]

Date: 2024-10-22

Attempted to fix several issues with the live-build ISO prototype. This led to discovering a major bug in live-build that made it very difficult to set environment variables properly. Bug report at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085869. Also discussed future live-build tasks and design with Patrick.

2024-10-21[edit]

Finish derivative-maker live-build support prototype[edit]

Date: 2024-10-21

Got the live-build code to build an ISO without errors. Also fixed ISO GRUB screen branding. Remaining TODOs are noted down in https://www.kicksecure.com/wiki/Dev/todo#ISO_-_port_to_live-build and related tasks. derivative-maker prototype code is located at https://github.com/ArrayBolt3/derivative-maker/tree/arraybolt3/live-build. live-build fork needed for build is located at https://salsa.debian.org/ArrayBolt3/live-build/-/tree/arraybolt3/lb-dracut?ref_type=heads. live-config-dist fork needed for installability is located at https://github.com/ArrayBolt3/live-config-dist/tree/arraybolt3/live-build.

Also tested building Kicksecure on Kicksecure using live-build. This worked perfectly - no changes needed to be made to the prototype code to allow the build system to function properly.

2024-10-20[edit]

Integrate live-build into derivative-maker[edit]

Date: 2024-10-20

Added the ability for derivative-maker to run live-build to generate an ISO rather than using the usual ISO generation steps. I did not manage to push the derivative-maker changes to Git yet because I ran into a large number of bugs in the process (remote and local repo conflicts, random SIGPIPE errors making true exit non-zero, incompatibilities between my live-build local repo implementation and reprepro, etc). Most of these issues are now resolved. I fixed the local repo handler in live-build to work with reprepro repositories. Fix in commit https://salsa.debian.org/live-team/live-build/-/merge_requests/369/diffs?commit_id=eb1813e7bd211373060152a8bde140301576756c.

Polish configuration interface for Qubes OS event buffering[edit]

Date: 2024-10-20

At Marek's suggestion (https://github.com/QubesOS/qubes-gui-daemon/pull/149#issuecomment-2421005914), I renamed ebuf_max_delay to events_max_delay in the configuration for qubes-gui-daemon. I also had to rebase my changes to qubes-gui-daemon to the tip of main since other code had been changed since I opened the PR. The code change was tested and verified to work.

This took significantly longer than expected because I had to fix updates on Qubes R4.3 (turns out they don't work right out of the box), then was unceremoniously dropped to a Dracut emergency shell upon reboot because apparently my Qubes installation's root filesystem decided to become slightly corrupted and needed a manual fsck to fix. I did manage to get the system back up-and-running thankfully, and did the work mentioned above once my system was back to functional.

2024-10-19[edit]

Fix pam_faillock unlock on reboot or timeout[edit]

Date: 2024-10-19

Determined why pam_faillock was automatically resetting the tally on reboot and fixed it. Also kept it from resetting due to a timeout to the best of my ability (although due to limitations in pam_faillock this could not be done perfectly). Commit: https://github.com/ArrayBolt3/security-misc/commit/690e8dd826d1cb39c0c12c03792781862cc2dd23

Note that this does NOT fix the issue where the use of passwordless sudo resets the tally. This may require assistance from upstream, and investigation into that is still ongoing.

2024-10-18[edit]

Debug pam_faillock[edit]

Date: 2024-10-18

Kicksecure uses pam_faillock to provide bruteforcing protection for user account passwords. Unfortunately the existing PAM configuration allowed the tally and lock to get reset in multiple unintended ways. The root cause of this was determined and a proof-of-concept fix developed, however a deployable fix has not yet been determined. One of the problematic scenarios has a bug filed in linux-pam for it: https://github.com/linux-pam/linux-pam/issues/842

2024-10-17[edit]

Further improvements to Kicksecure live-build[edit]

Date: 2024-10-17

Wrote another patch for live-build and attempted to upstream it, this allows us to set --error-on=any on apt update calls within live-build. https://salsa.debian.org/live-team/live-build/-/merge_requests/371 Tested it and it appears to work. Also tested a bunch of additional options Patrick suggested using, which removed more unnecessary packages and improved the build process. Also documented that the custom fork of live-config-dist is no longer necessary.

2024-10-16[edit]

Fix up package installation on Kicksecure live-build[edit]

Date: 2024-10-16

Fixed a couple of very annoying bugs in the live-build code for Kicksecure. There were a bunch of weird firmware files and display drivers getting installed incorrectly, which now no longer get installed, and the user had to explicitly confirm that they wanted to remove a bootloader package at one point during the build, which they now no longer get prompted for. I also got a merge request made for mmdebstrap support in live-build, which is visible here: https://salsa.debian.org/live-team/live-build/-/merge_requests/370

Additionally, I dug up the old live-build code from derivative-maker and extracted the core lb config command from that. This may be useful for future work on live-build.

At this point the ISOs being produced using live-build are of a reasonably high quality, and I believe it is time to get the live-build fork I've been using integrated into Kicksecure's Git repos and start using it as the default framework for ISO file generation in derivative-maker.

Rework Qubes OS event buffering pull request[edit]

Date: 2024-10-16

See https://github.com/QubesOS/qubes-gui-daemon/pull/149. Implemented all requested changes from all reviewers, rebuilt qubes-gui-daemon and qubes-core-admin-client with changes, and tested on Qubes OS R4.3. Another round of review has been requested.

2024-10-15[edit]

Implement mmdebstrap support in live-build[edit]

Date: 2024-10-15

Implemented and tested live-build mmdebstrap support. Code is visible at https://salsa.debian.org/ArrayBolt3/live-build/-/commit/0a8559b9d456a93284e726521a33f342ab469f8b. MR has not yet been opened against live-build upstream because of Debian infrastructure issues.

Create live-build local apt repo MR, more live-build debugging[edit]

Date: 2024-10-15

MR for local apt repo support in live-build: https://salsa.debian.org/live-team/live-build/-/merge_requests/369

The reason for strange firmware files becoming installed appears to be because of a firmware installation routine in live-build operating as intended (though since I'm building with contrib and non-free repos it seems to be pulling in a bit more than expected). Need some input on how to best handle that. I also diagnosed the reason for a "persistent mode" icon in the panel getting shifted over to the left, and created a patch here: https://github.com/ArrayBolt3/desktop-config-dist/commit/6b0ec41a2ec75b11dbe1b50d9040fb56761bc583

Prepare X event buffering Qubes OS pull request for re-review[edit]

Date: 2024-10-15

Added a signed integer overflow check to a potentially vulnerable area of the PR's code, and gave the code a short stress-test and functionality test using vmonaco's device fingerprinting test, Reddit, and YouTube. Resolved all conversations from Marek's review of the X event buffering PR, and requested a re-review.

2024-10-14[edit]

Debug Kicksecure live-build, implement local apt repo support[edit]

Date: 2024-10-14

Implemented local apt repo support in live-build and pushed to Git on Debian Salsa (their GitLab instance). Sadly due to a glitch in Salsa, I was unable to open a merge request, and am awaiting a reply from the Salsa administrators. Also debugged issues with installed and omitted packages in the Kicksecure live-build project. Ultimately I wrote an email to the debian-live mailing list because of particular extra packages getting installed for no apparent reason: https://lists.debian.org/debian-live/2024/10/msg00007.html

2024-10-13[edit]

Continue effort to pork Kicksecure to live-build[edit]

Date: 2024-10-13

Got significantly further than on 2024-10-10. The ISO now boots "out of the box", installs "out of the box", and for the most part looks and works like a standard Kicksecure ISO. Further development tasks are listed in the Github repo for the project at https://github.com/ArrayBolt3/kicksecure-live-build.

2024-10-11[edit]

Rework Qubes OS kloak patch[edit]

Date: 2024-10-11

The Qubes OS "X event buffering" patch at https://github.com/QubesOS/qubes-gui-daemon/pull/149 was reviewed by a Qubes OS developer and several changes were requested. I got Qubes OS R4.3 installed on my primary development system, prepped it to build Qubes OS packages, and then did development and testing of the patch there. All requested changes were implemented, many of the comments were resolved (though I left some open for further discussion and review). The patch was also tested for functionality and appears to work well so far.

2024-10-10[edit]

Begin effort to port Kicksecure to live-build[edit]

Date: 2024-10-10

I downloaded the latest live-build from https://salsa.debian.org/live-team/live-build (using the tip of the master branch), and merged in https://salsa.debian.org/live-team/live-build/-/merge_requests/353 so as to enable use of dracut. I then created a Debian Sid chroot within my Kicksecure development virtual machine, and built and installed live-build within it. (live-build works surprisingly well inside a chroot environment.) I then researched live-build's features, as well as how to use it properly, and then worked on getting a basic Kicksecure-like ISO built using it.

Due to some oddities surrounding package installation, dracut repeatedly got uninstalled at some point during the build process, resulting in the build crashing later on. To fix this, I modified the code of live-build to avoid installing packages that were the source of the issue (namely live-config and live-boot). Additionally, the security-misc package was crashing the build because it was intentionally failing to install itself when it detected there were no users with sudo rights on the system. This ended up requiring a live-build hook to work around, which is not a desirable solution long-term. Quite a few very long builds had to be done before I finally got a working ISO, and I had to tweak the source code of live-build slightly, but I was successful at getting the ISO to both build and boot to a Kicksecure desktop. The source code of my live-build fork is at https://salsa.debian.org/ArrayBolt3/live-build/-/tree/arraybolt3/lb-dracut?ref_type=heads. The live-build configuration that finally worked somewhat for me is at https://github.com/ArrayBolt3/kicksecure-live-build.

The finished ISO had quite a few problems:

A generic-looking Debian live GRUB theme is shown on bootup.
Due to a dracut bug in bookworm, the ISO will drop you to a dracut emergency shell if you attempt to boot it by just pressing "Enter" when prompted. You must press e to edit the boot options, and add rd.live.overlay.overlayfs=1 to the end of the kernel command line to get the ISO to boot.
When it does boot, you will be shown a very strange "Welcome to LXQt" window with no window decorations or anything. No window manager will be loaded.
To get past this state, you have to press Ctrl+Alt+F2 to get to a TTY, then go to /etc/lightdm delete the lightdm.conf.d directory recursively, and edit lightdm.conf so it contains no uncommented autologin configuration. Then you have to run sudo systemctl restart lightdm and you are presented with a login greeter. At the greeter screen, click on the wrench logo in the panel at the top of the screen, and select an XFCE session to log into. Then log in with username "user" and password "live", and now you will see a Kicksecure desktop.
The user is shown as being "Debian live user" in the application menu, with a prominent Debian logo applied. This is wrong.
More software than expected ends up preinstalled, such as "Zutty" (Zero-cost Unicode Teletype, which somehow ends up becoming the default terminal), Tor Browser Donwloader, and lximage-qt for instance.
Installation fails with a bootloader-related error, likely because we have a tweaked version of a bootloader install script that no longer applies, and my configuration doesn't preload the various GRUB versions into the on-ISO repository.
The notifier in the upper-right corner of the screen showing which mode is active shows "Live" with a green light, rather than "ISO" with a disc icon.

Additionally, my test build used only remote packages, not locally built ones.

Next steps:

Figure out a more elegant way of excluding bad packages other than modifying the source code of live-build. If modifications are absolutely necessary, add a blacklist feature and then use it.
Determine why additional software is getting installed such as Zutty and bits of LXQt, and make it stop happening. (This is probably caused by package dependencies somehow.)
Fix all the bugs.
Add the ability to install packages from a local repo and test it.
See if live-build can be used for building more than just live images. Some of the docs made it sound like it could be used for making preinstalled images, which could potentially be used for building VirtualBox and other hypervisor iamges using live-build too.
Integrate live-build into derivative-maker (or the other way around?) so that source code cloning, package building, and ISO assembly can be done in one command like what is currently possible with derivative-maker.

2024-10-09[edit]

KeePassXC secret service feature request[edit]

Date: 2024-10-09

Attempted to identify what would need to change in KeePassXC to allow it to act as a distro's default secret service, and posted a feature request for it here: https://github.com/keepassxreboot/keepassxc/issues/11342

Research Edgeless Systems' confidential computing[edit]

Date: 2024-10-09

Looked into several confidential computing solutions offered by Edgeless Systems, namely Constellation, Contrast, and Continuum. Added notes about them to the confidential computing Wiki page.

Research Enclaive[edit]

Date: 2024-10-09

Looked into Enclaive and noted them in the list of cloud providers. Also discovered Gramine for protecting individual apps and containers with Intel SGX, added them to the resources list and also moved Intel SGX out of the "not useful technologies" list.

Research Intel TDX[edit]

Date: 2024-10-09

Read through https://cdrdv2.intel.com/v1/dl/getContent/690419 and did further research to determine how suitable Intel TDX looked for true confidential computing. Many of the features looked quite useful, but some of them were rather disappointing and I do not believe Intel TDX actually provides strong security guarantees against a determined cloud-provider-level adversary.

Debug Calamares issues[edit]

Date: 2024-10-09

Researched, fixed, or followed up on all outstanding Calamares issues:

Not all of these were immediately fixable, but as much as can be done with them has been. Notably the issue with the fallback bootloader cannot be easily fixed until the migration to live-build.

2024-10-08[edit]

Research Secure Cloud hardware[edit]

Date: 2024-10-08

Researched all items in the list, categorized as appropriate and made useful summaries for studying technologies. Raptor Engineering's POWER9 machines looked particularly promising.

Rewrite Broken Boot page[edit]

Date: 2024-10-08

Rewrote https://www.kicksecure.com/wiki/Broken_Boot to provide training and debugging assistance to users. Ultimately boot-info-script was NOT recommended as it could print sensitive LUKS data.

2024-10-07[edit]

Upstream tirdad functionality into Linux[edit]

Date: 2024-10-07

Created a kernel patch that adds a new parameter, tcp_rand_isn, to the Linux kernel. Testing was done with Debian Trixie. The effort to upstream the patch can be seen here: https://lore.kernel.org/netdev/20241007212735.460dc0eb@kf-ir16/T/#u

tirdad security improvements[edit]

Date: 2024-10-07

Wrote three pull requests against tirdad, each one independent of the others and applicable without needing to apply the others. One of them uses kernel live patching in lieu of page table modifications, one of them makes all generated ISNs purely random, and one of them fixes some security concerns in a string printing helper. PRs listed at https://www.kicksecure.com/wiki/Dev/todo#tirdad_-_fix_code_issues

tirdad functionality review[edit]

Date: 2024-10-07

Spent a good amount of time reviewing how tirdad worked, what its end-goal was, whether it succeeded in that end-goal or not, and also experimenting with various code changes such as simplified ISN generation, use of the kernel live patching API. Ultimately:

It works. I was able to verify that its function hooks are called when a new TCP connection is made, and that the numbers it genrates are (pseudo)random.
The internal functionality is very complex, seemingly needlessly so.
- The entire hotpatching mechanism is able to be swapped out with live patching quite easily, making the code dramatically simpler.
- The ISN generator is still integrating into its calculations connection info, similar to the original ISN generation code in the Linux kernel. But this is pointless - all that info is being integrated into a hash that is (by design) changed entirely every time a new connection is made, even if the source and destination ports are identical to what they were before. It's simpler, probably more secure, and potentially faster to just generate a random 32-bit number every time an ISN is generated.
- It should be relatively simple to implement a kernel command line option that simply makes all ISNs random 32-bit numbers. Such a patch has a pretty good likelihood of being accepted upstream due to its simplicity, though it may have to wait until the next kernel merge window opens.

2024-10-06[edit]

Fix keyboard layout-related Calamares installation failure[edit]

Date: 2024-10-06

Determine root cause of https://forums.kicksecure.com/t/locale-layout-installation-error/611 and pushed a fix at https://github.com/ArrayBolt3/live-config-dist/commit/fe3eb5da1a8a2c464026941c572e61de90d3e6e6. Tested to work with encrypted installations both in Russian (the language which was causing installation failures) and with German (the language which had been used most often to test the offending section of code previously).

Security review of tirdad kernel module[edit]

Date: 2024-10-06

Carefully studied the code of tirdad, a kernel module that hardens TCP initial sequence number generation. Results of the review were shared with the module author at https://github.com/0xsirus/tirdad/issues/23.

Review Intel SGX's suitability for confidential VMs[edit]

Date: 2024-10-06

Researched Intel SGX's use, functions, and vulnerabilities. Ultimately it appears security issues have been dealt with, but it does not appear useful for running private VMs. Added info to https://www.kicksecure.com/wiki/Dev/confidential_computing#Technologies_investigated_but_not_useful recording this.

2024-10-05[edit]

Fix triggering of touchscreen features with kloak[edit]

Date: 2024-10-05

Tracked down root cause of https://forums.whonix.org/t/weird-magnifier-feature/20502, creating a kloak commit (https://github.com/ArrayBolt3/kloak/commit/d4e7b4c0428527ea002e1ea61839effc0cb5e88e), forum response (https://forums.whonix.org/t/weird-magnifier-feature/20502/12) and upstream bug report (https://gitlab.gnome.org/GNOME/gtk/-/issues/7060) based on my findings.

2024-10-04[edit]

Finish preparation of Qubes OS X event buffering PR[edit]

Date: 2024-10-04

Fixed the remainder of the TODOs for the X event buffering PR for Qubes OS. Also tested user-configurable buffer timing and confirmed that it worked as expected. The PR still needs tested on Qubes R4.3, but after that (and assuming there are no further modifications requeted by the developers), it's ready to go. Possibly-final code visible at https://github.com/QubesOS/qubes-gui-daemon/pull/149/files.

Research CPU-assisted memory encryption[edit]

Date: 2024-10-04

Mainly researched AMD SEV, study of Intel TME-MK had been done earlier. Recorded findings in Whonix's Dev/cloud page. Intel TME-MK is likely superior to AMD SEV for our threat model due to the fact that the hypervisor is allowed to provide its own encryption keys rather than relying on CPU-generated keys.

Study attestation features in pKVM[edit]

Date: 2024-10-04

Researched and discovered that pKVM does provide local attestation features, and that remote attestation against a pKVM host can be done via Verified Boot. Recorded findings in Whonix's Dev/cloud page at https://www.whonix.org/wiki/Dev/cloud#Confidential_VMs

Dracut follow-up for systemd-cryptsetup bug[edit]

Date: 2024-10-04

Verified that https://github.com/dracut-ng/dracut-ng/issues/684 was indeed solved and reported back.

Research secure cloud technologies[edit]

Date: 2024-10-04

Did a bunch of research on technologies like TPM, Intel TXT, Intel TME-MK, Xen, etc. Revamped secure cloud notes at https://www.whonix.org/w/index.php?title=Dev/cloud&stable=0 with new info and attempted to put together a rough idea of what things would look like when properly implemented.

2024-10-03[edit]

Debug root cause of Dracut automount problems[edit]

Date: 2024-10-03

Found the root cause of boot issues when doing dracut automount, and reported it as a bug to the dracut developers. Bug report: https://github.com/dracut-ng/dracut-ng/issues/696

2024-10-02[edit]

Work on Dracut automount code[edit]

Date: 2024-10-02

Sadly this turned out to be broken on Debian. It looks like it's because an initqueue hook is insisting on finding a non-existent device and ignoring the fact that there's a usable root filesystem mounted to /sysroot. Further work is needed to get this to function properly.

Draft email to linux-mm mailing list for RamCrypt investigation[edit]

Date: 2024-10-02

Wrote a draft email as requested and shared it with Patrick over Matrix. Also did lots of study into no-fill cache mode to see if it is potentially usable for our desired purpose.

Investigating practicality of process memory encryption techniques using frozen cache and TRESOR/RamCrypt

Leave notes on libkpmcore pull request[edit]

Date: 2024-10-02

Posted more detailed rationale for hardening libkpmcore settings at https://invent.kde.org/system/kpmcore/-/merge_requests/54#note_1044980

Fix encryption checkbox bugs in Calamares[edit]

Date: 2024-10-02

Did necessary research, coding, and testing to fix UI bugs related to the "Encrypt system" checkbox in Calamares:

https://github.com/calamares/calamares/issues/2375 (user can check "Encrypt system", then process without entering a passphrase), fixed by https://github.com/ArrayBolt3/calamares/commit/cc96e65787a12cd2e93b69646aaf6b89c7d0ed52 This one was fixed last week, I tested the fix more thoroughly today.
https://github.com/calamares/calamares/issues/2379 (user cannot decline encryption if preCheckEncryption is enabled), fixed by https://github.com/ArrayBolt3/calamares/commit/fe124b0e1e80e6e1ccbfa5b5d1679a5e169e1860 This one was debugged, fixed, and tested today.
PR: https://github.com/calamares/calamares/pull/2376

2024-10-01[edit]

Implement root fs automount for dracut[edit]

Date: 2024-10-01

Researched, designed, and implemented a prototype solution. Should be relatively easy to get into a mergeable state. PR: https://github.com/dracut-ng/dracut-ng/pull/694

Investigate using KeePassXC as a default secret service[edit]

Date: 2024-10-01

Researched possible solutions for using KeePassXC as the default secret service for Kicksecure. This may require upstream code contribution to be realizable, but it's pretty close to doable. Forum comment with findings: https://forums.kicksecure.com/t/error-storing-passphrase-in-keyring-the-name-org-freedesktop-secrets-was-not-provided-by-any-service-files/582/2

Polish kloak implementation for Qubes OS[edit]

Date: 2024-10-01

Fixed a bug in X event buffering code that resulted in GUI freezes. Also added preliminary configuration support, got rid of the ISAAC random number generator in favor of getrandom(), refactored the code to be more intuitive, and avoided buffering events that could potentially cause problems if buffered. PR comment: https://github.com/QubesOS/qubes-gui-daemon/pull/149#issuecomment-2387143732

Harden libkpmcore LUKS2 settings[edit]

Date: 2024-10-01

My original post asking for advise on how to proceed received no responses. and I only received one response on Matrix from someone who did not appear to be a KDE developer. To hopefully spark some further discussion, I filed an MR: https://invent.kde.org/system/kpmcore/-/merge_requests/54

Backporting just this change to Debian may be tricky as even if KDE is willing to go with this approach as-is, Debian might not be. We may still want to keep in mind the possibility of maintaining a fork of libkpmcore with our own secure defaults.

