An fitar da rarraba Whonix 18.2, wanda aka yi niyya don samar da garantin ɓoye sirri, tsaro, da kariyar sirri. An rarraba rarrabawar bisa ga Debian GNU/Linux kuma yana amfani da Tor don tabbatar da ɓoye sirri. Aikin aikin yana da lasisi a ƙarƙashin GPLv3. Ana iya saukar da hotunan injin kama-da-wane a cikin tsarin .ova don VirtualBox (2.6 GB tare da LXQt da 1.5 GB don na'urar wasan bidiyo) da tsarin qcow2 don na'urar wasan bidiyo ta KVM (4 GB tare da LXQt da 2.3 GB don na'urar wasan bidiyo).
Wani fasali na musamman na Whonix shine rarraba rarraba zuwa sassa biyu da aka ƙaddamar daban-daban - Whonix-Gateway tare da aiwatar da hanyar sadarwa don sadarwar da ba a san su ba da Whonix-Workstation tare da tebur. Abubuwan da aka haɗa sune mahallin tsarin daban waɗanda aka kawo a cikin hoton taya ɗaya kuma ana aiki a cikin injina daban-daban. Samun dama ga hanyar sadarwa daga yanayin Whonix-Workstation ana yin shi ne kawai ta hanyar Whonix-Gateway, wanda ke ware yanayin aiki daga hulɗar kai tsaye tare da duniyar waje kuma yana ba da damar amfani da adiresoshin cibiyar sadarwa kawai. Wannan hanya tana ba ka damar kare mai amfani daga ɓoye adireshin IP na ainihi a yayin da aka yi kutse a wani shafin yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon yanar gizon ko kuma an yi amfani da wani rauni wanda ke ba wa maharin damar shiga tsarin.
Hacking Whonix-Workstation zai bawa maharin damar samun sigogin cibiyar sadarwa ta gaskiya kawai, tunda ainihin ma'aunin IP da na DNS suna ɓoye a bayan iyakar wata hanyar sadarwa ta Whonix-Gateway, wacce ke zirga-zirga ta hanyar Tor kawai. Ya kamata a la'akari da cewa an tsara abubuwan Whonix don gudanar da tsarin baƙo, watau. yuwuwar yin amfani da mahimmin lahani na 0-day a cikin dandamali na haɓakawa wanda zai iya ba da damar yin amfani da tsarin runduna ba za a iya cire shi ba. Saboda wannan, ba a ba da shawarar yin amfani da Whonix-Workstation akan kwamfuta ɗaya kamar Whonix-Gateway ba.
Whonix-Workstation yana zuwa da yanayin mai amfani da LXQt ta hanyar tsoho. Ya haɗa da shirye-shirye kamar VLC da Tor Browser. Whonix-Gateway ya haɗa da saitin aikace-aikacen sabar, gami da sabar Apache httpd, ngnix, da IRC, waɗanda za a iya amfani da su don gudanar da ayyukan ɓoye na Tor. Ana iya yin tunneling akan Tor ga Freenet, i2p, JonDonym, SSH, da VPN. Idan ana so, mai amfani zai iya amfani da Whonix-Gateway kawai kuma ya haɗa tsarin su na yau da kullun ta hanyarsa, gami da Windows, wanda ke ba da damar shiga wuraren aiki na yanzu ba tare da an san ko su waye ba.
Yanayin tsarin ya dogara ne akan rarrabawar kariya Kicksecure, wanda masu haɓaka iri ɗaya ke haɓakawa a layi ɗaya kuma yana faɗaɗa. Debian Ƙarin hanyoyin da saituna don ƙara tsaro: AppArmor don warewa, shigar da sabuntawa ta hanyar Tor, amfani da tsarin tally2 PAM don kare kai daga zato na kalmar sirri, faɗaɗa entropy don RNG, kashe SUID, rashin buɗe tashoshin sadarwa ta hanyar tsoho, amfani da shawarwari daga KSPP (Kernel Self Protection Project), ƙara kariya daga zubewar bayanai game da ayyukan CPU, da sauransu.
Babban canje-canje:
- An sabunta yanayin Kicksecure don amfani da fakitin Sequoia-PGP (aiwatar OpenPGP a cikin Rust) maimakon GnuPG, kuma an kashe wurin ajiyar ta hanyar tsoho. Debian Saurin Bibiya: Lokacin amfani da LXQt, an dakatar da shigar da Qps (wani dandamali don duba hanyoyin gudanarwa); an ƙara tallafi ga qemu:///session don gudanar da injunan kama-da-wane ta hanyar masu amfani marasa gata.
- An gudanar da binciken tsaro na cikin gida kuma an fara binciken kuɗi na waje.
- Ingantaccen fakitin Kloak, wanda ake amfani da shi don hana gano mai amfani bisa ga shigar da madannai da motsin linzamin kwamfuta.
- Rarraba Qubes-Whonix-Gateway ya haɗa da fakitin fwupd-qubes-vm.
- An sake rubuta shi ta Whonix-Windows-Mai sakawa da Whonix-Windows-Mai farawa.
- Ingantaccen gini ga na'urori masu amfani da na'urori masu sarrafa Apple Silicon.
source: budenet.ru