Debug Pipewire audio failure with Intel audio[edit]

Date: 2024-10-01

Hoping to get some hint as to what was going wrong, I ran pipewire, wireplumber, and pipewire-pulse in a terminal with verbose log output. The first run was done before switching to Pulseaudio, then a second run was done after switching to Pulseaudio and then back to Pipewire (which as discussed previously somehow "fixes" the audio device). No meaningful differences were visible in the logs when comparing them with Meld.

Since AC97 is Virtualbox's default audio device for Linux, it's probably in our best interest to just stick with it. If we have to get emulated Intel audio to work, the next step is probably to add additional debugging code to Pipewire to see where things go wrong. It may also be worthwhile to try some non-Pulseaudio-based audio applications (i.e. something that uses JACK or ALSA directly) to see what happens. Sadly I corrupted my Whonix VM pretty badly messing with Pipewire packages, and the Whonix server is only letting me download the latest release of Whonix very slowly, so I wasn't able to get further than this.

2024-09-30[edit]

Implement kloak insite qubes-gui-daemon[edit]

Date: 2024-09-30

Created a prototype proof-of-concept of qubes-gui-daemon with kloak functionality embedded into it. Also set up a Qubes OS build environment and tested the proof-of-concept implementation (which mostly works). Qubes OS pull request: https://github.com/QubesOS/qubes-gui-daemon/pull/149

Investigate disk and RAM encryption[edit]

Date: 2024-09-30

Researched TRESOR and RamCrypt. Task and finished research recorded here: https://www.kicksecure.com/wiki/Dev/todo#Cloud_virtualization_-_research_RAM-less_encryption_techniques_for_disk_and_RAM_encryption

2024-09-27[edit]

Debug audio failure with >2 GB RAM[edit]

Date: 2024-09-27

Verified bug under Debian, Ubuntu, and Whonix.

Discovered while testing with Ubuntu that I could switch to pulseaudio, play audio briefly, then switch back to pipewire and everything would work. Somehow pulseaudio "initialized" the audio device and then pipewire was able to keep using it, I guess?

Tried Pipewire from bookworm-backports, issue did not resolve.

Initially I thought that Arch Linux did not have this issue because of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081965#5. With that in mind I looked at a diff between Arch Linux's Pipewire source code and Debian's Pipewire source code from backports. They were nearly identical with only a few non-suspicous-looking changes.

I then attempted to build Debian's Pipewire using build settings from Arch. This eventually worked, however installing the modded version of Pipewire did not resolve the problem.

As a sanity check, I then installed Arch Linux to see if the problem was reproducible there. It turned out it was reproducible, and the "initialize with pulseaudio first" hack also resolved the issue there.

Reported some of my findings at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081965#10 and https://forums.whonix.org/t/virtualbox-intel-hd-audio-and-pipewire-incompatibility-audio-broken-after-increasing-ram-to-5-gb-no-sound-after-latest-updates-pipewire-bug/18211/27. I'm pretty sure this is an upstream bug at this point and will be hunting for it when I resume work on this.

Debug sysroot mount failure with dracut[edit]

Date: 2024-09-27

Tested use of live-build to make dracut-based live Debian images (building Trixie, Bookworm, and Bullseye images for testing). Things mostly worked, however the Bookworm image failed to boot with the same sysroot mount failure that Kicksecure is experiencing.

I then debugged the mount failure, and traced it to a difference between thw 90overlayfs module in Trixie and Bookworm combined with a missing feature in Bookworm. The full report is visible at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082891.

2024-09-26[edit]

Submit dracut-related encrypted Debian boot failure fix[edit]

Date: 2024-09-26

Submitted fix discovered earlier at https://salsa.debian.org/debian/dracut/-/merge_requests/37

Investigate using dracut's upstream overlayfs feature[edit]

Date: 2024-09-26

Kicksecure currently uses a Debian-specific filesystem overlay module for "live mode". dracut has the same feature already existing upstream, so we would like to switch to it.

Tested switching to it on Kicksecure, for some reason the dracut-native overlayfs module was silently skipped over despite being set up properly. Tested again on Trixie, everything just worked. Upstream bug comment: https://github.com/dracutdevs/dracut/issues/1565#issuecomment-2378133277

Investigate Pipewire audio issues[edit]

Date: 2024-09-26

Successfully reproduced Pipewire audio bug and device-level workaround (switching to AC97 audio) using Debian 13 (Testing). I didn't think it would be reproducible on Debian 13, but it was. Still need to investigate if Ubuntu has this problem. Left a comment at https://forums.whonix.org/t/port-from-pulseaudio-to-pipewire-for-audio-support/16879/49.

Resolve inability to boot encrypted Debian with dracut[edit]

Date: 2024-09-26

Bug link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078792 If you install dracut on a Debian 13 (Testing) machine with unencrypted /boot and encrypted root, the system will fail to boot successfully upon next reboot.

The root cause of this turned out to be a missing runtime dependency in dracut. When using systemd within dracut (as Debian does by default), systemd-cryptsetup is necessary to unlock the disk. The dracut package does not depend on systemd-cryptsetup, and so the initrd is left with no way to decrypt the root partition. Adding systemd-cryptsetup to the dependencies of dracut before installation is enough to resolve the problem. (The result doesn't look very good, the user is left with a gray rectangle that doesn't even necessarily look like a text box, and there's no indication that they're supposed to type their passphrase, but at least the disk can be decrypted.)

Dracut gives no warnings when it generates an unusable initrd in this way, so I filed a bug report about it: https://github.com/dracut-ng/dracut-ng/issues/684 I also commented on the existing Debian bug report with my findings: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078792#15 The fix for the packaging bug was submitted at https://salsa.debian.org/debian/dracut/-/merge_requests/37.

Switch to systemd-less dracut[edit]

Date: 2024-09-26

Dracut with systemd enabled has a module conflict leading to a scary error message about being unable to mount sysroot. This error message ultimately is harmless, but disturbing. See https://forums.kicksecure.com/t/iso-error-message-during-boot-mount-sysroot-special-device-liveos-rootfs-does-not-exist/418/4.

When researching how to resolve this, I found https://github.com/dracutdevs/dracut/issues/1820#issuecomment-1133439023 which suggested omitting systemd from the dracut initramfs. After a couple of builds, I was able to do this and get a working Kicksecure ISO, however it now showed a (less scary) error message stating switch_root: failed to unlink mnt: Directory not empty. This turned out to be because Dracut mounts /dev/cdrom0 to /mnt/cdrom0 and then later tries to delete the directory without clearing it. After some more research, I wrote a dracut module that unmounted /mnt/cdrom0 and then rmdir'd /mnt/cdrom0, resolving the issue. This was tested and confirmed working. Code changes: https://github.com/ArrayBolt3/derivative-maker/commit/894d0657b7cd69370d67759709fff166d469cc37

Ultimately it looks like we won't go with this approach as systemdless dracut has issues with encrypted systems on Trixie at least. Testing to see if this even happens on Trixie is planned, and if so we'll fix the root cause there.

Test for memory leaks in kloak[edit]

Date: 2024-09-26

ChatGPT pointed out some potential memory leak areas in kloak's source code. I looked at them and didn't see any particular issues. After checking the allocation and free behavior, I additionally compiled and ran kloak, then did typing tests and lots of mouse movements in order to stress test kloak. No significant memory usage was noticed indicative of a leak.

Investigate dom0 implementation of kloak in Qubes OS[edit]

Date: 2024-09-26

Read through https://github.com/QubesOS/qubes-issues/issues/8541, investigated qubes-gui-daemon's source code to determine how to implement kloak most effectively there and suggested a potential way forward (writing kloak's functionality into the GUI daemon). Comment at https://github.com/QubesOS/qubes-issues/issues/8541#issuecomment-2377325699 Implementing kloak within individual VMs does not seem practical in the long run since kloak can't run above the X server or compositor without special support from that server or compositor, and Qubes OS's Wayland compositor is intended to be implemented without support for kernel input devices. This means that kloak has to be placed at the GUI daemon layer, in which case it's most likely easiest to just make it part of the GUI daemon.

2024-09-25[edit]

Harden Calamares encryption settings[edit]

Date: 2024-09-25

Discovered that encryption code is located in libkpmcore, which is a component of KDE and not something that can be easily changed in Calamares yet. Discussed obstacles and potential implementation strategies with Patrick, decided to try just getting more secure settings upstream first. KDE development discussion post: https://discuss.kde.org/t/making-libkpmcores-luks2-settings-more-secure/21764

Require user to make encryption choice explicit[edit]

Date: 2024-09-25

I originally started by trying to implement this from scratch to offer it as a feature request to upstream Calamares. As it turned out however, the feature already existed, and was able to be switched on by enabling a preCheckEncryption variable. Code change: https://github.com/ArrayBolt3/live-config-dist/commit/410c62e664e7d1387e7c013867242838ff2cb912

While initially trying to implement this, I discovered a bug in Calamares where the user could check the "Encrypt system" checkbox and then proceed past the partitioning screen without entering a passphrase. I reported the issue upstream at https://github.com/calamares/calamares/issues/2375 (along with a PR that should resolve it).

Update kloak readme[edit]

Date: 2024-09-25

Updated README.md to reflect current state of kloak. Code changes: https://github.com/ArrayBolt3/kloak/commit/4bbdf38cc6c6f9162348d9b23deef3169f8465b8

Add Qubes OS support to kloak[edit]

Date: 2024-09-25

Determined how to manually enable kloak on Qubes OS, documenting findings at https://forums.whonix.org/t/current-state-of-kloak/5605/111.

Getting this working by default needs orchestration, asked for advice from Qubes OS developers on how to proceed at https://github.com/QubesOS/qubes-issues/issues/1850#issuecomment-2374908358.

Disabled AddressSanitizer in kloak, it was unfortunately incompatible with Whonix's ASLR settings. See https://stackoverflow.com/questions/77672217/gcc-fsanitize-address-results-in-an-endless-loop-on-program-that-does-nothing. Code change: https://github.com/ArrayBolt3/kloak/commit/c3500fc38cea3d69c96765f6691688e4079ecd67

During work, discovered that Qubes OS and VirtualBox users may be distinguishable from other users based on typing and mouse movement patterns, potentially due to VM clock resolution. Recorded findings at https://forums.whonix.org/t/device-fingerprinting-of-vm-users-virtualbox-qubes-xen/20460.

2024-09-24[edit]

Automatically maximize Calamares window[edit]

Date: 2024-09-24

Ensured that a fullscreen window was acceptable, tested and implemented. Code change: https://github.com/ArrayBolt3/live-config-dist/commit/ab8a7e1829f7050882385488a67e9a316a9270fd

Investigate use of systemd-oomd[edit]

Date: 2024-09-24

Left a note at https://forums.kicksecure.com/t/consider-installing-systemd-oomd-by-default/223/4 with some thoughts. systemd-oomd has caused trouble before and is likely best to avoid.

Check haveged test suite[edit]

Date: 2024-09-24

The blog article at https://jakob.engbloms.se/archives/1374 made it look like haveged's test suite was passing even if the generator only ever output 1s. Using the latest version of haveged, I patched it to only ever output 1s, then ran the test suite. The suite failed under these conditions. Documented findings at https://github.com/jirka-h/haveged/issues/81#issuecomment-2372664967.

add configuration option to disable rescue key[edit]

Date: 2024-09-24

Kloak development. Added -p (persistent) option for disabling rescue key sequence. Ensured -k (for setting a custom rescue key sequence) and -p could not be used simultaneously, and documented -p in the help output. Code changes: https://github.com/ArrayBolt3/kloak/commit/ac9d1fc2712966a5ae834a690a885db9f10b2b0b

Document rescue key[edit]

Date: 2024-09-24

Kloak development. Added documentation for using the rescue key, customizing it, and disabling it. https://www.whonix.org/wiki/Keystroke_Deanonymization?shownotice=1#Rescue_Keys

makefile fix[edit]

Date: 2024-09-24

Kloak development. Added check for pkg-config to kloak's makefile, fixing a minor indentation-related bug in the makefile in the process. Code changes: https://github.com/ArrayBolt3/kloak/commit/a290f5f0fd864ea459e1c3e75a424fe7dd33cca8

Test mouse click obfuscation[edit]

Date: 2024-09-24

Kloak development. Tested on both my physical machine (Kubuntu 24.04) and on a Whonix Workstation VM. Mouse click events were seen in the log output of kloak when running in verbose mode, and noticeable randomization was being applied even when kloak ran as a systemd service. Reported findings at https://github.com/vmonaco/kloak/issues/51#issuecomment-2371866583 and https://github.com/vmonaco/kloak/issues/51#issuecomment-2372382050.

Investigate xrdp support[edit]

Date: 2024-09-24

Kloak development. https://www.whonix.org/wiki/Keystroke_Deanonymization#xrdp

Document kloak testing procedure[edit]

Date: 2024-09-24

Kloak development. Looked into potential applications that could be used to test kloak's effectiveness. Two hopeful-looking solutions were found on GitHub (https://github.com/johwconst/keystrokeDynamics2FA and https://github.com/goncalopp/keystroke_dynamics), however both of them proved to be prohibitively difficult to set up due to badly outdated Python code. TypingDNA appeared to be too privacy-invasive to recommend to other users. Settled on vmonaco's device fingerprinting test, and documented how to use it. Results can be seen at https://www.whonix.org/wiki/Keystroke_Deanonymization#Defense_Testing.

Document how to clear apt-cacher-ng's cache[edit]

Date: 2024-09-24

Kloak development. Kicksecure's build process uses apt-cacher-ng. If a corrupted package is downloaded from Debian's mirrors, it will crash the current build due to a hash sum mismatch, then crash every subsequent build because the corrupted package will be stuck in the cache. After a couple hours of debugging what was happening, I traced it back to the cache, cleared it, got a successful ISO build after a little bit more fiddling, then documented my findings at https://www.kicksecure.com/wiki/Dev/Build_Documentation/VM#Build_repeatedly_errors_out_with_hash_sum_mismatch.

seccomp debugging documentation[edit]

Date: 2024-09-24

Kloak development. Documented how to find a specific system's syscall table at https://www.kicksecure.com/wiki/Seccomp.

autostart systemd user unit xdg-desktop-portal[edit]

Date: 2024-09-24

Got an ISO to build properly after some fiddling, then tested xdg-desktop-portal autostart by:

Installing xdg-desktop-portal
Installing xdg-desktop-portal-gtk
Running systemctl --user status xdg-desktop-portal and systemctl --user status xdg-desktop-portal-gtk - this showed that the portal was NOT running yet
Opening Firefox
Clicking Menu > Settings > scroll to Files and Applications > click "Browse..." next to Downloads
Running systemctl --user status xdg-desktop-portal and systemctl --user status xdg-desktop-portal-gtk while the portal window was shown - this showed that the portal WAS running

Added needed packages (along with an ISO build failure fix) to kicksecure-meta-packages. PR: https://github.com/Kicksecure/kicksecure-meta-packages/pull/1

2024-09-23[edit]

bugfix for time issues[edit]

Date: 2024-09-23

Kloak development. Debugged root cause of time-related keyboard lockup bug reported at https://forums.whonix.org/t/sdwdate-can-cause-system-time-to-jump-backwards-causing-issue-with-kloak/20433, recorded findings and created bugfix. Findings report at https://github.com/vmonaco/kloak/issues/31#issuecomment-2368666686 and https://forums.whonix.org/t/sdwdate-can-cause-system-time-to-jump-backwards-causing-issue-with-kloak/20433/4, bugfix at https://github.com/ArrayBolt3/kloak/commit/36385d7b0050601e6f255b168c297dab8d8fb027

Investigate stronger compile-time hardening flags for Kloak[edit]

Date: 2024-09-23

Found and implemented suggestions at https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html, fixing all code issues found in the process. Code changes: https://github.com/ArrayBolt3/kloak/commit/c9c5a9876bd7fba17ec638efd065cc0836329766

Avoid use of strncpy[edit]

Date: 2024-09-23

https://github.com/vmonaco/kloak/issues/66 mentioned wanting strncpy replaced with strlcpy for better security. However Linux's manpages warned about potential security issues with strlcpy (potential for DoS attacks if an attacker could control an input string) and performance issues, and recommended the use of a custom "strtcpy" function instead. This recommendation seemed reasonable, so I implemented it. Code changes: https://github.com/ArrayBolt3/kloak/commit/0c66a7b2da09cbabc5c4368a532ab43a0f34fbb8

Integrate "Add a header file to make future development easier" pull request[edit]

Date: 2024-09-23

Kloak development. Pull request: https://github.com/vmonaco/kloak/pull/61 Adapted and integrated into Whonix's fork of kloak. Code changes: https://github.com/ArrayBolt3/kloak/commit/b0f0c926d84a6d60363c89c11b8f36cc55b57459

Integrate "ChatGPT3" pull request[edit]

Date: 2024-09-23

Kloak development. Pull request: https://github.com/vmonaco/kloak/pull/65 Some of the code (most notably the strncpy bits) were implemented differently in my adaption of it, using strtcpy instead. Code changes: https://github.com/ArrayBolt3/kloak/commit/7f9bc1bcfd08e8b3554e135a4c4d59a0a09b26d8 and https://github.com/ArrayBolt3/kloak/commit/bb4a7143877eb12904e797224c2b0afc05463713

Integrate "Add support for new devices attached after kloak starts" pull request[edit]

Date: 2024-09-23

Kloak development. Pull request: https://github.com/vmonaco/kloak/pull/67 The implementation of this PR had some issues, mainly with the use of a separate kloak process for every input device. I mentioned this at https://github.com/vmonaco/kloak/pull/67#issuecomment-2369121000, then adapted the code using a method that used only a single kloak process for all devices. Code changes: https://github.com/ArrayBolt3/kloak/commit/0d91a09a76ffa21b2782d673fcb91b16574b58d6

Add ASan and UBSan integration[edit]

Date: 2024-09-23

Kloak development. Investigated ASan and UBSan, determined how to add them to kloak, ensure nothing broke horribly when done. Ultimately ended up being quite easy. Code changes: https://github.com/ArrayBolt3/kloak/commit/5beda6da49cf1ef9ef09767e35a5660015160ee8

Fix ARM support[edit]

Date: 2024-09-23

Kloak development. ARM support bug: https://github.com/vmonaco/kloak/issues/25 ARM support seemed to mostly "just work" on the Raspberry Pi 4B when compiling and running kloak directly, unsandboxed. However sandboxing revealed that the syscall filtering rules set in kloak's systemd unit were not correct and thus kloak was crashing. Determining the right syscalls for aarch64 (and then also for x86_64 on top of that) took a while, as did setting up the RPi as a development board, but it was doable. Code changes: https://github.com/ArrayBolt3/kloak/commit/d7f386dcdd25263eb9e7a7031b171fdec3d0d4d3 and https://github.com/ArrayBolt3/kloak/commit/7fa9500c32f6560bf6ee7fe55438e27869601a0e

Code review with ChatGPT[edit]

Date: 2024-09-23

Kloak development. At Patrick's suggestion, I ran kloak's main.c file through ChatGPT to see if there were obvious issues. Based on its advice, I broke out post-execution cleanup code into its own function and ensured that the cleanup code was called on both normal and abnormal shutdowns. No AI-written code was integrated into kloak in the process, nor were any suggestions blindly implemented. Code changes: https://github.com/ArrayBolt3/kloak/commit/ba5df2543f247ed5592690d97019e0444e79b749

Create pull request against Whonix's kloak fork[edit]

Date: 2024-09-23

Kloak development. Reported changes and suggested merging them into Whonix's kloak fork. Pull request: https://github.com/Whonix/kloak/pull/1

Hans[edit]

Sprint 2024-08 to 2024-10[edit]

2024-10-13
- Template Quotation upgraded to work in lists + documentation
- 4 pages review and beautify, thumb image
  - root
  - pw defaults
  - boot modes
  - account isolation

2024-10-12
- kicksecure wiki link template logo created and integrated
- self help pages merge and unmerge
- navi template documentation updated and integrated in new member pages
- navi template self-help created and integrated in the pages
- 10 various web dev topics researched and analysed as requested
- Troubleshooting page complete revision

2024-10-11
- Server forcing browser cache clear methods research and suggestions
- Kicksecure About page promo beauty content
- Self support first page new chapter + new image
- VPN port shadow attacks content
- help youself mininav template suggestions
- Documentation links added
- template kicksecure_wiki archive none + target_blank + improve image suggestion

2024-10-10
- Download Button Modal
  - small headline padding stylefix
  - bottom button hidden on mobile fix
- cache reliable solution research and suggestions + discussion
- instant page download preload bugfix
- mw-headscript move cache busting to server replacements
- mobile browser cache busting research + recommendation
- cache documentation complete revision and update to newest techniques
- css extension fork reevaluation
- documentation of vanishing scrollbars

2024-10-09
- miniModal
  - if active stop body scrolling + remove content shift
  - custom scrollbars for all modals + auto-updating on resizing
  - recheck all modals and make compatible with new method
- remove legacy js code from footer
- download button modal
  - remove file-url from file-info
  - bugfix modal multi init (multiple ids bug)
  - remove leading string "download\s*" from file info

2024-10-08
- Discussion Todo
- Download Button Modal
  - optimize donation panel widget and payment page
  - load payments via ajax into modal (new technique)
  - load css file via ajax
  - new crypto icons and more tag
  - fine tuning + update download button documentation
- documentation for new ajax method Javascript: Ajax Loading for special cases
- new coming soon icon
- Tronix payment added to payments page

2024-10-07
- EmbedVideo remove Footer
  - improve play button
  - mobile width style
- PayViaPaypal small bugfixes
- Download button new modal feature
  - styling + tests
  - icon revision
- documentation
- instant page download button bug analysis
- Install_Software page review + revision suggestions

2024-10-04
- IconSet
  - style improvements
  - replace icon with iconset in most instances
  - also replace virtualbox "number" style with iconset
  - new iconset style keyboard
  - documentation
- pageloading report console styling improved
- "Install Additional Software Safely" page introduction improved
- performance tests page: new test executed and documented
- new color schemes for fonts
- Whonix Windows Installer page revision
- iso page
  - step images chapters
  - well done banners
  - trouble shooting chapter
  - video player poster and fullscreen research
- Pay as you go modal solution suggestion

2024-10-03
- Number icon task analysis + suggestion
- icon template
  - new parameter shadow
  - parameter border fat, thin values
  - documentation
- new template iconSet with presets
  - tests + documentation
- editorAutobackup some bugfixes
  - database consistency check cleanup
- codeselect php warnings existence checks
- js pageloading time testing
  - new method to capture asynchronous loading
  - improved reporting
  - documentation
- iso page embedvideo integration for boot menu explainer video + fullscreen research

2024-10-02
- Hashcontroller Upgrade + documentation
- async JS loading for codeSelect + sharetooltip + scrollAutoWrapper
- wiki load cascade documentation
- Detailed report ISO documentation - compare with Tails
- Total revision of virtualbox and all its sub templates

2024-10-01
- EditorAutoBackup saving bug research
- Dev/mediawiki loading delay bug analysis
  - DebugViaUrlModal upgrade all scripts loaded
  - MwCombineJsWrapper bugfix hashcontrol conditional
  - slow page individual script analysis report
  - web worker research
  - setTimeout Method applied to MwCombineJsWrapper

2024-09-30
- Boot Help Video
  - Direction discussion
  - Animation Revision
  - new step (beginning, research notice)
  - audio track created
  - speaker text draft
  - exiftest and upload
  - video embed extension research for MediaWiki
- debug helper old file url bug analysis + fix
- new script CollapsibleGlobalMods.js to globally apply “learn more” label + also “Show Less” label
  - removed all data-expandtext and data-collapsetext

2024-09-27
- WhonixOnMac Tabcontroller vs thumbnail analysis + clearfix implementation + documentation
- Discussion ToDo Boot menu + twitter image bug
- Icon Template two new parameters border text
  - style param 1 new option
  - tests + documentation
- ISO page “Boot the ISO” chapter revision rewrites
  - reorder + illustration
- ISO page boot menu explainer video created

2024-09-26
- USB_installation discussion and small improvements
- ISO page
  - number icon color language changed
  - number and alphabet icons for Linux Ubuntu and Debian
  - beautify iso_writer_installation_linux more and sub templates
  - ISO page 7 new images for TOC (steps)
- gallery tag new white style created
  - documentation + tests
- codemirror large file problem research + summary

2024-09-25
- Art Gallery image fix
- revision of USB-Installation
  - texts + icons
  - restructure + styling
- Super large file problems codemirror research
- EditorAutoBackup byte oversize management feature
  - general exception handling
  - icon color change + notification
  - documentation + cleanup

2024-09-24
- Template:Collapsible feature addToClass added + documentation
- EditorAutoBackup bugfix limit case
  - quota exceeded improvement suggestion
- New template Icon + tests + documentation Icon (Template)
- Template:Iso_writer_installation_linux improved
- ISO page completely revised 100%
  - image overwidth fix (globally)
- improved _Template_VirtualBox_CSS.css
- Progress_Reports page intro + image + Hans data + styling

2024-09-23
- request-servers-to-fetch-and-deploy.sh created
  - secrets outsources
  - references updated
  - documentation
- EditorAutoBackup features discussion
- ISO thorough testing
  - Discussion ISO
  - heavy editing of page ISO 60%
- new gray and white color schemes added + documentation

2024-09-19
- CodeSelect white space bug analysis
- Editor-Autobackup new 100% implemented
  - documentation
  - added to wiki enhancements
- deploy to servers prompt improvement

2024-09-18
- CodeSelect new technique textarea global helper
  - table with codeselect overheight bugfix (automatically because it was caused in Firefox by old technique)
  - codeselect cleanup and logical restructure
- gallery tag documentation and wikitest test
- Editor-Autobackup new 50% ready

2024-09-17
- CodeSelect
  - execCommand replacement research + implementation of new syntax + permissions research
  - white space bug solution (new implementation via textarea)
- Discussion ToDo
- CodeEditor pre and underline
  - images created
  - buttons added

2024-09-16
- CodeSelect research leading space bug + found newline collapse bug
- add reporting bugs to support header whonix kicksecure
- gallery tag mobile and minerva skin research + minerva like implementation
- Extension HeadScript documentation update
- Discussion competitor page style Research
- Wiki Enhancements Extensions search + texts + remove standard extensions
- EditorAutoBackup version 2.0 specifications

2024-09-13
- Whonix and Kicksecure local pages move local info
  - remove metager + add perplexity (kick)
  - legacy code cleanup
- Gallery usage discussion
  - new gallery template tried but not working with Template
  - Research about <gallery> tag
- twitter image research (extensive!)
  - private server testing
  - documentation
- Wiki_Enhancements reorder of old content
  - new content points (80% ready)
  - new images
  - gallery tag usage

2024-09-12
- Mininav more narrow pseudo-bold technique + small selector bugfix
- deploy to servers: Check prompted directory to prevent user error
- thumbgallery styling improved
  - new parameters mode justify
  - bugfixes on legacy code
  - documentation + wikitest
- page Wiki_Enhancements completed
  - images created
  - text + structure + beautification via our templates / modules

2024-09-11
- build files improved structure
  - remove legacy code + cleanup
  - better in-code documentation
  - wiki documentation created
- php warnings regarding codeSelect bugfix
  - code cleanup
- Kicksecure local page added load text
  - added docu search
  - drop shadow icon
  - general style improvement on all screen sizes + tested
- mininav bugfix support for external links

2024-09-10
- Download button bug analysis
- Splide deprecated analysis + recommendation
- Splide numbered pagination implementation + Lighthouse readjustment
- Collapsible template documentation + new tests
- Kicksecure forum descriptions
- Discussion Todo
- wiki enhancements summary 50%

2024-09-09
- mediawiki-extension-CSS maintenance analysis and recommendation
- dark mode documentation
- delete legacy mwcombinejswrapper
- mininav rendering inconsistency analysis + pseudo-bold font weight technique
- Whonix local pages discussion upgrade style + add info text + upgrade with doc searches

2024-09-06
- Image file syntax research
  - replace all file image Image by File
  - documentation
- Splide slider deprecation and pagination counter CSS analysis
- Dev/Logo page content improvement
  - new file names + replace in both wikis + remove Logo_box.png chapter and file (not used anywhere anymore)
  - documentation
- Created new template Collapsible + documentation
- Link color improvements

2024-09-05
- Lighthouse
  - links rely on color for Virtualbox page research + bugfix + documentation
  - Header images wrong display size fix
  - reduce unused CSS research + documentation
- jscookie deprecation analysis
- ContentImage global Alternative
  - testing with link and empty link
  - remove all contentimage usage one page at a time
  - some individual page corrections
- replace multiple empty lines with one on both wikis

2024-09-04
- Scrollwrapper enrichTolerance vs false-positive enrich + documentation
- CustomScrollbar
  - new global settings feature
  - scroll-through feature
  - prevent text selection spilling
  - documentation
- Styling broken images research + solution discussion + simple style solution
- Darkmode lib new version diff analysis
- thumbnail ContentImage analysis
- Tab content controller
  - remove auto-select first tab
  - new wikitest
  - documentation
  - flagged reviews widget overlay designfix

2024-09-03
- pagespeed mininav links not crawlable analysis + improved documentation
- pagespeed deep check Virtualbox pages: img alt descriptions, links descriptive text, info box color improvements
- tab controller documentation improvement
- image no-load analysis
  - Torbrowser new version bug testing (on our side)
  - Analysis and suggestions for header + footer improvement
- mediawiki-link-to-archive backport + documentation + compatibility suggestion
- custom srollbar mobile improvement analysis
- contentImage newline and thumbnail option analysis
- dark mode maintainanace analysis and suggestion

Sprint 2024-01 to 2024-02

2024-02-03
- Tor Safest Header Logo Alt text styling
- Tor Browser tasks analysis and replies
- Pagespeed tasks
  - expand not crawlable revisit analysis
  - mininav not crawlable research and analysis
  - source map research
  - About pages image alt fix
  - Whonix about headline order
  - Duplicated slider IDs analysis and suggestions and solution
  - Link and background colors contrast adjustments
- lefttorightimage template and widget upgrade + documentation
- Local Homepage tasks: remove JS and analyse random news possibility

2024-02-02
- Registered Sign style fixes mobile
- Mediawiki selflink ticket progress analysis and suggestions
- Unified homepage dark section colors for background and links
- Copyright injection script
  - Exclude index.php
  - Add headlines to protected elements
  - Simplify protect node identification
  - Bugfix false-protection
  - Protection of up to 300 words from injection
  - Debug mode messages + user message
  - Testing
  - Documentation
- Slider revision discussion
  - Reposition arrows
  - Unify colors
  - Reposition flow control

2024-02-01
- Discussion TODO
- Homepages
  - Unified and simplified card structure on Homepage all link - heavy editing on Widget:Page_Homepage on Kicksecure and Whonix. Cards all have the same structure and basic functionality right now
  - Unified Page_Homepage.css from Whonix and Kicksecure. Put the common parts in shared Page_homepage_common.css and only specific styles on the specific CSS files. Prevent double and follow-up problems like outdated code. Also refactored code and structure for much better future usability
  - Created Snowden on Whonix wiki page
- Sliders on Homepages
  - Simplified slider creation (less code due to unified cards)
  - Moved slide styles to Homepage
  - Make all slides links so url preview bar (bottom left in browsers) shows always link
  - Make text selectable on slides (must be done because of previous point: all slides links) and prevent triggering opening link or modal due to text marking
  - Improved Homepage styling in general and specifically sliders, unified styling (less code)
  - Unified hover transform for all slides
  - Special slider style for dark sections (auto-detect with CSS)
  - Updated Dev/mediawiki#Splide_homepage_sliders

2024-01-31
- Trademark Register fine tuning
- headscript better page route analysis
- hsversion cache control inserted in CSS extension use cases in Kicksecure and Whonix
  - new files for pages and templates
  - documentation
- new AddMessageToCopiedText.js – add copyright text to all copied text on the wikis
  - excluding “protected objects”
  - Prevent Protection due to the selection starting and ending in different protected elements

2024-01-30
- Discussion TODO
- Slider improvements
  - improved api (data-slider-type)
  - Unified the section data structure for the home pages
  - googleoff for whole slider
  - Responsive for mobile (less slides visible)
  - New type htmlcard for press cards
  - Implemented in Kicksecure and Whonix homepages
  - Documentation
  - Restyling control element icons
  - Prevent click action when text selection active
- task discussion replace css extension
- Homepage card sui disabler moved up, written new text and made new modal

2024-01-29
- Discussion TODO + Kicksecure system browser choice
- Headscript avoid php errors
- register sign more subtle
- expand button color fix + google lighthouse metric
- discover hidden elements extended for anchors + documentation
- slider implementation
  - created temporary testing environment
  - Fixed a small bug in headscript regarding when the splider script is loaded (only on homepage but it was too strict)
  - styling
  - fine tuning
  - adjustment for other sections
  - multiple different click events handled

2024-01-26
- Mediawiki self-link new draft for feature request
- GoogleOff
  - Applied to CodeSelect
  - Review of “see share button” SEO bug
- Slider for wiki Homepages
  - splidejs docu research
  - setup and import in file system and in headscript
  - Regexp to only load library on homepages
  - homepageSliderInit.js created
  - Implementation, testing, problem analysis
  - New solution suggestions
- cacheclear discussion
- Reposition of editor augmentation logos due to new Mediawiki version
- Share widget improvement: new reddit logo and markdown button
- Broken anchor problem review and analysis

2024-01-25
- javascript-notice template fix
- share widget
  - plain copy was made more prominent
  - "wiki" and data-project data was removed from in share texts
  - A new url templating language and parser were introduced
  - New colored share symbols were introduced, new logo for the Mediawiki share option
  - Plain copy was re-implemented as a code select line on top
  - A complete re-arragement of the elements in a new order was don
  - Description texts were added for the copy url options
  - Testing was done
  - Documentation was updated, especially in-source
- Discussion ToDo

2024-01-24
- Register symbol review and improvement
  - Removed logo text and replace logo plus text
  - Responsive styling
- Parsoid self-link research and suggestions
- ChatGPT css suggestions review and analysis
- Outreach / communication
- Blurry gui preview image replacement
- Evolution host SVG file with text

2024-01-23
- New Build System Multiwiki docu rewrite - Multiwiki and sub chapters
- Review of build file changes by admin
- Improved payviaPaypal forceSandbox
- Improved build and deploy
- EditorMultiwikiNotice new terminology (from documentation) implemented (publisher/subscriber instead of master/slave)
- Docu Replacement [[Mediawiki:files]] and refilter Common.js + Common.css + #css:Mediawiki files etc
- parsoid and mediawiki image link rendering review and documentation
- Headline style improvement

2024-01-22
- New build system continuation
  - adjust build.json files
- move wiki specific src files and adjust build config files
  - diff check that new build was done correctly relative to old rendered files
  - 2 repo solution analysis and suggestion
- Paypal widget rewrite / bugfix review
- Kicksecure logo rectangle
- Pay via paypal sandbox mode
  - Always activated on staged server
  - Sandbox indicator widget
  - Documentation
- Improved local deploy script
- documentation staging server test

2024-01-20
- mw-combine rewrite completed
  - Optimizing file structure
  - Refactoring mw-combine
  - Refactoring build.json
  - in-file documentation
  - Debugging + testing + bugfixing
  - Demonstration video
  - Discussion Call

2024-01-19
- Discussion Todo
- Created switching script to staged server config and back for local usage of contributors
- New wiki files build system
  - git configuration + 3 repos initialized
  - files transferred from old system + completeness check
  - architecture analysis and discussion
  - resctructuring
  - bash script + mw-combine rewrite beginning

Sprint 2023-08 to 2023-09

2023-09-08
- Virtualbox installer logo
- Illustrative images
  - Whonix-Gateway Xfce VM illustrative image
  - Whonix-Workstation Xfce illustrative image
  - Kicksecure CLI illustrative image
- HP images
  - Stream Isolation image
  - File swap creator image
  - targeted updates image
- Stream isolation thumbnail too big
- Nav-menu column overflow bugfix

2023-09-07
- donor cards broken + wikitest
- Discussion Todo
- pagespeed fixes
- discuss CSS hide footer items
- Expand Collapse replace new technique + docu + tests
- mediawiki bug report CSS/HTML changes

2023-09-06
- Pagespeed fixes
- donation appeal page discussion
- GrapheneOS task review
- Mobile_Phone_Security wiki page content enhancements
- CSS hide footer items

2023-09-05
- Mediawiki Code Editor Warnings Research
- Server Cache Busting review
- Google Mobile Font review
- whonix homepage press section
- mw-collapsible-toggle screenreader aria research
- header hover over effect and link
- mw-collapsible bug report

2023-09-01
- add querystring to Headscript discussion + version + hsversion
- CSS extension cache busting discussion
- footer - TM vs R – Kicksecure and Whonix Headline + Symbol solution
- homepage - sequential heading levels
- Whonix HP new player hero image + play / pause player upgrade + SVG play symbol

2023-08-31
- header nav menu hover plus link analysis
- Header Hamburger Menu like super menu
  - Kicksecure + Whonix
  - Refactor Header code
- icon bullet list span upgrade + tests + documentation
- anti spam email upgrade + Template Contact icon bullet list upgrade
- Hompages "Learn More" labels
- TODO Discussion

2023-08-30
- toc line wrapping bugfix
- forums link indicator wrap bugfix
- whonix homepage video bugfix
- anti spam email hover feaure + icons + documentation + whonix port
- super menu closeable when clicking elsewhere + open when hover

2023-08-28
- Whonix HP VPN table bugfix
- Kicksecure Whonix Super Menu close via X
- Antispam Email Tooltip Whonix + Kicksecure + tests + documentation
- Template:GoogleOff span upgrade + tests + documentation
- Discussion Header Menus JS Hover

2023-08-25
- footer superfluous scroll bar fix
- Header menu Kicksecure Whonix
  - new open close technique
  - menu to full size
  - icon switch to x
- pagespeed fixes for Whonix and Kicksecure
- Whonix vs VPN table fix research
- tables word breaking mediawiki bugfix

2023-08-24
- Footer new version for Kicksecure and Whonix
  - Code review + refactor + testing
  - Documentation
  - Dark Mode Button Fix
  - Open Source Logos Upgrade

2023-08-23
- New Header Whonix and Kicksecure
  - Nav Menu
  - Multiwiki restructure
  - code review + refactor
  - testing + documentation
- FontAwesome research + upgrade
- Footer new version 20%

2023-08-22
- Whonix Forum banner color
- Sitenotice id new solution review + tests and documentation
- Discussion Todo
- Header new menu structure + design + multiwiki strategy

2023-08-18
- Mediawiki old vector skin
  - Responsive code review
  - 2x bug report upgrades
- ContentImage upgrade + tests + documentation
- Flagged Revisions Design Bugfix
- Mediawiki update review finalized
- Header new version 60%

2023-08-17
- Wiki update all broken fixes (image, thumbs, thumbgallery, community support, videolink)
- MediaWiki verison log research + diff file review

2023-08-16
- Community Support Template upgrade + tests + docu + pages
- New feature pre[data-code]
- Template nowrap bugfix
- StageServerIndicator + Headscript modification + documentation
- wikitest check after update

2023-08-15
- Expand Button different labels + tests + documentation + pages update
- mininav image icons + tests + documentation
- Content Review Debian install + verify signatures
- Content text improvement verifying software signature
- Community support template : upgrade (first iteration)

2023-08-14
- Tab Controller citation bug search + feature cite-ref + new wikitest + documentation
- Expand Button label discussion
- wiki syntax discussion
- header + footer discussion
- Whonix Kicksecure HP images review
- Whonix HP table pagespeed fix
- tab content controller multi line space reseved + mininav upgrade + tests + documentation

2023-08-11
- Forum links analysis + link upgrade
- DiscoverHiddenElements new feature
- tab content controller upgrade
- FlyinBanner testpage upgrade
- minimav image support analysis

2023-08-10
- Share Tooltip and headline edit better positioning and better (and more reliable) hover effect
- Mbox task review (closed)
- contentimage thumbnail upgrade + documentation
- GoogleOff for footer QR area
- too much white space after table bug fix
- tab controller
  - height bug fix
  - linkid use case upgrade
  - feature reviews

2023-08-09
- Discussion Todo
- Download Button new icons parameter + titles (for these icons) + tests (wikitest) + documentation
- Whonix Forum header footer restored
- Download page Source Code link for Kicksecure and Whonix
- Footer Header discussion and suggestions for Kicksecure and Whonix
- Whonix Forum nojs bug research + bugfix + bug report
- Share widget icon upgrade

2023-08-08
- Discussion Todo
- Re-Balanced headline visuals
- Whonix discourse forums revert to default
- page too long (width) bug fix (2 pages)
- Whonix super menu mobile fix
- Share Tooltip Button better click + new icon suggest
- Download Button custom image feature review
- CodeSelect spacing bug researc

Sprint 2022-07 to 2023-06

2023-06-23
- Wikitests written for all functional elements and CSS, cleanup done and reordered wikitext page
- Upgrade share toolkit
  - Now index.php pages are correctly translated to non-index.php share links.
  - And speed improvement: before the base url calculation was done again and again for each link, now just once
- Bugfix miniModal : hash did not work properly
- Bugfix hashController : slightly wrong if condition corrected
- Bugfix WikitableAutoWrapper : did not work for mobile because of small mistake. Now works
- Small CSS Bugfix for introlike template + documentation
- Made Pages.js multiwiki (because redundancy), introduce LocalPages.js, Introduced new wikitest JS on Pages.js
- Cleanup for build.json
- VideoLink template update : Indivious onion link fix and documentation for future fixes

2023-06-22
- Discussion Todo
- Video Homographs Revision + Title image
- Mediawiki Widget Bug Research
- CodeSelect small bugfix (due to FontAwesome upgrade
- Testcases

2023-06-21
- Checked and deleted non-multiwiki widgets Kicksecure and Whonix, that are not in use anymore and made the other widgets MultiWiki
- new Template:Headline + changed all widget to template + documentation
- Oldid bugfix Whonix
- Review widget bug

2023-06-20
- Updated and secured (against undeclared vars) of all Multiwiki Widgets: Checkbox Bug research, Widgets: CodeSelect + DonationPanel + DownloadButton + EagerImage + FlyInNoti + Footer + Header + Headline + HtmlComment + LeftRightImageText + SitenoticeBanner + Subdomain_link + VideoLink
  - Upgraded some widgets and corrected bugs for rare case scenarios, especially in DownloadButton, FlyInNotitication, SitenoticeBanner and Subdomain_link
  - New tests for all of the on Dev/wikitest

2023-06-16
- Video Homograph review + Preview image
- Multiwiki deploy + testing
- Intro Template ul upgrade
- Whonix-host intro + icon list + content images
- Features page review
- Bugfix Widget Headline
- Widget:Archive error handling upgrade + wikitests

2023-06-15
- YouTube video production: Homograph attacks

2023-06-14
- Unlighthouse research report
- Github.io version for Kicksecure and Whonix + GitHub Pages config
- Extension:Cookiewarning feature request

2023-06-13
- Share Widget Upgrade : Hover Connector
- Text Extracts Research + Feature request written
- Extension:CookieWarning GoogleOff analysis
- JS Stream Download Hash research
- Web vitals extension research

2023-06-09
- Bugfix Tab Controller TOC interaction + documentation
- MiniModal upgrade to Hash Controller + documentation
- /Linux nojs white space fix
- Edit section research + suggestion + Mediawiki Bug report
- Upgrade headline widget integration into Tab controller for Headlines invisible to TOC + documentation
- UPgrade Hash Controller special chars + documentation

2023-06-08
- Reserach TOC Tab Feature
- Todo Discussion
- Created new feature Hash controller, documentation see Dev/mediawiki#Hash_Controller
- Tab Controller Feature : react to TOC
- Tab Controller Feature : write to Hash

2023-06-07
- Tab Controller
  - Content Cleanup
  - Content Shift Re-Correction (navigation)
  - Upgrade of the Image syntax
  - Page adjustments with new image syntax
  - wikitest examples created
  - Documentation updated
  - Syntax upgrade on Whonix
- Discussion ToDo
- Phabricator ticket analysis

2023-06-06
- New Widget:EagerImage
- Tab Controller
  - Complete upgrade of syntax, in all files Template:Tab, JS file and CSS file
    - All features were ported and new features added
  - ID feature implemented. All tabs are now links
    - works for nojs users as jump point
    - for js users opens the tab and all parent tabs and scroll to position
  - Replaced all old syntaxes on Kicksecure with new syntax: old Template-syntax and <div class="tab-content-controller"></div>

2023-06-02
- Tab Controller
  - Image Content Shift Discussion
  - Image Preload via Javascript
  - General discussion
  - Code Refactoring
  - Reimagining + Documentation

2023-06-01
- new widget Widget:Headline + documentation
- TabContentController
  - nojs upgrade
    - searchAndReplace all occurrences of Template:Tab on Kicksecure and Whonix
    - documentation
    - New wiktests
  - id upgrade for nojs + documentation

2023-05-31
- Phabricator review updates
- Font-Awesome FA6 CodeSelect Adaptation
- Discussion Tab Controller Content Shift
- Chromium Scroll shift bug discussion
- Outreach text written
- webpagetest review, research and tests
- Discussion Todo

2023-05-30
- Blockquote overlap bugfix
- TOC weird look Firefox bugfix
- Quotation in table bugfix → in reality: table auto wrapper padding bugfix
- Phabricator research and answer
- Sitenotice active parameter upgrade + documentation
- Banner styling in general and banner001
- Micro Content Shift Chromium Bug research
- font awesome direct style for header super menu

2023-05-24
- Content Shift Fix Virtualbox + Donate
- PayViaPaypal content shift prevention + Nojs Improvement
- Chrome reload shift bug report
- Font Awesome upgrade
- Banners documentation upgrade

2023-05-23
- Blockquote normal style + special style + documentation
- Content shift prevention
  - CodeSelect image content button
  - CodeSelect target feature styling + helper div styling + prism styling
  - ShareTooltip
  - Auto table wrapper
  - Small fixes for special pages

2023-05-22
- Mediawiki template parser bug answer refinement

2023-05-20
- Quotation new Cases + Tests
- MediaWiki list parser bug research + documentation
- new template ContentImage + documentation
- Header design fix for over-wide pages
- Content shift design fixes for mw-collapsible and tabContentController

2023-05-19
- Discussion Todo
- Content Shift research + CodeSelect content shift prevention
- Blockquote improvements
- Quotation Template + documentation
- Developer documentation about html templates, specifically Mediawiki parser bug avoidance
- MediaWiki bug report about html templates inside lists
- Contributor Template bugfix + wikitable-auto-wrapper upgrade

2023-05-13
- Blockquote margin improvement
- JSHint analysis + improvements + documentation + other tools
- new blockquote design

2023-05-12
- Discussion Todo and usage of the noinclude tag
- Table overlength vertical content shift prevention
- Share Modal vertical content shift prevention
- check integrity of user downloaded files research

2023-05-10
- TOC mobile overwidth CSS fix
- Excluded header and footer from search engines
- new feature ThumbGallery + documentation
- Scroll table research + discussion + desktop version modification

2023-05-09
- Todo Discussion
- Bug reports review + improvement
- table over-width research + new feat wikitableAutoWrapper + documentation + replace scroll-table Kicksecure + Whonix

2023-05-06
- Form element labels pagespeed bug report preparation
- Open Graph Research
- FlyinNotification updated and moved to footer
- GoogleOff upgrade
- Mediawiki image link "selflink" bug report preparation
- Collapsible elements research
- async defer research and tests
- critical css reseach tests

2023-05-05
- Download Choice on homepage improvements
- Mediawiki bugs reviews and reports written
- Todo Discussion
- Browser ddos vulnerabilities report written
- mininav image link problem research / analysis
- Header super menu mobile position bugfix

2023-05-02
- "Layout was forced ..." error message research

2023-04-29
- Outreach texts written + planning + scheduling
- Homepage Download improvements + mobile
- Template Virtualbox improved

2023-04-28
- Code link css
- Cookie samesite research + implementation
- thumb lazy load bugfix
- Mobile hidden scrollbar research + fix
- Discussion Todo

2023-04-26
- Bug analysis $.cookie
- bug fixing page Linux
- Tab controller replace old syntax with new template
- “Show only once” template research
- thumbnail content shift research
- blockquote css
- Google Off template and documentation Dev/mediawiki#GoogleOff_Template
- HtmlComment widget and documentation Dev/mediawiki#HtmlComment_Widget
- FlyinNotificationTestpage and documentation Dev/mediawiki#FlyInNotification_Module

2023-04-25
- Tab Controller Template + Replace + documentation
- Funding strategy discussion
- Small mobile design tasks
- Cookie discussion + move to JS cookie multiwiki + documentation
- Video Script rewrite

2023-04-22
- Homograph attack video script rewrite
- $.cookie to mw.cookie research and replace toclevelswitcher + flyinnotification + sitenotice + debugviaurlmodal
- tab-content-controller new feature linked controllers + documentation updated

2023-04-21
- Discussion Todo
- Video short screenshots final production
  - Thumbnail design
  - Tweet preparation
  - Research Youtube shorts thumbnail rules

2023-04-19
- Windows Installer Dev Coop
- YT shorts rules research
- Video screenshots rewrite 30% less text (to fit shorts criteria)
- Video Homograph rewrite
- Video short about Screenshots production

2023-04-18
- Whonix Windows Installer Design analysis + suggestions + Call
- Mediawiki Testers Version If-Clause
- Multiwiki-Deploy + Testing
- code-box fixes
- thumbnail fixes mobile
- /wiki/Download upgrade + homepage

2023-04-14
- Mw-collapsible patch review
- tab content controller white border style + dark class + new function data-tcc-url + documentation
- Discussion Todo
- Linux on Kick + multiwiki
- mininav upgrade mn-dark + documentation
- icon bullet list comma bugfix

2023-04-12
- Template Upstream Wiki upgrade
- improved template Archive Link
- Self Support First Policy Page + Template
- Upgrade Mbox template
- New template: introlike

2023-04-11
- FlyInNotification mobile links + dark mode close
- Thumb bugfixes
- VideoLink Widget upgrade
- Virtualbox Templates + Redirect + ReplaceLinks
- flatpak-install page fix

2023-04-06
- Marketing strategy suggestions
- flyinnotification bug review + little design improvement + headline link
- Video link template
- Virtualbox CLI and Xfce unification
- Flatpak install unification

2023-04-05
- Self Support First Policy suggestions
- Donation strategy analysis

2023-04-04
- Discussion ToDo
- Video short url impersonation punycode script
- Video short mistrust screenshots script
- flyinbanner link + documentation
- thumb improvements
- Pull request helper-scripts
- Suggestions for "Free Tools marketing strategy"

2023-04-01
- Todo updated
- grep-find-unicode-wrapper new version as scan-text-file
- Unicode dangerous characters research
- Video hidden attacks revisions + video description

2023-03-31
- FlyInNotification mobile small version
- Bug report answer Collapsible Elements
- Video Hidden Text Attacks production + title image
- Thumbs double border improvements

2023-03-29
- Video Hidden Text Attacks production

2023-03-28
- Whonix wiki/Linux content fix
- Pagespeed improvements
  - Headline research
  - Research “Links are not crawlable”
  - Total blocking time research and testing

2023-03-25
- Donate pages improvements text image design
- Content fix Whonix Linux installer page
- Discussion ToDo
- PayviaPaypal change amount on interval change
- "Time to Interactive" performance research
- Software pitch

2023-03-24
- PayViaPaypal upgrades usability, simple design
- FlyinNotification upgrades functionality, design, smallery file size
- Strategy discussion

2023-03-22
- mwcombine source maps + uglify syntax + documentation
- Discussion ToDo
- PayViaPaypal redesign (guardian) + cleanup

2023-03-21
- Video Kicksecure 001 script
- Cookie warning bug analysis
- Pagespeed optimizations
- mwcombine error output + add source map for custom js

2023-03-15
- Discussion Todo
- Image optimization SVG and hero + analysis
- Improved Whonix Linux installer page
- Repo web interface research

2023-03-14
- Instantpage documentation
- purge extension and fork analysis
- Donors page thumbnail
- multipart email thunderbird research
- Discussion instantpage and multipart email

2023-03-11
- Discussion Todo
- mw-combine upgrade feature justcopy + refactoring + documentation
- DonorCard.css upgrade + DonorTestpage link threshold correction (only s and higher examples)
- Integration and testing instantpage.js
- Headscript refactoring
- Thumbs design fix for gallery thumbs

2023-03-10
- Design fixed KS Trust page + Whonix HP
- Discussion ToDo
- BackToTopButton mobile fadeout
- Responsive Thumbnails + docu
- Source map research

2023-03-08
- Discussion Todo, DonorCard etc
- Donor cards feature + design upgrade + documentation update
- Donors and Testpage Donors texts
- Template intro thumbnail fixes + notpageimage research
- Content attribution, Design improvements
- Extension:Popup reference preview research and suggestions

2023-03-07
- Bugfix PayViaPayPal + upgrade design
- Research image thumb generation mediawiki
- Template:intro CSS Firefox fix + upgrade hidden thumbnail thumb parameter + documentation Dev/mediawiki#Intro_paragraph
- Donors Wiki page related tasks

2023-03-04
- Discussion ToDo
- new Template:DonorCard design + 5 levels and anon + Link feature and link indicator + documentation Dev/mediawiki#DonorCard
- new Testpage_Donors
- new Donors page
- Template:Intro visual improvements

2023-03-03
- Bugfix Kicksecure homepage overview-image
- Bugfix newline bug in HeaderMultiWiki
- Sitenotice close button upgrade optically and functionally
- Check image quality
- PagePreview / TextExtracts bugfix on some pages
- Template:intro upgrade + documentation
- Fontawesome preloading
- Donor Page card design

2023-03-01
- Banner bigger close + cookie bugfix
- Discussion CSS optimization and CSS extension
- Banner rewrite with new method and documentation
- Multiwiki deploy and testing

2023-02-28
- Image optimization + metatag Research + new helper program
- Codeselect upgrade optional img lazy load + docu
- extension:pagePreviews broken fixes
- intro template and css upgrade

2023-02-27
- Discussion ToDo
- ShareTooltip regexp-bugfix + new mediawiki share logo
- Textextracts extension research
- Footer fixing
- Reduce warnings of w3c validator
- Banner slim variants
- short debugging discussion mw-combine error

2023-02-22
- Bugfix for mobile back button broken
- Bugfix fors Anchors missing
- Discussion Todo
- Fixed Kicksecure Badge svg file
- Banner dev wanted for Kicksecure was created
- New banners were uploaded and installed

2023-02-15
- Creation of 5 banners
- Discussion donor recognition

2023-02-14
- MiniModal upgrade all modals close on back button + documentation
- MwCombineWrapper refactoring
- Whonix Kicksecure HP minor fixes
- optimized SVG versions for some logo images
- coming soon sign

2023-02-13
- Discussion ToDo
- PageHomepage
  - Modals share anchors introduced
  - Text can now again be marked and individually copied
  - Highlighting of selected card via url hash + extending hidden areas if needed + open modal if available + back button can be used to return from modal
  - CSS reduction + Firefox fixes
  - MiniModal upgrades + documentation Dev/mediawiki#Mini_Modal

2023-02-06
- Discussion ToDo
- CodeSelect highlight language extension variable externalization
- Minify JS-HTML suggestion
- mw-combine sanity test and conditional folder creation for src-copy + documentation
- forums year end banner repair
- Page editing via header super menu oldid fix
- Removed nojs.css mentions and updated documentation
- fonts.css relevance checked and deleted on all wikis
- multi-wiki-deploy, tests and small bugfixes

2023-02-04
- CodeSelect Highlight upgrades: less code, better usage, bugfix + documentation
- Optimization mw-combine: better naming, spacing, formatting, usage

2023-02-03
- Discussion Todo highlight / prism, discussion strategy
- Replaced highlight-js with prism-js for CodeSelect + new tests on Testpage + feature target highlight + prevent highlight for CodeSelect icon form for speed optimization
- Nojs.css deleted and purged from build.json + styles moved to other style files (closer to nojs styles
- mw-combine improved: folder sanity check, array check for build.json categories

2023-02-02
- Discussion Todo
- Research highlight js libs, removed Highligh extension, installation of highlight.js
- CodeSelect integration of deferred highlight.js + new Feature "lang" to control highlight language or set to auto / none
- CodeSelect examples were created Testpage1
- CodeSelect documentation was updated Dev/mediawiki#CodeSelect

2023-01-31
- Code review for link-to-archive
- CodeSelect review research + rewrites + new feature "target" + nojs adjustments + template lang research + documentation

2023-01-30
- discuss codeselect / JavaScript security
- TOCLevelSwitcher upgrade no content shift + documentation
- Sitenotice new functionality was added (data-banner-expires)
- Sitenotice end of year now uses the normal functionality
- Sitenotice thorough documentation Dev/mediawiki#SiteNotice_End_Of_Year_Banner and Dev/mediawiki#SiteNotice_Info_and_Donation_Banners

2023-01-27
- push to the mediawiki-extensions-CookieToBodyClass git repository
- headscript fail open investigation, research, testing
- New Feature SiteNotice replacement for DismissableSitenotice + documentation Dev/mediawiki#SiteNotice_Donation_Banner

2023-01-26
- Tor Browser noscript optical bug fix + documentation
- Hide banners cleanup
- New Mediawiki Extension CookieToBodyClass + documentation
2023-01-25
- Header Donate designfix
- Login image bug and localWiki option concept
- Reproduce attempt for wide resolution bug
- Simplify hide_all_banners + documentation
- Discussion ToDo
- Whonix outreach communication
- Kicksecure vector text convert to path
- About / FAQ mininav unification
- Mediawiki extension research

2023-01-24
- Todo discussion
- Footer QR Modal empty img to JS + Testing
- Header Refinement images + multiwiki deploy
- Homepages shaking hands bugfix
- main mw-combine js defer
- fontawesome experiments and research

2023-01-23
- Kicksecure and Whonix homepage and footer image optimization including link rewrites to thumbs, lazy loading async decoding and re-uploads of images which are too small. Also documentation: Dev/website#Images.2C_Files_and_usage_of_thumb and some style upgrades
- Kicksecure Header mobile bugfix
- Mobile bars logo for Kicksecure and Whonix headers. Also 4 main images in header given width and height

2023-01-21
- Installation wiki on local Kicksecure VM
- Documentation
- Mediawiki thumb research

2023-01-20
- Another test and testing with google pagespeed and gtmetrix + documentation
- Documentation about deferrable js scripts
- new feature: pageRefToLinks + documentation,
- Whonix and Kicksecure HP replace background images with images (for good page metrics)
- multiwiki-deploy and review

2023-01-19
- Principle research on mediawiki extensions and review of DismissableSitenotice extension
- Installation local wiki vm und and ssh keygen
- Scrollindicator desktop fix + documentation
- loading eager lazy research with admnin
- Created multiple test cases for loading with google pagespeed under /test

2022-12-28
- end-of-year donation banner fix
- broken PayPal donate button investigation

2022-12-22
- srcset discussion
- Whonix homepage replace all background images with foreground + give alt attributes
- Kicksecure homepage last images from background to foreground
- srcset sizes research
- full local file CSS JS documentation

2022-12-21
- Deactivation and replacement of Bootstrap on Kicksecure and Whonix
- upgrade MiniModal (retain dom events in content, esp. for CodeSelect)
- Sitenotice exclude from search
- Duplicate footer fixed
- Kicksecure homepage head area + no background images + alt attributes

2022-12-20
- Discussion page speed
- Search engine bots no index for functional components
- Kicksecure homepage: logo as svg + overview image preload blur
- Whonix homepage slogan and call to action + overview image preview blur
- mediawiki common.js event alternative

2022-12-19
- Research Blurhash srcset
- Mediawiki new version CSS and JS fixes: Search + Editor Fullscreen + all pages, nocache cookie, reduced dependencies
- SVGs for Kicksecure logos
- Research hiding repetetive text parts from search bots
- DebugViaUrlModal upgrades

2022-12-09
- Outreach thank you mail HTML and mail body + send security discussion

2022-12-08
- Discussion thank you message
- Research Multipart-Mime Emails Research + Discussion + Technology outline
- Outreach thank you mail template

2022-12-07
- Whonix Exposé 100%
- Outreach communication
- ShareTooltip Markdown bugfix
- Thank you message research

2022-12-06
- Video via nginx discussion
- research combine CSS/JS or not
- CSS column bugfix
- Real World attacks page
- Whonix Exposé 60%

2022-12-05
- Prevent Enhance Headlines feature + Template + documentation
- HTML5 video on demand HLS DASH etc discussion
- Preloading fonts in Headscript
- HTML5 video play (speed) bug fix
- Templates tcc bug examination
- Page_homepage.css loading discussion

2022-12-02
- Whonix Youtube channel go live
- strategy discussion
- Footer Youtube and Invidious buttons
- Whonix Homepage Play button

2022-12-01
- Whonix outreach communication
- Whonix 003 Video final render

2022-11-30
- Whonix 003 Video review + improvements + title image
- Whonix outreach communication
- deep exif and ffprobe checks for all videos
- Kicksecure welcome page all resolutions
- HTML5-Video research
- Strategy discussion
- created Bitchute channel

2022-11-29
- Whonix 003 Video Cut 100%

2022-11-28
- Tab Controller new Feature nested tabs
- Outreach artist reviews and communication
- Elementary IO compare HP search for our own communication improvements
- Outreach strategy discussion
- Page speed analysis and improvement suggestions
- Outreach video pre-production

2022-11-25
- Odysee and Rumble accounts created
- Footer improvement discussion
- ShareTooltip alt attr improvements
- outreach video script upgrade and discussion
- Whonix outreach communication
- Replace vm and host live mode links
- Analysed Whonix Host page

2022-11-24
- Bugfix EOY donation banner contentforSlideserror + refactoring + deploy to Kicksecure and Whonix
- Whonix outreach communication
- Bugfix: Kicksecure Welcome page long screen bug + Whonix checkup for bug (no problems) + newest version EOY donation banner + close button bugfix
- Whonix Forum Post count CSS fix
- Kicksecure + Whonix Donate pages now MultiWiki
- Share Tooltip Selector Bugfix

2022-11-23
- Whonix outreach communication
- Forums End of year banner + onion compatible + tor testing
- HTML/CSS validate errors fixed (there was a W3C error)
- Whonix Forum Search bar Support Link via JS
- Sitenotice Speedup Kicksecure + Whonix + performance test + documentation
- Dispora link for Whonix footer
- Whonix Live Mode page 50%

2022-11-22
- Forums CORS Research together with admin
- mw-combine now copies the src files to "src-copy" folder too for different use cases
- Whonix forum: mixed content error research
- archive link selector bugfix
- Forum end of year banner 50%
- wiki end of year banner performance testing
- Whonix welcome page static HTML end of year banner
- Wiki End of year banner Page speed-up research

2022-11-18
- Local Browser HP
  - Play button bugfix
  - Payment-links fix
  - Tor Research solution attempts
  - Fix cookie by using localstorage
  - jquery depedency from debian package
  - Documentation

2022-11-17
- Mediaviewer CSS fix
- Preparation Whonix Live page

2022-11-16
- EndOfYear for local welcome pages 100%
  - deploy to Whonix and Kicksecure
  - Date limit, not shown after 2022-12-31
  - Move whonix local welcome page endofyear library source to kicksecure local welcome page
  - Dismiss close animation
  - documentation Dev/mediawiki#SiteNotice_End_Of_Year_Banner
- Whonix outreach communication

2022-11-15
- Whonix outreach communication
- EndOfYear finalization, smooth fadeIn, customizable title, nojs, deployed to Wikis
- Changed Whonix forums search text
- Changed Whonix and Kicksecure navigation
- EndOfYear for Kicksecure local HP 30%

2022-11-14
- Whonix Forum Archive symbol fix
- EndOfYear crypto-adresses, donate-button-mobile, cookie for dismissing, make it param-generic, content shift prevention, tests and preparation to deploy to forums

2022-11-12
- Grub-live and USB_installation pages improvements
- EndOfYear Banner 95%
- PayViaPaypal as jQueryExtention
- Whonix forums topics mobile design bugfix
- Donate page panel mobile + learn more

2022-11-11
- Whonix outreach + donations discussion
- EndOfYear Banner 30%

2022-11-10
- Kicksecure Live_Mode page creation 100% done
- fontsize CSS helper classes + documentation
- Grub-live page revision 100% done
- Template:live navigation update and redirects from former VM_Live_Mode and Host_Live_Mode pages
- Kicksecure USB_Installation page review 100%

2022-11-09
- Discussion LiveMode and Marketing
- Kicksecure new Live Mode page 30%

2022-11-08
- Whonix outreach communication
- Possible shop research and discussion
- Kicksecure GUI images
- Discourse No Jump + Mobile fixes + documentation
- Live Mode content review

2022-11-07
- Encrypted Support v1.1 deploy attemps
- Kicksecure Logo Telegram fix
- Discourse forums documentation
- Discourse forums footer + research

2022-11-04
- Encrypted support v1.1 - 100%
- https://www.whonix.org/wiki/DoNot - complete content review and many user friendly rewrites

2022-11-03
- Kicksecure Forum new images + new categoris
- Kicksecure and Whonix forums legal banner
- Kicksecure and Whonix forums Nojs research and solution
- Encrypted support v1.1 - 20%

2022-11-02
- Virtualbox transfer to Whonix
- Forum improvements for Kicksecure and Whonix
- new Whonix forum category images
- Kicksecure logo re-imagining suggestions

2022-11-01
- Hidden text danger demonstration Nojs fix
- VirtualBox page improvements
- Content discussions and improvements
- VirtualBox page improvements
- General print version improvements of Whonix and Kicksecure
- mw-combine improvements
- Newsletter research
- Whonix outreach voice actor research

2022-10-31
- Whonix FAQ improvements, analysis of texts and rewrites

2022-10-28
- Integration of Whonix new tor explainer images
- Kicksecure Livemode promo image + HP integration
- Whonix About page improvements
- LeftRightImage Feature promo style
- LeftRightImage Feature imagelink + documentation
- mw-multi-wiki deploy
- Content and examples for Shell

2022-10-27
- Kicksecure internal welcome page image attribution
- skin pref admin documentation
- hide-all-banners noscript research
- CodeSelect insert-html-mode feature, see Dev/mediawiki#CodeSelect
- Whonix new tor explainer images

2022-10-26
- Kicksecure internal welcome page + CC search
- set-up of git repositories (especially new dark mode fork)

2022-10-25
- Dark Mode Firefox and Tor Browser research and suggestions
- Virtualbox and Whonix testing on Ubuntu
- Stage Server discussion
- Git deploy call
- Dark Mode Extension Fork + documentation Dev/mediawiki#Extension_Dark_Mode_.28Fork.29

2022-10-24
- Multiwiki/LocalWiki refactoring + documentation
- EditorMultiwikiNotice new + onion feature + documentation see Dev/mediawiki#EditorMultiwikiNotice
- Whonix wiki old mw-combine quickfix, later revert to stable
- Whonix outreach campaign communication

2022-10-23
- Sitenotice mobile scaling bugfix
- Multiwiki/LocalWiki refactoring + documentation

2022-10-22
- Mw-combine php notice fix
- new feature TabContentController js, css, nojs, content shift prevention and documentation Dev/mediawiki#Tab_Content_Controller
- Refactoring of Template:VirtualBox_Host_Software_Installation with TabContentController

2022-10-21
- ShareToolTip markdown/phpbb anchor upgrades bugfixes testing documentation
- Custom footer research + overlay fix
- Footer Randomnews replacement
- Dark mode button for custom footer
- CSS fixes for editorautobackup
- Multiwiki deploy of new features to Whonix and testing

2022-10-20
- ShareToolTip upgrade + Clipboard options
- Dark Mode bugfix research + fix
- Footer overlays important review tools research and solution suggestions
- Whonix outreach campaign communication

2022-10-19
- Whonix outreach campaign communication
- prevent Sitenotice Content Shift banner and documentation, see Dev/mediawiki#SiteNotice_Donation_Banner
- CodeSelect Image Button Version and documentation, see Dev/mediawiki#CodeSelect
- Multiwiki deploy of new features to Whonix and testing

2022-10-15
- Research on how to prevent content jumps for Sitenotice. New documentation in Dev/mediawiki#SiteNotice_Donation_Banner under "Sitenotice display cycle"
- Pageload timing method and pageload url param in MwCombineJsWrapper.js
- Performance testing documentation: Dev/mediawiki#Performance_Testing
- Whonix outreach campaign communication

2022-10-14
- Kicksecure + Whonix 2 new HP features
- SiteNotice Layout Shift research and suggestion
- Performance Tests Page PerformanceTests created
- 2 JS Performance fns created in JsPerformanceTests.js

2022-10-13
- Kicksecure homepage updated like Whonix HP (structure, css, fns, content)
- added Kicksecure HP Features
- changed Kicksecure HP cumulative changed metric from 0.24 → 0.02 by predictable image sizes
- seo images research

2022-10-12
- ShareTooltip new Sharing Options
- Whonix HP content shift reduction and speed optimizations
- Kicksecure HP Features + Upgrade 50%

2022-10-11
- new Debug via URL Modal, see Dev/mediawiki#Debug-via-url-modal + documentation
- porting to Whonix
- mw-combine finalization and dontload options
- new MwCombineJsWrapper.js for mw-combine. For user transparency
- Updated Javascript documentation Dev/mediawiki#Javascript_specific

2022-10-10
- Review outreach storyboard and corrections
- new landing page feature cards
- mw-combine more dontload options
- landing page pagespeed optimizations

2022-10-09
- Meeting pagespeed analysis and optimization + documentation

2022-10-08
- Headline Bug (hidden behind padding)
- gtmetrix / pagespeed analysis – performance test strategy
- new image for everything Tor

2022-10-07
- ShareTooltip upgrade as jQuery Extension
- CodeSelect upgrade as jQuery Extension
- Creation EnhanceHeadlines
- Deployment to Kicksecure and Whonix
- Testing
- Documentation
- Homepage new features cards and images

2022-10-01
- realization contractor communication, negotiation and clarification

2022-09-30
- Script 003 outreach improvements and realization contractor research and communication

2022-09-29
- Script 003 outreach preproduction: storyboard (incl. texts, images, restructuring)

2022-09-28
- Shortened rewrite Script 003 outreach
- discussion privacy first mobile operating systems
- small bugfix leftRightImage

2022-09-23
- Script 003 outreach
- Whonix installation and virtualbox testing
- documentation

2022-09-22
- ShareTooltip further upgrades and finalization
- user group promo texts and images collage

2022-09-21
- outreach artwork finalization
- ShareTooltip, bugfix, documentation and deployment

2022-09-20
- ShareTooltip upgrades and revisions
- outreach artwork reviews

2022-09-19
- Introduction of ShareTooltip component
- work on social media strategy

2022-09-16
- User Groups concept images
- coordination with artist
- Homepage new image Linux account separation research
- Homepage tooltip upgrade
- Homepage link symbol repositioning

2022-09-15
- review and improvement Main_Page
- new Template:LeftRightImageText + documentation
- upgrade Widget:Download_Button (scalable by fontsize) + documenation
- review of About, Features, FAQ and more

2022-09-13
- Homepage clickable boxes logos
- Homepage apps Section alignment
- improved intro paragraph

2022-09-12
- Download page optimization
- video content script and review
- new feature Left-Right Image Text

2022-09-09
- video content script
- video content banner

2022-09-08
- video content logo, setup, texts

2022-09-07
- bugfix Modal Search
- bugfix EditorSave
- video content production

2022-09-06
- new promo images
- MiniModal vertical cut fix
- video content production

2022-09-02
- Homepage fixes
- new promo images

2022-09-01
- Homepage content review
- new promo images
- improved modals
- mobile fix for section press

2022-08-31
- Upgraded Dev/mediawiki#Mini_Modal
- Upgraded Dev/mediawiki#Editor_SaveAndContinue
- created new Element Col Container see Dev/mediawiki#Col_Container
- Improved Whonix Homepage

2022-08-30
- Improved Whonix Homepage
- Improved images
- Improved Whonix Main_Page

2022-08-29
- new tool Icon-Bullet-List widget, CSS and documentation
- new CSS feature Color Schemes + documentation
- new feature vspacer
- improved Download Button onion link
- Fixed hidden banner issue

2022-08-25
- Whonix content production

2022-08-24
- Whonix content production
- table icon improvements: Whonix comparison with VPNs

2022-08-23
- New tool: info-tooltip
- added new nojs-classes
- new Pages.js
- table improvements: Whonix comparison with VPNs

2022-08-22
- Whonix webpage improvement, table Whonix comparison with VPNs

2022-08-20
- Whonix content production

2022-08-18
- Whonix content production

2022-08-17
- Content Review
- improved https://www.whonix.org/wiki/Contribute
- Mininav upgrade for external links
- reverted Download-Button back to widget
- converted Responsive Thumbnail into template
- created intro paragraph design class

2022-08-16
- Content Review

2022-08-15
- CSS and JS validation and review with linters
- reviewed and changed mobile.js
- improved hide-enlarge

2022-08-05
- Improvement on Whonix Homepage

2022-08-04
- Javascript Dom Timing bug research
- Mediawiki Newline Bug research and report

2022-08-03
- Improved mw-combine allow comments in build.js and docu
- changed from Widget to Template Download-button
- Kicksecure HP mobile fixes
- TOC level switcher upgrade
- MediaWiki newline bug research
- small Headscript content upgrades

2022-08-02
- Fix Sitenotice only visible on pages with localSkin
- small Homepage fix
- Thumbnails fix
- Deploy Fixing
- CSS Refactoring
- Headscript content upgraded

2022-08-01
- HeadScript Upgrade nojs.css
- headscript-upgrade nojs.css
- Template Header minified
- CSS Extension review
- Kicksecure Footer fix
- Documentation of new include concept

2022-07-30
- HeadScript Upgrade mw-autogen
- mw-combine.php
- headscript-content.php
- refactored existing JS files

2022-07-29
- Javascript research and development of new include concept with autogenerated JS and CSS

2022-07-28
- Dev/mediawiki#Wiki_Js_Loader - wikiJsLoader 100%, debug feature and documentation
- New design and level dependence feature for Dev/mediawiki#TOC_Level_Switcher
- Dev/mediawiki#Archive_link nofollow feature for onion links
- Dev/mediawiki#SearchModal was created to outsource the SearchModal from the Header
- Dev/mediawiki#Mini_Modal was upgraded with throwing new events

2022-07-27
- Dev/mediawiki#Wiki_Js_Loader - wikiJsLoader 95% and documentation

2022-07-26
- Fix Template:Box and Template:Mbox if-clauses
- Checked Whonix wiki exports all present in Kicksecure wiki
- Created Ahmia logo https://www.whonix.org/wiki/File:Search-ahmia.png

2022-07-25
- MultiWiki refactoring
- info-box improvement thumbs

2022-07-22
- Fix Vector 22 search mobile
- MultiWiki Restructure plan and Doc
- MiniModal Navi Fix
- EditorAutoBackup V2 plan

2022-07-21
- Docu Flagged Revisions
- Research, analysis, docu for skins
- Fix search for Vector 2022 skin
- Fix burger menu for Vector 2022 skin

2021-07-20
- Fix EditorAutoBackup all buttons working
- Fix and document Revision Bottom bar, see Dev/mediawiki#MediaWiki_limitations

2022-07-18
- restructuring of Dev/mediawiki finalization
- new module MiniModal
- new module EditorAutoBackup

2022-07-16
- Research regarding wgCanonicalNamespace
- restructuring of Dev/mediawiki

2022-07-15
- Whonix BIMI Logo SVG fix
- FlyInNotification converted to MultiWiki
- General MultiWiki conversion

2022-07-14
- Created badge and seal "Hardened by Kicksecure" Dev/Logo#Badge and Dev/Logo#Seal
- Fixed Signing_Key on Mobile
- Whonix BIMI Logo SVG created
- Finalized homepage
- Long lines fix https://www.whonix.org/wiki/Onionizing_Repositories#Footnotes
- Fixed Snowden Images https://github.com/EgoBits1/Whonix-Website/issues/2

2022-07-13
- Continued and finished work on homepage.

2022-07-12
- og:image on all pages
- image for chroot
- fixed Kicksecure Text Logo
- improved Download, Donate
- Kicksecure BIMI Logo SVG created
- improved Header and Header Menu
- created homepage and style first and second section

2022-07-11
- use-2-column class + documentation + already applied to https://www.kicksecure.com/w/index.php?title=Mobile_Phone_Security&stable=0#Espionage_Data_Harvesting
- Repaired "based on Kicksecure" image to fit frame on https://www.whonix.org/wiki/Homepage
- Design fix: Whonix News in Footer
- Design upgrade: TM and C symbols as images in Whonix Footer, R symbol prepaired in code to replace TM in the future
- Whonix Facebook Profile: Upgrade to 400x400px
- Updated Template:Supported Platforms Icons with new images
- New OG:images for Facebook, Twitter, Reddit, Github. New OG:images for Download sub pages
- Deployed images on Download subpages

Sprint 2021-12 to 2022-03

2022-03-23
- Tried to separate data of FlyInNotification.js into separate JSON file. Failed because of insufficient Mediawiki Javascript content and data access API

2022-03-19
- Kicksecure new logo finalization
- data export to Kicksecure

2022-03-18
- Kicksecure logo new design

2022-03-17
- Welcome page finalization
- new improved version of Whonix concept image

2022-03-16
- Redesign Welcome page part 1
- FlyInNotification improvements
- Upgrade of Template:Box

2022-03-15
- FlyInNotification finalization
- predictable column break classes für 3-column areas

2022-03-10
- creation of module FlyInNotification

2022-03-09
- Redesign of Homepage amendments

2022-03-07
- Redesign of Homepage finalization and made responsive

2022-03-05
- Redesign of Homepage part 2

2022-03-04
- Redesign of Homepage part 1

2022-03-03
- DownloadButton now responsive
- NoJS version of ExpandAll
- Mobile scrollbars

2022-03-01
- Make page responsive VirtualBox
- improved manually place anchors Template:Anchor
- fixed: header overlaps direct links
- Expand/Collapse All button beautified, improved functionality and Javascript rewritten
- beautified: Documentation, Advanced Documentation and Design
- introduced: class "use-3-columns" and subclass "keep-together" Dev/mediawiki#class_use-3-columns

2022-02-28
- improved Template:Box and Template:Mbox, see Dev/mediawiki#Box_and_MBox
- improved Template:DownloadTableUnified
- improved VirtualBox

2022-02-26
- improved Donate/Affiliate_Link
- introduced thumbs without enlarge Button
- improved Expand/Collapse button

2022-02-25
- JavaScript vs no-JavaScript div tags
- improved Donate/PayPal
- improved design details of payment pages

2022-02-24
- images (.thumb, .thumbinner) made responsive, examples see Warning
- Donation panel, mininav, EUR page improvements
- Download_Button redirect feature

2022-02-23
- Improved donation panel: Payment links, design
- Improved our Extension:CSS fork, alternative inclusion method for local CSS
- further new Vector skin fixes: min-width

2022-02-22
- new Vector skin activated, resulting problems fixed
- 10 year banner: close improved, scaling for mobile

2022-02-21
- 10 year banner created
- SiteNotice improvements and fixes
- Php Notice Undefined Index fixes

2022-02-12
- realization PayPal module, see Dev/mediawiki#PayViaPaypal_module

2022-02-11
- donation panel Nojs solution
- donation panel realization and images for other payments

2022-02-10
- improved FullScreenEditor for CodeMirror
- improved donation panel

2022-02-09
- new NoJS classes available: Dev/mediawiki#NoJS-Only_classes

2022-02-08
- donation panel crypto section finished
- donation panel paypal section design finished

2022-02-07
- development start of donation panel
- creation of original QR logo

2022-02-05
- improved Header overlap: no found occurrences anymore. Plus documentation: Dev/mediawiki#Fixed_Header_Overlap_for_anchors
- improved Mininav style when item stack and for smaller displays
- research and documentation about DismissableSitenotice
- research and documentation about GDPR CookieWarning

2022-02-04
- SiteNotices beautified, enhanced via JS and documented
- Footnotes Newline in the normal html way again, <br> for newline
- BackToTopButton documentation
- Mediawiki notifications (e. g. "Your edit was saved") beautified for whonix theme and placed visibly below header

2022-02-03
- SaveAndContinue-Button: Modal improvement
- Back to Top Button introduced
- Rejected: Scrollable Table Bugfix - this is a result of the table being hidden in an invisible element, so not a bug. If the table is hidden is has no dimension and so it cannot "know" if its content is oversize
- Footnotes always respect newlines setting and discussion (later reverted)
- Widget:Download_Button: responsive for small displays (under 450px)

2022-02-02
- mini navigation (buttons on top of some pages) visually enhanced
- wiki edit preview our-footer overlaps save bar bugfix
- Archive_link: explained wrong "|onion={{QubesOS_onion}}" vs correct use "|onion=http://{{QubesOS_onion}}"

2022-01-31
- RandomNews for footer shortened and improved
- TOC hide/show improved

2022-01-20
- tables oversize solution introduced, also for mobile swipe indicator for oversize
- Download Page, supported icons improved

2022-01-19
- improvements for mediawiki search
- new mono font introduced
- pre alternative for special cases introduced
- table of contents jump paddings corrected

2022-01-18
- improved styles for tables, lists, blockquotes, pre, code etc

2022-01-17
- codeSelect Bugfixes and style improvements

2022-01-15
- Development of Extension:CSS fork with new functionality
- Header improved for JS users

2022-01-14
- Header overlapping jump targets fixed
- Vector Skin remove external link symbols
- Editor Fullscreen Feature for editor added
- Header made responsive down to 370px and optimized for mobile usability
- CodeSelect Nojs style fix + new parameter inline so multiple instances can be combined in one line --target virtualbox , --target qcow2 , and --target raw

2022-01-13: Completely new Header developed and installed
- Header is inserted as a Template and fixed to top
- Header features like the header form 2022-01-09
- Completely Nojs and Mobile friendly

2022-01-11: SaveAndContinue-Button: New JS-Feature for faster Development

2022-01-10: Creation of BodyScript2 Mediawiki Extension

2022-01-09: New Header developed
- Restructuring via Sidebar
- unifying all menus in one supermenu
- replacement of donate button
- Main Logo links to whonix.org
- nice hover effects
- Search in modal instead of box (for js users, else go to search page)

2022-01-08: Nojs.css incorporated - styles exclusively for Nojs visitors

2022-01-06: New footer incorporated
- new Style, better layout and ordering
- Bootstrap modals for content
- engaging action buttons
- Integration of whonix news

2022-01-06: Bugfix Archive_link Onionshare mishandling (eg https://flathub.org/apps/details/org.onionshare.OnionShare), Bugfix Archive_link CSS not loaded in Tor browser. Other bugfixes. Subdomain_link improved.

2022-01-03: Crypto address templates unified and Crypto address images unified

2021-12-31: Footer RandomNews. Solution: RandomNews template was not available in Footer2 widget (because: widget), so RandomNews was called in Footer2-Template. In template it is hidden by CSS and the whonix random news section in footer is filled with generic text. If JS is available RandomNews are moved to Footer (true HTML widget area)

2021-12-31: CodeSelect Improvements, Refinements #3. Green color and check mark if copy is clicked

2021-12-30: CodeSelect Improvements
- after clicking the copy symbol, the copy symbol changes into a green checkmark, later changes back
- CodeSelect can be called as a template but also simply by
```
<div class="code-select">code</div>
```
  - essential for usage in Widgets

2021-12-29: Footer subdomain fixes by protocol and apex domain for forums subdomain (whonix.org and .onion)

2021-12-28: Footer redesigned

2021-12-24: Template Template:Subdomain_link and Widget:Subdomain_link created (ability to link without knowing the website context)

2021-12-23: CodeSelect further improved: less white space, more compact, better nojs-version, better js-animation

2021-12-23: Combi task: External Links / Template + Widget Archive-Link
- Improved Mediawiki Extension "Link to archive"
  - differentiate automatically between normal link, onion-link and link to web.archive.org
  - Show logos instead of long "[archive]" text
  - logo / title attribute / logo link href according to linked url: normal → archive symbol + archive link / onion → onion logo and onion link / archive link → archive logo and same link
- Template Template:Archive_link and Widget:Archive_link and Archive_link.css created: Similar to "Link to archive", but you can choose if you want an archive link, onion link or both

2021-12-21: Whonix Logo Format: discussed: jpeg and png specific use cases. And logo-text and logo delivered without padding

2021-12-21: Whonix Logo finished
- last revision of logo submitted and accepted
- export accordning to guidelines: https://www.whonix.org/wiki/Dev/Logo
- no problems reported by reviewer

2021-12-20: mediawiki skin selection
- Whonix? -> Keeping mediawiki skin Foreground and adding CSS fixes later.
- Kicksecure: Which skin should be used as foundation? -> Same but with different CSS to have distinctive styles/colors.

2021-12-19: Colored Platform Icons, 500px*500px
- some icons pulled from web in better solution
- apple logo rights research. Seems using the logo is in most of the world public domain and in copyrighted jurisdictions logo is considered fair use and used by open source projects (means no licence)
- kvm logo complete redesign
- review/improve colored symbols for Template:Supported_Platforms_Icons since these are used on Download and whonix.org homepage

2021-12-18: Whonix old logo refinement, old text removed, text "Whonix" redrawn

2021-12-17: CodeSelect finished
- HTML restructured, Style improved
- direct copy button added, info tooltip added
- modernized und documented JS mechanic
- improved upon old mechanic with sidescrolling
- Non-JS compatible with similar style

2021-12-16: Update Download Button VirtualBox wiki page Download Button: prettify and easier functionality

2021-12-14: invoice template improvements

2021-12-13: discuss (easy, not important): cannot click inspect on other websites

2021-12-13 CSS very basic review. Answers for the following questions are desired:
- Is Whonix wiki currently using Mediawiki:Foreground.css? Yes.
- Is Mediawiki:Common.css currently in use? Also Yes.
- Advantages and disadvantages of merging these pages? -> No. Keep and Mediawiki:Common.css and Mediawiki:Foreground.css separate. Split into essentials (CSS for CodeSelect in Mediawiki:Common.css) and skin (Foreground) (Mediawiki:Foreground.css) specific.

nurmagoz[edit]

newer[edit]

7 - 14/11/2024[edit]

- Upgrade-nonroot comment

https://forums.whonix.org/t/qubes-sudo-su-root-hardening-development-discussion/8561/44

- Investigate removal of plymouth on Debian

https://forums.kicksecure.com/t/error-plymouth-conflict-in-debian-morphing/641/7

- sort out

https://www.kicksecure.com/wiki/Debian_Packages

https://www.whonix.org/wiki/Debian_Packages

- Add list of packages missing in packages.debian.org

https://www.kicksecure.com/wiki/Dev/Debian

29 - 6/10 - 11/2024[edit]

- Accounts Maintenance

Forums:

https://forums.whonix.org/t/cwtch-messaging/5353/57

https://forums.kicksecure.com/t/kicksecure-as-server-os/354/11

https://forums.kicksecure.com/t/ubiquity-lvm-tpm/585/21

https://forums.kicksecure.com/t/enable-and-use-zram-instead-for-swap/654

https://forums.kicksecure.com/t/error-plymouth-conflict-in-debian-morphing/641/6

Github:

https://github.com/flathub/com.github.vkohaupt.vokoscreenNG/issues/40

https://github.com/flathub/com.github.vkohaupt.vokoscreenNG/issues/41

23 - 28/10/2024[edit]

- Bureaucracy

- Miscellaneous mobile operating system preliminary review

https://www.kicksecure.com/wiki/Mobile_Operating_System_Comparison#Miscellaneous

- Document KVM image change directory

https://forums.whonix.org/t/first-time-trying-to-install-whonix-kvm/20602

Forums:

https://forums.whonix.org/t/i-cant-download-whonix-from-website/20607/4

https://forums.whonix.org/t/first-time-trying-to-install-whonix-kvm/20602/8

https://forums.whonix.org/t/whonix-xxxxxxxxxxxxxxx/20616/6

https://forums.whonix.org/t/failed-to-define-domain-from-whonix-gateway-xml/20580/4

14 - 22/10/2024[edit]

- Bureaucracy

- host firewall wiki pages

https://www.kicksecure.com/wiki/Special:WhatLinksHere/Host_Firewall_Basics -> update links to https://www.kicksecure.com/wiki/Host_Firewall

- Install_Microcode_Package - add tab controller

https://www.kicksecure.com/wiki/Firmware_Security_and_Updates#Install_Microcode_Package

- OpenSUSE preview

https://forums.whonix.org/t/opensuse-tumbleweed-distro-preview/20561

Forums:

https://forums.whonix.org/t/i-have-no-connection-on-the-tor-resolved/20551/2

https://forums.whonix.org/t/does-all-traffic-route-through-tor-when-using-rdp-like-remmina/20555/2

https://forums.whonix.org/t/port-to-opensuse/17400/8

https://forums.whonix.org/t/flatpak-as-a-software-source-flathub-as-a-source-of-software/8500/64

https://forums.whonix.org/t/debian-12-kvm-with-firwalld-nftables-wont-work-there-is-workaround/17203/2

https://forums.whonix.org/t/whonix-17-wont-work-directly-on-debian-12-bookworm-host-no-iptables/16903/4

https://forums.whonix.org/t/failed-to-define-domain-from-whonix-gateway-xml/20580/2

https://forums.kicksecure.com/t/ubiquity-lvm-tpm/585/12

https://forums.kicksecure.com/t/use-btrfs-as-the-default-journaling-file-system/626

https://forums.kicksecure.com/t/usb-iso-boot-loop/563/10

Github:

https://github.com/openSUSE/zypper/issues/573

5 - 13/10/2024[edit]

- Test new tirdad

- Document and consider testing fwupd

https://www.kicksecure.com/wiki/Firmware_Security_and_Updates#Firmware_Update_Manager_(fwupd)

- Sorted out System_Hardening_Checklist

https://www.whonix.org/wiki/System_Hardening_Checklist

https://www.kicksecure.com/wiki/System_Hardening_Checklist

- Updated sdwdate onion mirrors

https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/245

Forums:

https://forums.whonix.org/t/why-many-search-engines-gone-now-only-ddg-and-startpage-remain/20505/5

https://forums.whonix.org/t/tcp-isn-cpu-information-leak-protection-tirdad/8552/19

https://forums.whonix.org/t/find-in-page-ctrl-f-new-ui-crops-website-and-now-feels-slower-to-search/20517/3

Github:

https://github.com/QubesOS/qubes-builder-debian/pull/85

https://github.com/QubesOS/qubes-builder-debian/pull/84

24 - 4/9 - 10/2024[edit]

- update ISO screenshots

- Updated sdwdate mirrrors

https://github.com/Kicksecure/sdwdate/pull/49/commits/4d50ebc128d26f2d5cd36e096d8d537456400083

https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/243

Forums:

https://forums.whonix.org/t/tar-child-xz-cannot-exec-no-such-file-or-directory-install-xz-utils-package/16708/7

https://forums.whonix.org/t/instructions-to-windows-verify-not-correct/20463/6

https://forums.whonix.org/t/in-place-release-upgrade-to-whonix-17-2-3-7-seems-to-have-broken-my-flatpaks/20486/4

https://forums.kicksecure.com/t/can-not-run-flatpak-apps-after-kicksecure-update/592/9

https://forums.kicksecure.com/t/cannot-run-some-appimage-apps-after-kicksecure-upate/594/2

https://forums.whonix.org/t/current-state-of-kloak/5605/116

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/590

https://forums.whonix.org/t/whonix-17-2-3-7-kloak-service-not-restarting/20498/4

https://forums.kicksecure.com/t/ubiquity-lvm-tpm/585

https://forums.whonix.org/t/latest-kernel-6-10/20503/2

Github:

https://github.com/QubesOS/qubes-builder-debian/pull/83

23 - 27/9/2024[edit]

- Test new Whonix Windows Installer

https://download.whonix.org/windows/17.2.3.2/

- KVM PipeWire Fix - contact upstream

https://gitlab.com/qemu-project/qemu/-/issues/2561#note_2123338529

https://lists.libvirt.org/archives/list/users@lists.libvirt.org/thread/JGEVXVUPN5FB7Q3GSZ6VMX53MVVVJJH2/

https://forums.whonix.org/t/no-audio-with-spice-pipewire-halts-with-alsa-qemu-pipewire-unsupported/20341/6

- Test and Improve Whonix Installer Verification Documentation

https://www.whonix.org/wiki/Verify_the_images_using_Windows

- Test and improve KVM Serial Console

https://www.whonix.org/wiki/KVM#Command_Line_Interface_(CLI)

Forums:

https://forums.whonix.org/t/warning-last-releases-of-tor-degraded-its-anonimity-level-compared-to-i2p/20098/17

https://forums.whonix.org/t/virtualbox-intel-hd-audio-and-pipewire-incompatibility-audio-broken-after-increasing-ram-to-5-gb-no-sound-after-latest-updates-pipewire-bug/18211/25

https://forums.whonix.org/t/instructions-to-windows-verify-not-correct/20463/3

https://forums.whonix.org/t/how-do-i-enter-the-whonix-shell-from-cli/7271/56

17 - 22/9/2024[edit]

- Review / fix Dev/audio:

https://www.kicksecure.com/wiki/Dev/audio

- Testing KVM PipeWire Fix ticket

https://forums.whonix.org/t/no-audio-with-spice-pipewire-halts-with-alsa-qemu-pipewire-unsupported/20341/4

https://gitlab.com/qemu-project/qemu/-/issues/2561#note_2123338529

Forums:

https://forums.whonix.org/t/running-whonix-vms-on-android-phone/20412/6

https://forums.whonix.org/t/vanguards-additional-protections-for-tor-onion-services/8064/29

https://forums.whonix.org/t/warning-flatpak-system-operation-deploy-not-allowed-for-user/20393/5

https://forums.whonix.org/t/qubes-sudo-su-root-hardening-development-discussion/8561/40

https://forums.whonix.org/t/no-audio-with-spice-pipewire-halts-with-alsa-qemu-pipewire-unsupported/20341/5

Github:

https://github.com/flatpak/flatpak/issues/5937

https://github.com/QubesOS/qubes-issues/issues/9459

10 - 16/9/2024[edit]

Tested New Point Release:

(So as .6)

https://download.kicksecure.com/ova/17.2.2.7/

https://download.whonix.org/ova/17.2.2.7/

test AC97 audio

test Intel HD audio

Tested Whonix Windows Installer:

https://download.whonix.org/windows/17.2.2.7/

It comes with virtualbox 7.1

KVM libvirt xml improvements - enable 3D:

https://forums.whonix.org/t/how-to-enable-3d-acceleration-in-kvm/16501/18

https://github.com/Kicksecure/libvirt-dist/blob/master/usr/share/libvirt-dist/xml/Whonix-Workstation.xml

https://github.com/Kicksecure/libvirt-dist/blob/master/usr/share/libvirt-dist/xml/Whonix-Custom-Workstation.xml

https://github.com/Kicksecure/libvirt-dist/blob/master/usr/share/libvirt-dist/xml/Kicksecure.xml

https://github.com/Kicksecure/libvirt-dist/blob/master/usr/share/libvirt-dist/xml/Whonix-Gateway.xml

KVM libvirt xml improvements - unit='MB':

https://forums.whonix.org/t/stop-using-unit-kib-use-unit-mb-instead/20383

Added tab controller:

https://www.kicksecure.com/wiki/VirtualBox/Other_Versions

https://www.whonix.org/wiki/Template:Restart_Tor

Forums:

https://forums.whonix.org/t/kicksecure-17-2-2-0-unreleased-version-sound-driver-issue/20379

https://forums.whonix.org/t/whonix-virtualbox-integration-and-upgrades/11705/34

https://forums.whonix.org/t/virtualbox-intel-hd-audio-and-pipewire-incompatibility-audio-broken-after-increasing-ram-to-5-gb-no-sound-after-latest-updates-pipewire-bug/18211/21

https://forums.whonix.org/t/find-usr-lib-modules-6-1-0-25-amd64-kernel-drivers-xen-bad-message-unable-to-truncate-for-updated-status-of-security-misc-read-only-file-system/20345/4

Tickets:

https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/4263

https://gitlab.com/qemu-project/qemu/-/issues/2561

2 - 9/9/2024[edit]

KVM 3D Documentation:

https://www.whonix.org/wiki/KVM#3D_Graphics_Acceleration

Upstream Tickets:

https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/4263

https://gitlab.com/qemu-project/qemu/-/issues/2561

illustrative image:

https://forums.whonix.org/t/missing-libre-illustrative-images/3912/307

Forums:

https://forums.whonix.org/t/find-usr-lib-modules-6-1-0-25-amd64-kernel-drivers-xen-bad-message-unable-to-truncate-for-updated-status-of-security-misc-read-only-file-system/20345

https://forums.whonix.org/t/audio-broken-after-increasing-ram-to-5-gb-no-sound-after-latest-updates-pipewire-bug/18211/11

https://forums.whonix.org/t/how-to-enable-3d-acceleration-in-kvm/16501/8

https://forums.whonix.org/t/virtualbox-7-0-20-results-in-errors-while-6-1-26-works-with-whonix-release-17-2-0-7/20337/4

https://forums.whonix.org/t/virt-gtk-experimental-alternative-to-virt-manager-better-perf-but-worse-sandboxing/20250/10

https://forums.whonix.org/t/no-audio-with-spice-pipewire-halts-with-alsa-qemu-pipewire-unsupported/20341

https://forums.whonix.org/t/sound-is-cleaner-with-pipewire-from-backports-on-virtualbox/20344

26/8 - 1/9/2024[edit]

- libvirt upstream bug report

https://lists.libvirt.org/archives/list/users@lists.libvirt.org/thread/6ZAUM545XYFC5E4PYH2BBXI3DGBJRCAJ/

- VirtualBox Hardware-accelerated Graphics Testing

https://forums.whonix.org/t/virtualbox-3d-acceleration/8673/11

- Qubes ISO Documentation

https://www.kicksecure.com/wiki/Qubes#ISO

Forums:

https://forums.whonix.org/t/virt-gtk-experimental-alternative-to-virt-manager-better-perf-but-worse-sandboxing/20250/7

https://forums.whonix.org/t/qubes-sudo-su-root-hardening-development-discussion/8561/35

https://forums.whonix.org/t/whonix-xfce-installer-cli-fails-on-kicksecure/20301/2

https://forums.whonix.org/t/whonix-virtualbox-integration-and-upgrades/11705/30

https://forums.whonix.org/t/proxmox-a-dedicated-kvm-platform-for-whonix/3733/40

Github:

https://github.com/shutter-project/shutter/issues/688

https://github.com/shutter-project/shutter/issues/659#issuecomment-2294947191

16 - 25 /8/2024[edit]

- Tested KVM without dnsmasq:

https://forums.whonix.org/t/whonix-kvm-dnsmasq-listen-port-on-host-operating-system-attack-surface-reduction/15973/42

- Made many adjustment to OnionShare wiki page:

https://www.whonix.org/wiki/OnionShare

- Tested KVM 3D Graphics Acceleration:

https://www.whonix.org/wiki/KVM#3D_Graphics_Acceleration

https://forums.whonix.org/t/how-to-enable-3d-acceleration/16501/5

- Added tab controller to:

https://www.whonix.org/wiki/KVM#Install_KVM

https://www.kicksecure.com/wiki/Spectre_Meltdown#Platform_Specific

https://www.kicksecure.com/wiki/Spectre_Meltdown#Install_Microcode_Package

https://www.kicksecure.com/wiki/Recovery#Serial_Console

- Tested KVM random limit test

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/583

Forums:

https://forums.whonix.org/t/onionshare-on-whonix-workstation-how-to-connect-to-tor/20174/3

https://forums.whonix.org/t/blocking-certain-applications-from-accessing-internet/20247/2

https://forums.whonix.org/t/virt-gtk-experimental-alternative-to-virt-manager-better-perf-but-worse-sandboxing/20250/7

Github:

https://github.com/Kicksecure/libvirt-dist/pull/111#event-13893986296

https://github.com/Kicksecure/libvirt-dist/pull/112#event-13893984607

13 - 15/18/2024[edit]

- Migrated https://www.whonix.org/wiki/Spectre_Meltdown to Kicksecure wiki

- Tested onionshare instructions on whonix

- VirtualBox netstat comparison before and after whonix installation

- Tried no dns for VMs in KVM and no dnsmasq with PR for Internal/External Whonix network:

https://forums.whonix.org/t/whonix-kvm-dnsmasq-listen-port-on-host-operating-system-attack-surface-reduction/15973/36

Forums:

https://forums.whonix.org/t/very-hard-to-notice-phishing-scam-firefox-tor-browser-url-not-showing-real-domain-name-homograph-attack-punycode/8373/15

https://forums.whonix.org/t/what-is-whonix-xfce-17-0-3-0-ova/20221/6

https://forums.whonix.org/t/nixos-distro-preview/19883/5

https://forums.whonix.org/t/running-android-apps-inside-whonix-workstation-waydroid/16911/5

https://forums.whonix.org/t/lxqt-wayland-support/18178/4

https://forums.whonix.org/t/change-default-shell-from-bash-to-zsh-by-default/14792/164

09/7 - 12/18/2024[edit]

- Added screenshots to:

https://www.kicksecure.com/wiki/Secure_Boot#Secure_Boot_DKMS_Signing_Key_Enrollment

https://www.kicksecure.com/wiki/Desktop#Disable_Autologin

https://www.kicksecure.com/wiki/Protection_Against_Physical_Attacks#Login_Screen

https://www.kicksecure.com/wiki/Login#Graphical_Login_Screen

https://www.kicksecure.com/wiki/Login#Console_Login_Screen

https://www.kicksecure.com/wiki/Grub#GRUB_Encryption_Password_Prompt

- Added screenshots with tabs and text:

https://www.kicksecure.com/wiki/Debian#Install_the_Kicksecure_Package

https://www.kicksecure.com/wiki/Recovery#Boot_Virtual_Machine_from_ISO_instead_of_Virtual_Hard_Drive

- URL migration:

https://www.whonix.org/wiki/Dev/Expected_Build_Warnings

- Documented:

https://www.kicksecure.com/wiki/Timezone

- Forum:

https://forums.whonix.org/t/qubes-sudo-su-root-hardening-development-discussion/8561/29

https://forums.whonix.org/t/debian-12-live-to-mount-encrypted-ssd/20192/11

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/574

https://forums.whonix.org/t/haveged-entropy-daemon/17158/8

https://forums.whonix.org/t/whonix-gateway-systemcheck-whonixcheck-no-longer-automatically-starting-at-first-boot/20175/2

https://forums.whonix.org/t/missing-libre-illustrative-images/3912/305

https://forums.whonix.org/t/i-cant-connect/19597/5

https://forums.whonix.org/t/whonix-gw-will-not-run-anon-connection-wizard-thus-no-internet-connect-there-is-workaround/18405/3

https://forums.whonix.org/t/monero-integration-in-whonix/5949/90

https://forums.whonix.org/t/change-default-shell-from-bash-to-zsh-by-default/14792/163

Tickets:

https://github.com/QubesOS/qubes-issues/issues/9251

https://github.com/NixOS/nixpkgs/issues/314887

https://github.com/QubesOS/qubes-issues/issues/9343

https://github.com/QubesOS/qubes-issues/issues/9344

https://github.com/QubesOS/qubes-issues/issues/9374

https://gitlab.com/bztsrc/usbimager/-/issues/151 (usbimager interface improvement ticket)

01/5 - 08/7/2024[edit]

- Bureaucracy

https://forums.whonix.org/t/keepassxc-browser-doesnt-work-out-of-the-box/16877/7

https://forums.whonix.org/t/lxde-wayland-support/17388/5

https://forums.whonix.org/t/remove-hexchat-unmaintained/18391/10

https://forums.whonix.org/t/anon-gpg-tweaks-gpg-conf-enhancements-duraconf-a-collection-of-hardened-configuration-files/5378/24

https://forums.whonix.org/t/sudo-su-sorry-try-again-3-incorrect-password/19833/2

https://forums.whonix.org/t/install-catfish-file-searching-tool-xfce-de-by-default/19837

https://forums.whonix.org/t/include-monero-wallet-again/19871/2

https://forums.whonix.org/t/sudo-virsh-c-qemu-system-define-whonix-gateway-xml-error-failed-to-define-domain-from-whonix-gateway-xfce-17-0-3-0-xml-erdomain-configuration-does-not-support-video-model-virtio/19874/2

https://forums.whonix.org/t/desktop-renders-slowly-despite-high-resource-spec/19727/2

https://forums.whonix.org/t/i-cant-connect/19597/3

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/554

https://forums.whonix.org/t/using-nixos-would-allow-us-to-implement-both-live-usb-and-stateless/8790/5

https://forums.whonix.org/t/nixos-distro-preview/19883

https://forums.whonix.org/t/tinyproxy-config/19885/2

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/557

https://forums.whonix.org/t/onion-search-engine/19898/2

https://forums.whonix.org/t/permission-denied-with-flatpak-sys-block/15781/10

https://forums.whonix.org/t/flatpak-warning-failed-to-get-revokefs-fuse-socket-from-system-helper-flatpak-system-operation-getrevokefsfd-not-allowed-for-user/19906

https://forums.whonix.org/t/change-default-shell-from-bash-to-zsh-by-default/14792/160

https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618/59

https://forums.whonix.org/t/monero-integration-in-whonix/5949/90

https://github.com/QubesOS/qubes-issues/issues/9087

15/3- 25/4/2024[edit]

- Wiki fixes (shifting pages, correcting redirects, fixing URLs)

- Testing kicksecure/Whonix releases (specially kicksecure .iso)

- Adding illustration images

- Bureaucracy

https://forums.whonix.org/t/i-cant-see-the-whonix-dekstop/19545/2

https://forums.whonix.org/t/mouse-extra-buttons-not-working-on-vmware/19602/2

https://forums.whonix.org/t/i-cant-connect/19597/2

https://forums.whonix.org/t/hiddenvm-project-best-solution-available/10732/8

https://forums.whonix.org/t/does-enabling-flathub-repository-has-any-security-impact/19625/2

https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/241

https://forums.whonix.org/t/how-to-emulate-android-on-whonix-need-to-run-telegram/19681/2

https://forums.whonix.org/t/how-to-emulate-android-on-whonix-need-to-run-telegram/19681/5

https://forums.whonix.org/t/vless-reality-proxy-tor-can-the-vps-provider-see-the-traffic/19573/11

https://forums.whonix.org/t/bridge-request-tool-anon-connection-wizard-tor-control-panel-moat/19680/2

https://forums.whonix.org/t/csp-content-security-policy-denial-of-service/19673/2

https://github.com/QubesOS/qubes-issues/issues/9045

https://github.com/flathub/org.xfce.mousepad/issues/48

https://github.com/QubesOS/qubes-issues/issues/9152

https://github.com/Kicksecure/sdwdate/pull/48

26/2 - 14/3/2024[edit]

- Tested whonix, kicksecure releases

- Finished whonix wiki link fixes

- Fixed some texts in whonix wiki

https://forums.whonix.org/t/riseup-email-sucks/19511/5

https://forums.whonix.org/t/error-s-when-importing-vm-templates-kvm/19464/3

https://forums.whonix.org/t/gateway-to-tor-or-not-to-tor/19534/4

https://github.com/QubesOS/qubes-issues/issues/9025

https://github.com/QubesOS/qubes-issues/issues/1590#issuecomment-1969826818

https://github.com/QubesOS/qubes-issues/issues/8896#issuecomment-1960560934

16-25/2/2024[edit]

- Removed multiple dead wikis from whonix and kicksecure

https://www.kicksecure.com/wiki/Hardened_Malloc_Light

https://www.kicksecure.com/wiki/Hardened_Malloc

https://www.kicksecure.com/wiki/Hardened_Malloc/Manual_Installation

https://www.kicksecure.com/wiki/Linux_Kernel_Runtime_Guard_LKRG

- Providing logs for KVM to compare it and help MAC support:

https://forums.whonix.org/t/whonix-on-mac-m1-arm-development-discussion/14136/28

https://www.whonix.org/wiki/Dev/KVM#Audit_Output_of_virsh_domxml-to-native

- Testing new Apparmor profile with TB

https://forums.whonix.org/t/cannot-upload-files-with-tor-browser-apparmor-issue/18243/19

- Testing pipewire functionality in qubes:

https://github.com/QubesOS/qubes-issues/issues/8896

- Added missing illustration image

15/2/2024[edit]

- Testing KVM CPUinfo:

https://www.whonix.org/w/index.php?title=Protocol-Leak-Protection_and_Fingerprinting-Protection&stable=0#KVM_Whonix-Workstation_17_/proc/cpuinfo

- Removed hexchat from the wiki and fixed some wiki text

https://forums.whonix.org/t/remove-hexchat-unmaintained/18391/8

https://forums.whonix.org/t/whonix-gw-will-not-run-anon-connection-wizard-thus-no-internet-connect-there-is-workaround/18405

https://forums.whonix.org/t/guest-systems-sees-cpu-of-the-host/1413/29

1-14/2/2024[edit]

- Removed all links to:

https://www.whonix.org/wiki/Special:WhatLinksHere/Mixmaster

https://www.whonix.org/wiki/Special:WhatLinksHere/Nymservers

https://www.whonix.org/wiki/Special:WhatLinksHere/JonDonym

https://www.whonix.org/wiki/Special:WhatLinksHere/Remailer

- Moved unwanted parts to deprecated page.

- Fixed Whonix broken URLs

15-30/1/2024[edit]

- Testing whonix/kicksecure with vbox features (TPM, UEFI)

- Testing OpenSUSE and check packages

- Finished re-checking Kicksecure broken links

- Uploaded missing illustrative images

- Lower progress due to taking cold (sick)

older[edit]

25-31/8/2023[edit]

Testing Whonix/Kicksecure new releases
Finished Kicksecure URLs checkup

https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/236

https://forums.whonix.org/t/tor-browser-crashes-in-whonix-16-with-hardened-malloc/17209/5

https://forums.whonix.org/t/hardened-malloc-hardened-memory-allocator/7474/201

https://forums.whonix.org/t/vbox-occasionally-hangs-while-maxing-out-host-disk-read/17207/2

https://forums.whonix.org/t/i2p-client-inside-whonix-workstation-issues/15890/62

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/539

https://forums.whonix.org/t/debian-12-kvm-with-firwalld-nftables-wont-work-there-is-workaround/17203

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/538

https://forums.whonix.org/t/when-tails-can-connect-but-whonix-cannot-what-is-the-reason/17188/5

https://forums.whonix.org/t/error-invalid-argument-could-not-get-preferred-machine-for-usr-bin-qemu-system-x86-64-type-kvm/17184

https://forums.whonix.org/t/tor-is-not-yet-fully-bootstrapped-30-done/8792/26

https://forums.whonix.org/t/guest-has-not-initialized-the-display-yet-kali-linux-host/17141/4

https://forums.whonix.org/t/haveged-entropy-daemon/17158/3

24/8/2023[edit]

Testing and identifying discourse breakage issue with TB on safest (notified both forums).
Adding new illustration images.
Testing whonix and kicksecure new releases.
Added war on gnu license and the importance of it

https://meta.discourse.org/t/broken-page-load-navigating-discourse-with-tor-browser-on-safest-security-setting-noscript-active/274837/9

https://forums.whonix.org/t/livecheck-sh-issue/17118/2

23/8/2023[edit]

Learning and Adding new Quotation template.

https://forums.whonix.org/t/which-editor-is-safe-dear-whonix-community/17105/8

https://forums.whonix.org/t/worried-about-whonix-tor-always-same-fucking-exit-node/17084/9

https://forums.whonix.org/t/which-editor-is-safe-dear-whonix-community/17105/6

https://forums.whonix.org/t/which-editor-is-safe-dear-whonix-community/17105/8

https://forums.whonix.org/t/tor-controller-gui-tor-control-panel/5444/96

https://forums.whonix.org/t/how-protect-bug-downfall-cpu-exploit-meltdown-spectre/17111/2

22/8/2023[edit]

OFF

20-21/8/2023[edit]

Bureaucracy
Adding new social media which is gnusocial jp
Organizing Social media profiles wiki page for whonix and kicksecure
Uploaded kicksecure and whonix vbox gui/cli screenshots
Migrating /dev/curl bash and pipe
Added tab controller to:

https://www.whonix.org/wiki/Other_Operating_Systems#Easy

https://www.whonix.org/wiki/Other_Operating_Systems#Whonix-GNU.2FLinux-Workstation

https://www.whonix.org/wiki/Other_Operating_Systems#VM_settings

https://www.kicksecure.com/wiki/Grow_Virtual_Harddisk

https://www.kicksecure.com/wiki/Shrink_Virtual_Harddisk

https://forums.whonix.org/t/how-protect-anonymous/17111

https://forums.whonix.org/t/which-editor-is-safe-dear-whonix-community/17105/2

https://forums.whonix.org/t/do-paravirtualized-devices-pose-a-security-risk-to-the-host-and-other-vms-on-it/17106/2

https://forums.whonix.org/t/worried-about-whonix-tor-always-same-fucking-exit-node/17084/6

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/532

https://forums.whonix.org/t/jmp-mobile-number-through-jabber-no-sim-card-or-mobile-phone-needed/11050/16

19/8/2023[edit]

Adding tabs to Tips_on_Remaining_Anonymous#Avoid_(Mobile)_Phone_Verification_(Use_only_with_caution)
Fixing SecBrowser wiki page text
Spreading news about new whonix/kicksecure TLS hardening configs

https://forums.whonix.org/t/tls-with-its-highest-available-security-options/17098

https://forums.whonix.org/t/unsupported-qcow2-feature-extended-l2-entries/17060/3

https://forums.whonix.org/t/worried-about-whonix-tor-always-same-fucking-exit-node/17084/4

https://forums.whonix.org/t/is-type-2-hypervisor-more-safe-than-type-1-hypervisor/17085/2

17-18/8/2023[edit]

OFF

15-16/8/2023[edit]

Testing kloak in non-qubes
Researching GNU app installation
Researching android -> GNU backup
Clearing https-everywhere mention from the wiki since its deprecated
Renewing Hosts that accept cryptocurrencies for their payment

https://forums.whonix.org/t/forcing-onion-on-whonix-org/510/18

13-14/8/2023[edit]

Bureaucracy
Making draft for social media spread of Whonix TLS improvement

https://forums.whonix.org/t/discourse-integration-change-whonix-forum-software-to-discourse/1181/41

https://forums.whonix.org/t/monero-integration-in-whonix/5949/80

https://forums.whonix.org/t/new-qubes-website-new-whonix-website/1736/169

https://forums.whonix.org/t/windows-whonix-workstation-in-kvm/17039/5

https://forums.whonix.org/t/ubuntu-lagging/17038/6

https://forums.whonix.org/t/sdwdate-and-sdwdate-gui-development-thread/1137/395

https://github.com/monero-project/monero-gui/issues/4206

https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42011

https://meta.discourse.org/t/broken-page-load-navigating-discourse-with-tor-browser-on-safest-security-setting-noscript-active/274837

11-12/8/2023[edit]

OFF

8-10/8/2023[edit]

Bureaucracy
Fixing kicksecure broken links (partial full finish)
Fixing new icons for verify page
Retesting page /Testing for vbox
Reporting discourse nojs issue

https://github.com/Kicksecure/anon-apt-sources-list/pull/1

https://github.com/QubesOS/qubes-issues/issues/8413

https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618/55

https://forums.whonix.org/t/discourse-integration-change-whonix-forum-software-to-discourse/1181/34

6-7/8/2023[edit]

Bureaucracy
Reporting bugs and features for mediawiki
Finished adding tabs (+upload new images) and fixing text to:

https://www.kicksecure.com/wiki/Verify_the_virtual_machine_images https://www.kicksecure.com/wiki/VirtualBox/Other_Versions#Install_from_VirtualBox.org_Repository

https://github.com/QubesOS/qubes-issues/issues/8400

4-5/8/2023[edit]

OFF

3/8/2023[edit]

Finished Qubes Disposable wiki
Finished Kicksecure verification steps wiki

1 - 2/8/2023[edit]

Looking on Qubes Disposables page in thoroughly way
Working on Kicksecure verification steps wiki

https://forums.whonix.org/t/sys-whonix-dom0-updates-failing-on-qubes-r4-1-with-qubes-whonix-16/16998

https://forums.whonix.org/t/onion-xmpp-connections-over-whonix/16993/2

https://github.com/QubesOS/qubes-builder-debian/pull/77#issuecomment-1660158921

https://github.com/waydroid/waydroid/issues/1027#issuecomment-1660419839

31/7/2023[edit]

Bureaucracy
Investigating about gignet mirror to update their whonix images to latest
Verified and cleaned old todo list
Retested qubes-whonix dispvms
Tickets and Activities:

https://forums.kicksecure.com/t/running-android-apps-inside-kicksecure-waydroid/304

https://github.com/QubesOS/qubes-issues/issues/8382

https://github.com/waydroid/waydroid/issues/1027

30/7/2023[edit]

Installing Waydroid on Kicksecure
Debugging sdwdate-gui systray in Qubes
Tickets and Activities:

https://forums.whonix.org/t/workstation-black-screen-after-boot/16959/3

https://forums.whonix.org/t/note-installing-waydroid-will-remove-busybox-which-is-a-dep-to-kicksecure-dependencies-cli/16910/6

https://forums.whonix.org/t/virtualbox-workstation-and-gateway-weird-behavior/16970

https://forums.whonix.org/t/cloudflare-dns-sometimes-doesnt-resolve-main-whonix-mirror-properly/16956/3

https://forums.whonix.org/t/merge-2-menus-of-sdwdate-tray-better-ux/16900/17

https://forums.whonix.org/t/freenet-cant-connect-node/16962/2

https://forums.whonix.org/t/why-is-the-timezone-different/16971/4

https://forums.whonix.org/t/does-whonix-tb-differ-from-upstream/16969/2

https://github.com/waydroid/waydroid/issues/1027

https://github.com/webcompat/web-bugs/issues/125004#issuecomment-1657107180

28-29/7/2023[edit]

OFF

27/7/2023[edit]

Spread whonix new release to public forums and chats

Added tabs to https://www.whonix.org/wiki/Multiple_Whonix-Workstation#How-to:_Use_more_than_One_Whonix-Workstation_%E2%84%A2_-_Easy

Tickets and Activities:

https://forums.whonix.org/t/missing-libre-illustrative-images/3912/291

https://forums.whonix.org/t/merge-2-menus-of-sdwdate-tray-better-ux/16900/13

26/7/2023[edit]

Discussion about signify and improving verification steps
Spread whonix release to social media
Tickets and Activities:

https://forums.whonix.org/t/qubes-sudo-su-root-hardening-development-discussion/8561/18

https://forums.whonix.org/t/cloudflare-dns-sometimes-doesnt-resolve-main-whonix-mirror-properly/16956

25/7/2023[edit]

Learned and applied Tab Controller to https://www.whonix.org/wiki/Multiple_Whonix-Gateway
Tickets and Activities:

Merged the wikis: https://forums.whonix.org/t/merge-2-menus-of-sdwdate-tray-better-ux/16900/12

24/7/2023[edit]

Bureaucracy

23/7/2023[edit]

Communicate with whonix mirrors
Tickets and Activities:

https://forums.whonix.org/t/i-need-ur-help-with-an-error-in-starting-virtual-machines-kvm/16940/3

https://forums.whonix.org/t/remove-unwanted-programs-delete-unnecessary-software/1905/9

https://forums.whonix.org/t/kswapd0-high-cpu-usage-on-whonix-17/16933/2

https://forums.whonix.org/t/i2p-client-inside-whonix-workstation-issues/15890/58

https://github.com/QubesOS/qubes-builder-debian/pull/75#event-9894816172

https://github.com/QubesOS/qubes-issues/issues/6566#issuecomment-1648515708

https://github.com/QubesOS/qubes-issues/issues/8369

21-22/7/2023[edit]

OFF

20/7/2023[edit]

Bureaucracy

19/7/2023[edit]

Bureaucracy
Finished changing names wherever possible

18/7/2023[edit]

Tested waydroid on whonix 17
Tickets and Activities:

https://forums.whonix.org/t/merge-2-menus-of-sdwdate-tray-better-ux/16900/7

https://forums.whonix.org/t/waydroid-and-whonix/13643/10

https://forums.whonix.org/t/whonix-ws-kvm-broken-due-to-reinstalled-security-misc/16902/5

https://forums.whonix.org/t/whonix-17-wont-work-directly-on-debian-12-bookworm-host-no-iptables/16903/2

https://forums.whonix.org/t/help-welcome-kvm-development-staying-the-course/166/528

https://forums.whonix.org/t/note-installing-waydroid-will-remove-busybox-which-is-a-dep-to-kicksecure-dependencies-cli/16910

https://forums.whonix.org/t/running-android-apps-inside-whonix-workstation-waydroid/16911

https://github.com/QubesOS/qubes-issues/issues/8365

https://github.com/waydroid/waydroid/issues/1006

https://github.com/waydroid/waydroid/issues/1007

17/7/2023[edit]

Bureaucracy
Tickets and Activities:
- Remove offline i2ps eepsites in whonix wiki
- Upgrade kicksecure to bookworm in amd and power9
- Tested whonix 17 on kvm

https://forums.whonix.org/t/whonix-17-wont-work-directly-on-debian-12-bookworm-host-no-iptables/16903

https://forums.whonix.org/t/change-default-shell-from-bash-to-zsh-by-default/14792/133

https://forums.whonix.org/t/xfce-theming-a-few-suggestions/7205/80

https://forums.whonix.org/t/whonix-ws-kvm-broken-due-to-reinstalled-security-misc/16902/3

https://forums.whonix.org/t/remmina-vs-rustdesk/16302/5

https://forums.whonix.org/t/anarsec-qubes-whonix-guide/16887/6

16/7/2023[edit]

Tickets and activities:

https://forums.whonix.org/t/i2p-integration/4981/369

https://forums.whonix.org/t/merge-2-menus-of-sdwdate-tray-better-ux/16900

https://forums.whonix.org/t/uploading-images-sometimes-will-give-invalid-csrf-token-some-cookies-are-misusing-the-recommended-samesite-attribute/16898

https://forums.whonix.org/t/generate-whonix-gw-dvm-with-salt-to-give-the-possibility-to-base-sys-whonix-on-it/16901

https://forums.whonix.org/t/disposable-browser-fingerprint/16894/2

https://forums.whonix.org/t/command-not-showing-up-fully-in-the-wiki-when-using-codeselect-code/16899

https://forums.whonix.org/t/wrongs-links-in-kvm-install-guide/16897/2

https://www.whonix.org/wiki/I2P#Installation_and_Setup

https://www.whonix.org/wiki/I2P#Steps_for_I2P_Configuration_and_Usage_After_Installation

Finished cleaning up qubes-minimal packages

15/7/2023[edit]

OFF

1 - 14/7/2023[edit]

Testing:

Tested all whonix and kicksecure releases of version 17.x (on vbox and qubes 4.2)

Tested Whonix - I2P + TB and sorted out all issues (but tomorrow will be documented)

Tickets and activities:

https://github.com/bitcoin/bitcoin/issues/28054

https://github.com/QubesOS/qubes-issues/issues/8286#issuecomment-1627786685

https://github.com/QubesOS/qubes-issues/issues/8330#issuecomment-1625923003

https://github.com/QubesOS/qubes-issues/issues/8346

https://github.com/QubesOS/qubes-issues/issues/6325#issuecomment-1633056725

https://github.com/QubesOS/qubes-issues/issues/8342

https://github.com/QubesOS/qubes-issues/issues/5836

https://github.com/QubesOS/qubes-issues/issues/8341

https://github.com/QubesOS/qubes-issues/issues/8335

https://github.com/QubesOS/qubes-issues/issues/8193#issuecomment-1626208571

https://github.com/QubesOS/qubes-issues/issues/8336#issuecomment-1626359102

https://github.com/QubesOS/qubes-issues/issues/8333

https://github.com/QubesOS/qubes-issues/issues/8331#issue-1794108471

https://github.com/QubesOS/qubes-issues/issues/8332

https://github.com/QubesOS/qubes-issues/issues/8334

https://github.com/QubesOS/qubes-issues/issues/8079#issuecomment-1626045208

https://github.com/QubesOS/qubes-issues/issues/8269#issuecomment-1606111278

https://github.com/QubesOS/qubes-issues/issues/8359

https://github.com/QubesOS/qubes-issues/issues/8360

https://forums.whonix.org/t/keepassxc-browser-doesnt-work-out-of-the-box/16877/2

https://forums.whonix.org/t/whonix-delete-the-unnecessary-files-programs/1905/6

https://forums.whonix.org/t/whonix-delete-the-unnecessary-files-programs/1905/8

https://forums.whonix.org/t/default-dns-provider-discussion-for-kicksecure-not-whonix/16870/2

https://forums.whonix.org/t/default-dns-provider-discussion-for-kicksecure-not-whonix/16870/4

https://forums.whonix.org/t/default-dns-provider-discussion-for-kicksecure-not-whonix/16870/6

https://forums.whonix.org/t/default-dns-provider-discussion-for-kicksecure-not-whonix/16870/8

https://forums.whonix.org/t/dino-im-messenger/7773/45

https://forums.whonix.org/t/dino-im-messenger/7773/48

https://forums.whonix.org/t/use-dnscrypt-by-default-in-kicksecure-not-whonix/8117/61

https://forums.whonix.org/t/suggest-trustworthy-tor-hidden-services-as-time-sources-for-sdwdate/856/233

https://forums.whonix.org/t/remove-imagemagick/6143/13

https://forums.whonix.org/t/flatpak-as-a-software-source-flathub-as-a-source-of-software/8500/52

https://forums.whonix.org/t/missing-libre-illustrative-images/3912/287

https://forums.whonix.org/t/local-browser-homepage-for-tor-browser-in-whonix/347/114

https://forums.whonix.org/t/local-browser-homepage-for-tor-browser-in-whonix/347/116

OLDEST[edit]

23/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Download_Statistics

https://www.whonix.org/wiki/Dev/Download_Wizard

https://www.whonix.org/wiki/Dev/Installation_from_Repository

https://www.whonix.org/wiki/Mailing_Lists

https://www.whonix.org/wiki/Dev/Redistribution

https://www.whonix.org/wiki/Essential_Tests

https://www.whonix.org/wiki/Dev/Vision

https://www.whonix.org/wiki/Dev/Tails_Doc_Fork

https://www.whonix.org/wiki/UniStation

https://www.whonix.org/wiki/Dev/Inspiration

https://www.whonix.org/wiki/Dev/Zerobox

https://forums.whonix.org/t/long-wiki-edits-thread/3477/2268

19/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Porting

https://www.whonix.org/wiki/Dev/Logo

https://www.whonix.org/wiki/Dev/TPO_Trademark

https://www.whonix.org/wiki/Dev/64bit

https://www.whonix.org/wiki/Dev/Firefox_Add-On

https://www.whonix.org/wiki/Dev/tor-launcher

https://www.whonix.org/wiki/BackupScript

https://www.whonix.org/wiki/Dev/Firewall_Unload

https://www.whonix.org/wiki/Dev/Test

https://www.whonix.org/wiki/Dev/Linux_Installer

https://www.whonix.org/wiki/Dev/Windows_Installer

https://www.whonix.org/wiki/Dev/Windows_Starter

https://www.whonix.org/wiki/Windows_Quick_Start_Testers_Only_Version

https://www.whonix.org/wiki/Dev/research

https://www.whonix.org/wiki/Dev/patreon

https://www.whonix.org/wiki/Dev/Gajim

https://www.whonix.org/wiki/Dev/Project_friendly_applications_best_practices

https://www.whonix.org/wiki/SecBrowser

https://www.whonix.org/wiki/Dev/wallpaper

https://www.whonix.org/wiki/Dev/certification

https://www.whonix.org/wiki/Dev/STIG

https://www.whonix.org/wiki/Dev/surveys

https://www.whonix.org/wiki/Dev/Automated_Tests

https://www.whonix.org/wiki/Dev/Torified_Wi-Fi_Hotspot

https://www.whonix.org/wiki/KVM_Testers_Only_Version

https://www.whonix.org/wiki/Dev/Xfce

https://www.whonix.org/wiki/Dev/Issue_Tracker

https://www.whonix.org/wiki/Dev/Homepage

https://www.whonix.org/wiki/Transparency

18/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Archived_Discussions

https://www.whonix.org/wiki/Dev/GNOME

https://www.whonix.org/wiki/Dev/Source_Code_Intro

https://www.whonix.org/wiki/Dev/News

https://www.whonix.org/wiki/Dev/SSL_Certificate_Pinning

https://www.whonix.org/wiki/Dev/JonDo

https://www.whonix.org/wiki/Dev/Project_Host

https://www.whonix.org/wiki/Dev/Network_Manager

https://www.whonix.org/wiki/Dev/Continuous_Integration

https://www.whonix.org/wiki/Dev/DHCP

https://www.whonix.org/wiki/Hosting_a_Mirror

17/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/anon-ws-disable-stacked-tor

https://www.whonix.org/wiki/Dev/Default_Application_Policy

https://www.whonix.org/wiki/Dev/Tor

https://www.whonix.org/wiki/Dev/setup-dist

https://www.whonix.org/wiki/Dev/Disclaimer

https://www.whonix.org/wiki/Comparison_Of_Package_Managers

https://www.whonix.org/wiki/Dev/Advanced_Deanonymization_Attacks

https://www.whonix.org/wiki/Dev/latency-obfuscator

https://www.whonix.org/wiki/Dev/MAC

https://www.whonix.org/wiki/Dev/vanguards

16/1/2023[edit]

OFF

15/1/2023[edit]

OFF

13/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/anon-ws-disable-stacked-tor

https://www.whonix.org/wiki/Dev/Default_Application_Policy

Discussion:

https://chat.openai.com/chat

https://www.grammarly.com/

12/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Qubes

https://www.whonix.org/wiki/Dev/About_Developers

https://www.whonix.org/wiki/Next

https://www.whonix.org/wiki/Dev/onion-grater

11/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Operating_System

https://www.whonix.org/wiki/Dev/VirtualBox

https://www.whonix.org/wiki/Dev/KVM

10/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Technical_Introduction

https://www.whonix.org/wiki/Dev/Leak_Tests

https://www.whonix.org/wiki/Dev/Anonymity_Network

https://www.whonix.org/wiki/Dev/Threat_Model

https://www.whonix.org/wiki/Dev/Virtualization_Platform

https://www.whonix.org/wiki/Dev/Gateway

https://www.whonix.org/wiki/Dev/Host

https://www.whonix.org/wiki/Dev/Project_Host

https://www.whonix.org/wiki/Dev/Build_Anonymity

https://www.whonix.org/wiki/Dev/Expected_Build_Warnings

https://www.whonix.org/wiki/Verifiable_Builds

- No new issues with testers upgrades

- https://github.com/QubesOS/qubes-issues/issues/7959#issuecomment-1375525256

9/1/2023[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Swap-file-creator

https://www.whonix.org/wiki/Project-APT-Repository

https://www.whonix.org/wiki/Debian_Packages

https://www.whonix.org/wiki/Access_Local_Network_or_Host_or_Clearnet_Internet_from_VM

https://www.whonix.org/wiki/Access_Gateway_Port_From_Host

https://www.whonix.org/wiki/Censorship_Circumvention_Tools

https://www.whonix.org/wiki/Whonix-Gateway_System_DNS

https://www.whonix.org/wiki/Whonix-Gateway_Own_Traffic_Transparent_Proxy

https://www.whonix.org/wiki/Access_Workstation_Port_From_Host

https://www.whonix.org/wiki/Connections_between_Gateway_and_Workstation

https://www.whonix.org/wiki/Tor_Browser/Manual_Download

https://www.whonix.org/wiki/Ports

https://www.whonix.org/wiki/Redirect_Whonix-Workstation_Ports_or_Unix_Domain_Socket_Files_to_Whonix-Gateway

https://www.whonix.org/wiki/FTP

https://www.whonix.org/wiki/Systemd

https://www.whonix.org/wiki/Dev/Build_Documentation/VM

https://www.whonix.org/wiki/Dev/Build_Documentation/Upgrading_Derivative_Deb_Packages_from_Source_Code

https://www.whonix.org/wiki/Dev/Build_Documentation/security-misc

https://www.whonix.org/wiki/Dev/Build_Documentation/generic-package

https://www.whonix.org/wiki/Template:Build_Documentation_Build_Package

https://www.whonix.org/wiki/Dev/Windows_Installer

https://www.whonix.org/wiki/Dev/Windows_Starter

8/1/2023[edit]

Swapped with the weekend

29/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Manually_Create_Whonix_VM_Settings

https://www.whonix.org/wiki/Dev/Build_Documentation

https://www.whonix.org/wiki/Manually_Creating_Whonix

https://www.whonix.org/wiki/Boot_Clock_Randomization

https://www.whonix.org/wiki/Protocol-Leak-Protection_and_Fingerprinting-Protection

https://www.whonix.org/wiki/Security_Roadmap

https://www.whonix.org/wiki/Other_Desktop_Environments

https://www.whonix.org/wiki/Whonix-Gateway_Firewall

https://www.whonix.org/wiki/Whonix-Workstation_Firewall

https://www.whonix.org/wiki/Multiple_Qubes-Whonix_Templates

https://www.whonix.org/wiki/Multiple_Whonix-Gateway

https://www.whonix.org/wiki/Multiple_Whonix-Workstation

https://www.whonix.org/wiki/Other_Operating_Systems

https://www.whonix.org/wiki/Other_Gateways

28/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/VMware

https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation

https://www.whonix.org/wiki/Dev/Leak_Tests

https://www.whonix.org/wiki/VM_Fingerprinting

https://www.whonix.org/wiki/VPN-Firewall

https://www.whonix.org/wiki/Alternative_DNS_Resolver

https://www.whonix.org/wiki/Hide_Tor_from_your_Internet_Service_Provider

https://www.whonix.org/wiki/Host_a_Bridge_or_Tor_Relay

https://www.whonix.org/wiki/Speculative_Tor_Attacks

https://www.whonix.org/wiki/Torify_Host_Operating_System

https://www.whonix.org/wiki/PPTP

https://www.whonix.org/wiki/Tunnel_UDP_over_Tor

https://www.whonix.org/wiki/Vanguards

27/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/File_Transfer

https://www.whonix.org/wiki/Anbox

https://www.whonix.org/wiki/GNUnet

https://www.whonix.org/wiki/Chromium

https://www.whonix.org/wiki/Chrome

https://www.whonix.org/wiki/PyLRU

https://www.whonix.org/wiki/Access_Local_Network_or_Host_or_Clearnet_Internet_from_VM

https://www.whonix.org/wiki/QEMU

https://www.whonix.org/wiki/Dev/Virtualization_Platform

26/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Policy_of_Website_and_Chat

https://www.whonix.org/wiki/Imprint

https://www.whonix.org/wiki/Privacy_Policy

https://www.whonix.org/wiki/Cookie_Policy

https://www.whonix.org/wiki/Terms_of_Service

https://www.whonix.org/wiki/E-Sign_Consent

https://www.whonix.org/wiki/Whonix:Copyrights

https://www.whonix.org/wiki/Trademark_Policy

https://www.whonix.org/wiki/Forcing_.onion_on_Project

https://www.whonix.org/wiki/API

https://www.whonix.org/wiki/Security_Reviews_and_Feedback

https://www.whonix.org/wiki/Art_Gallery

https://www.whonix.org/wiki/Census

https://www.whonix.org/wiki/Media_Mentions

https://www.whonix.org/wiki/Packages_for_Debian_Hosts

https://www.whonix.org/wiki/What_we_do

24/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/BackupScript

https://www.whonix.org/wiki/Browser_Tests

https://www.whonix.org/wiki/Introduction

https://www.whonix.org/wiki/Advanced_Documentation

https://www.whonix.org/wiki/Offline_Documentation

https://www.whonix.org/wiki/VFAQ

https://www.whonix.org/wiki/Declined

https://www.whonix.org/wiki/Stream_Isolation

https://www.whonix.org/wiki/Stream_Isolation/Disable_Easy

https://www.whonix.org/wiki/Stream_Isolation/Easy

https://www.whonix.org/wiki/ExoneraTor

https://www.whonix.org/wiki/Why_is_Tor_slow

22/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Contributors

https://www.whonix.org/wiki/Credits

https://www.whonix.org/wiki/History

https://www.whonix.org/wiki/Reasons_for_Freedom_Software

https://www.whonix.org/wiki/Contact

https://www.whonix.org/wiki/Contribute

https://www.whonix.org/wiki/Donate

https://www.whonix.org/wiki/Investors

https://www.whonix.org/wiki/Official_Online_Profiles

https://www.whonix.org/wiki/Support

https://www.whonix.org/wiki/Please_Use_Search_Engines_And_See_Documentation_First

21/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Dev/Build_Documentation/Physical_Isolation

https://www.whonix.org/wiki/Signing_Key

https://www.whonix.org/wiki/Verify_the_virtual_machine_images

https://www.whonix.org/wiki/Verify_the_images_using_Linux

https://www.whonix.org/wiki/Verify_the_virtual_machine_images_using_other_operating_systems

https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers

https://www.whonix.org/wiki/Qubes/Install

https://www.whonix.org/wiki/Qubes/Reinstall

https://www.whonix.org/wiki/Qubes/Uninstall

https://www.whonix.org/wiki/Qubes/Update

https://www.whonix.org/wiki/Qubes/Troubleshooting

https://www.whonix.org/wiki/Multiple_Whonix-Workstation

https://www.whonix.org/wiki/Qubes/AppArmor

https://www.whonix.org/wiki/Qubes/Tor_Browser

https://www.whonix.org/wiki/Qubes/Create_Gateway_ProxyVMs

https://www.whonix.org/wiki/Qubes/UpdatesProxy

https://www.whonix.org/wiki/Multiple_Qubes-Whonix_Templates

https://www.whonix.org/wiki/Multiple_Whonix-Gateway

20/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Tunnels/Introduction

https://www.whonix.org/wiki/Chaining_Anonymizing_Gateways

https://www.whonix.org/wiki/Tunnels/Examples

https://www.whonix.org/wiki/Lantern

https://www.whonix.org/wiki/Whonix_versus_VPNs

https://www.whonix.org/wiki/Whonix_versus_Proxies

https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN

https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy

https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_SSH

https://www.whonix.org/wiki/Tunnels/Connecting_to_a_proxy_before_Tor

https://www.whonix.org/wiki/Tunnels/Connecting_to_SSH_before_Tor

https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor

19/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Tor_Controller

https://www.whonix.org/wiki/Corridor

https://www.whonix.org/wiki/Hosting_Location_Hidden_Services

https://www.whonix.org/wiki/Onion_Services

https://www.whonix.org/wiki/Onion_Services_Guides

https://www.whonix.org/wiki/Logging_in_to_captive_portals

https://www.whonix.org/wiki/Sdwdate

- Tested Whonix OS installation on ubuntu/mint.

18/12/2022[edit]

Swapped Off

17/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/OnionShare

https://www.whonix.org/wiki/Remote_Administration

https://www.whonix.org/wiki/Rss

https://www.whonix.org/wiki/YaCy

https://www.whonix.org/wiki/Other_Anonymizing_Networks

https://www.whonix.org/wiki/Freenet

https://www.whonix.org/wiki/JonDonym

https://www.whonix.org/wiki/Chat#RetroShare

https://www.whonix.org/wiki/ZeroNet

15/12/2022[edit]

Sick Leave

14/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Money

https://www.whonix.org/wiki/Bisq

https://www.whonix.org/wiki/Bitcoin

https://www.whonix.org/wiki/Bitcoin_Core

https://www.whonix.org/wiki/Electrum

https://www.whonix.org/wiki/ElectrumX

https://www.whonix.org/wiki/Ethereum

https://www.whonix.org/wiki/Monero

https://www.whonix.org/wiki/Monero_Wallet_Isolation

https://www.whonix.org/wiki/File_Sharing

13/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Nymservers

https://www.whonix.org/wiki/Remailer

https://www.whonix.org/wiki/Chat

https://www.whonix.org/wiki/HexChat

https://www.whonix.org/wiki/Signal

https://www.whonix.org/wiki/Telegram

https://www.whonix.org/wiki/VoIP

https://www.whonix.org/wiki/Wickr

https://www.whonix.org/wiki/One_Time_Pad

12/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Tor_Browser/Advanced_Users

https://www.whonix.org/wiki/Install_Tor_Browser_Outside_of_Whonix

https://www.whonix.org/wiki/Verify_Tor_Browser_in_Windows

https://www.whonix.org/wiki/YouTube

https://www.whonix.org/wiki/yt-dlp

https://www.whonix.org/wiki/E-Mail

https://www.whonix.org/wiki/Encrypted_Email_with_Thunderbird

https://www.whonix.org/wiki/BitMessage

11/12/2022[edit]

Swapped with weekend

9/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Tor_Browser

- Tested whonix linux installation in debian, ubuntu, mint

8/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Tor_Browser (partially)

7/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/RAM

https://www.whonix.org/wiki/Reporting_Bugs

https://www.whonix.org/wiki/Known_Issues

https://www.whonix.org/wiki/Disaster_Recovery

https://www.whonix.org/wiki/Essential_Tests

https://www.whonix.org/wiki/Troubleshooting

https://www.whonix.org/wiki/Surfing_Posting_Blogging

6/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Qubes/Disposables

https://www.whonix.org/wiki/Tor

https://www.whonix.org/wiki/Tor_Entry_Guards

https://www.whonix.org/wiki/Transporting_UDP_Tunnels_over_Tor

https://www.whonix.org/wiki/Tor-ctrl-observer

https://www.whonix.org/wiki/Whonix-Gateway_Security_Hardening

https://www.whonix.org/wiki/Multiple_Whonix-Gateway

https://www.whonix.org/wiki/Whonix-Workstation_Security_Hardening

https://www.whonix.org/wiki/Multiple_Whonix-Workstation

https://www.whonix.org/wiki/Hostnames

https://www.whonix.org/wiki/Host_Operating_System_Selection

https://www.whonix.org/wiki/MAC_Address

5/12/2022[edit]

swapped with weekend

1/12/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Time_Attacks

https://www.whonix.org/wiki/Whonix-Gateway_Security

https://www.whonix.org/wiki/Whonix-Workstation_Security

https://www.whonix.org/wiki/Warning

https://www.whonix.org/wiki/Advanced_Security_Guide_Introduction

https://www.whonix.org/wiki/Advanced_Deanonymization_Attacks

https://www.whonix.org/wiki/Chaining_Anonymizing_Gateways

https://www.whonix.org/wiki/Network_Time_Synchronization

30/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Basic_Security_Guide_Introduction

https://www.whonix.org/wiki/Essential_Host_Security

https://www.whonix.org/wiki/Metadata

https://www.whonix.org/wiki/Onionizing_Repositories

https://www.whonix.org/wiki/Release_Upgrade

https://www.whonix.org/wiki/Install_Software

https://www.whonix.org/wiki/USB_Installation

https://www.whonix.org/wiki/System_Hardening_Checklist

29/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/The_World_Wide_Web_And_Your_Privacy

https://www.whonix.org/wiki/Surveillance_Capabilities

https://www.whonix.org/wiki/Anonymity

https://www.whonix.org/wiki/Tips_on_Remaining_Anonymous

https://www.whonix.org/wiki/VM_Fingerprinting

https://github.com/Kicksecure/repository-dist -> https://github.com/Kicksecure/repository-dist

28/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Data_Collection_Techniques

https://forums.whonix.org/t/long-wiki-edits-thread/3477/2264

https://forums.whonix.org/t/long-wiki-edits-thread/3477/2266

27/11/2022[edit]

swapped with weekend

25/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Post_Install_Advice

https://www.whonix.org/wiki/KVM#Start

https://www.whonix.org/wiki/Qubes

https://www.whonix.org/wiki/VirtualBox

https://www.whonix.org/wiki/Project-APT-Repository

24/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Language

https://www.whonix.org/wiki/Common_CLI_Commands

https://www.whonix.org/wiki/Anon_Connection_Wizard

https://www.whonix.org/wiki/Bridges

https://www.whonix.org/wiki/Network_Obstacle

https://www.whonix.org/wiki/Stay_Tuned

https://www.whonix.org/wiki/Desktop

- Reading about page speedtests and manual tests

- Broken links used for buttons for social media

23/11/2022[edit]

- Created kicksecure and whonix new mastodon accounts on fosstodon

- Migrated kicksecure mastodon.technology and whonix.social to fosstodon

- Bug in creating kicksecure diaspora account due to email issue

- Fixed/added whonix and kicksecure social media profile page

- Tested new kicksecure/whonix upgrades: https://forums.kicksecure.com/t/adding-new-packages-will-be-installed-with-its-recommends/156

- Reported kicksecure firefox welcome page issue

- Speed issue with tb related to new banner: https://forums.whonix.org/t/donation-banner-reduced-page-loading-with-tb/16014

- Create accounts to odysee and rumble and link them to youtube

22/11/2022[edit]

Flood, Swapped with weekend

21/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Stable_Release

https://www.whonix.org/wiki/Old_Stable_and_Earlier_Releases

https://www.whonix.org/wiki/Testers_Release

https://www.whonix.org/wiki/System_Requirements

Mastodon replaced (later added) with diaspora for whonix footer note

20/11/2022[edit]

Fixing and discovering new workable Voip apps

Improvements discussion e.g qubes instructions separation

Outsource APx talk

Flatpak fix followup

Searching for new mastodon host kicksecure

19/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Stable_Release (Partially, then noindex, maybe nowiki for references if needed)

https://www.whonix.org/wiki/Old_Stable_and_Earlier_Releases (noindex, maybe nowiki for references if needed)

Replied to forums - KVM spice issue

18/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Stable_Release (Partial)

Fixed and improved sdwdate onion mirrors:

https://github.com/Kicksecure/sdwdate/pull/45

17/11/2022[edit]

Fixed/Reviewed links and/or Improved text:

https://www.whonix.org/wiki/Whonix_against_Real_Attacks

https://www.whonix.org/wiki/Screenshots

https://www.whonix.org/wiki/Tor_Myths_and_Misconceptions

https://www.whonix.org/wiki/Why_does_Whonix_use_Tor

https://www.whonix.org/wiki/Download

https://www.whonix.org/wiki/FAQ

https://www.whonix.org/wiki/First_Time_User

16/11/2022[edit]

Fixed links in:

https://www.whonix.org/wiki/Features

https://www.whonix.org/wiki/Whonix-Gateway

https://www.whonix.org/wiki/Whonix-Workstation

https://www.whonix.org/wiki/Comparison_of_different_variants

https://www.whonix.org/wiki/Trust

15/11/2022[edit]

Fixed links in:

https://www.whonix.org/wiki/Fingerprint

https://www.whonix.org/wiki/About

Searched for flatpak issue solver
Scanned kicksecure for broken links

7/11/2022[edit]

Fixed links in:

https://www.whonix.org/wiki/Comparison_with_Others

6/11/2022[edit]

Sorted out anbox in whonix and kicksecure
Added thunderbird successful email delivery method with screenshots
Upgraded JMP registration to latest steps
Discovering whonix/kicksecure mastodon technology deprecation
shifted users of whonix technology mastodon account to whonix social

3/11/2022[edit]

Testing waydroid on whonix = doesnt work as it need wayland
Checked missing kicksecure meta-packages: (compared to whonix packages)

https://forums.kicksecure.com/t/add-remove-extra-packages/135/4

Tested kicksecure-xfce-host installation on debian testing:

https://forums.kicksecure.com/t/kicksecure-xfce-host-not-installable-in-debian-12-removed-dependency/152

Checked adding new git commits

2/11/2022[edit]

Finished fixing links in

https://www.kicksecure.com/wiki/Dev/Build_Documentation

Reporting broken links at homepage:

https://forums.kicksecure.com/t/remove-replace-broken-links-at-kicksecure-com/150

Finished adding illustrated images

https://forums.whonix.org/t/missing-libre-illustrative-images/3912/283

Issue with new forum theme and mobile (text in blue not shown)

1/11/2022[edit]

Adjusting I2P to make it work in whonix ws:

https://www.whonix.org/w/index.php?title=Progress_Reports&stable=0

https://forums.whonix.org/t/i2p-integration/4981/359

https://forums.whonix.org/t/i2p-client-inside-whonix-workstation-issues/15890/8

Discovering it wont work in Qubes-Templates (I2P upstream issue)

Finished Kicksecure wiki links fixes.

Discovering JMP need to have updates.

Checking videos needs.

Due to technical difficulties couldn't finish the rest of the working hours (shifted to weekend).

31/10/2022[edit]

Off Sick Leave

30/10/2022[edit]

Off Sick Leave

27/10/2022[edit]

Tested kicksecure installation on debian stable and testing and discovered:

- https://forums.kicksecure.com/t/sdwdate-failed-to-start-in-debian-12-bookworm-next-release/134

- https://forums.kicksecure.com/t/systemcheck-wont-load-work-on-debian-12-next-release/130

- https://forums.kicksecure.com/t/add-remove-extra-packages/135

- https://forums.kicksecure.com/t/not-having-a-default-browser-and-pressing-on-web-browoser-icon-in-xfce-will-give-annoying-bug/128

- https://forums.kicksecure.com/t/add-pyqt5-dev-tool-dependency-to-kicksecure-dependencies/129

- https://forums.kicksecure.com/t/changing-kicksecure-repository-to-tester-will-add-tor-by-default-to-the-repo/127

- https://forums.kicksecure.com/t/disable-unnecessary-startup-processes-e-g-evolution-calendar/126

- https://forums.whonix.org/t/thunderbird-skipping-apparmor-profile-usr-bin-thunderbird/15883

- Uploaded the renewed Whonix Stream Isolation image

22/10/2022[edit]

bureaucracy
POWER ticket support in salsa debian https://salsa.debian.org/fasttrack-team/support/-/issues/38
Investigating flatpak with hardened whonix issue
Creating account/ticket to support router firmware hardening

20/10/2022[edit]

Bureaucracy
Testing whonix latest image with vbox 1.6.40
Testing whonix latest image with vbox 7.0.2

19/10/2022[edit]

Bureaucracy
URL fixes https://www.kicksecure.com/wiki/Verified_Boot
Qubes ticket https://github.com/QubesOS/qubes-issues/issues/7830

18/10/2022[edit]

Bureaucracy
Uploaded the rest of whonix features
Remove FB from sdwdate mirrors (from my PR), Add sdwdate mirrors to forums
Investigating memory usage with TB-Alpha freeze
Testing flatpak whitelist with hardened whonix

17/10/2022[edit]

Added more mirrors to sdwdate
Investigated and reported TB-Alpha freeze to TPO
Tested Whonix latest release over vbox
Bumped whonix/kicksecure release in the wiki to latest release
Fixing qubes-shutter issue
Bureaucracy

16/10/2022[edit]

Swapped with weekend

Footnotes[edit]

Kicksecure

A secure by default operating system with the latest security research in place.

Dark mode

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012- 2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

Progress Reports

Introduction[edit]

arraybolt3[edit]

2024-11-20[edit]

Create draft implementation of restricted filesystems for Calamares[edit]

Debug why Calamares 3.3.11 isn't migrating to Trixie[edit]

Attempt to create MRE for live-build apt-cacher-ng conflict[edit]

Remove GRUB boot menu distro icons[edit]

2024-11-19[edit]

Audit sudoers configuration files[edit]

live-build, use security.debian.org when bootstrapping[edit]

2024-11-18[edit]

Research ArchiveBox[edit]

More live-build work[edit]

Debug and fix ISO build failure on Qubes OS[edit]

2024-11-17[edit]

Review and clean up sdwdate's url_to_unixtime component[edit]

Test hardened JSON parsing in Tor Browser version detection[edit]

Harden JSON parsing in Tor Browser version detection (wip)[edit]

Polish archiver script, begin mass link archival[edit]

2024-11-16[edit]

Write mass link archiver script[edit]

Enhance mediawiki-link-to-archive with archive.today support[edit]

Review kloak makefile enhancements[edit]

2024-11-15[edit]

Research archive.today link protection operation[edit]

Redo Tor Browser version detection logic in dm-packaging-helper-script[edit]

Polish archive.today frontend, add to helper-scripts[edit]

2024-11-14[edit]

Finish most of py-archive-today's features and publish on Github[edit]

Fix live-build crash due to apt-cacher-ng[edit]

2024-11-13[edit]

Start developing archive.today CLI frontend[edit]

Debug live-build crash due to apt-cacher-ng[edit]

2024-11-12[edit]

Test and review archive.today CLI frontend[edit]

Work on graphical-session.target bug in Qubes OS[edit]

2024-11-11[edit]

Implemented Tor Browser version detection in dm-packaging-helper-script[edit]

Research doas suitability for Kicksecure and Whonix[edit]

Start testing archive.is utility[edit]

Make dm-check-unicode look nicer[edit]

Fix debian.list file installation in derivative-maker live-build support[edit]

2024-11-10[edit]

Prepare to split security-misc into shared, desktop, and server packages[edit]

File Calamares feature request for specifying filesystem restrictions[edit]

Make derivative-maker install live-build during build process[edit]

Refactor GRUB themes[edit]

2024-11-09[edit]

Finish testing refactored dm-packaging-helper-script[edit]

2024-11-08[edit]

Finish refactoring dm-packaging-helper-script, start testing[edit]

Finish initial review of IPv6 support PRs[edit]

2024-11-07[edit]

Begin reviewing IPv6 support PRs[edit]

Remove superfluous icons from GRUB themes[edit]

Polish dummy-dependency script[edit]

2024-11-06[edit]

Further progress refactoring dm-packaging-helper-script[edit]

Write dummy-dependency script[edit]

Implement and publish minor fixes for metapackages[edit]

2024-11-05[edit]

Debug apt solver problems with Recommends and Suggests[edit]

More dm-packaging-helper-script refactoring[edit]

Suggest addition of a Weak-Depends field to debian/control[edit]

Fix Kloak default values[edit]

2024-11-04[edit]

Continue refactoring dm-packaging-helper-script[edit]

2024-11-03[edit]

Review Whonix metapackages, post Kicksecure metapackage review on forums[edit]

Finish Whonix and Kicksecure GRUB themes[edit]

2024-11-02[edit]

Begin refactoring dm-packaging-helper-script[edit]

2024-11-01[edit]

Polish Whonix GRUB themes[edit]

Document Super Grub2 Disk usage[edit]

2024-10-31[edit]

Review Kicksecure metapackages[edit]

Polish GRUB theme for Kicksecure[edit]

Review Super Grub2 Disk functionality[edit]