You all who think that, just confuse the soft with the warm. It’s not about leaving no trace, it’s about keeping the adversary from getting to those traces. And so it’s about user protection and security. What do you mean actually under this word “security”? Protecting users from evil, bad hackers? It’s not enough to protect them. All this situation reminds me situation when a guy looking for someone who sells him a car and finds only one guy who can sell him only the wheels, another guy who wants to sell him the body of the vehicle, and the third guy who can sell him an engine. And when he gets angry, all three of them say to him, “Well, in the end, if you’re so smart, you can build a car that you like!”
Qubes would be a perfect OS for protection security and anonimity if its developers just were perfectionists. Instead of this they just handed over the anonimity part to the Whonix team, and said, “And that will do!” But things don’t work this way. Whonix developers can only fix anonimity holes related to their own Whonix, but not anonimity holes related to Qubes OS. You can’t just come up with an imaginary word “SECURITY” and pretend that users are being protected in this way. Security without anonimity is not inadequate security for many people in this world. Instead, you’re trying to look like you created your OS to protect housewives who are afraid of hackers.
No one’s asking you to redo the entire system from scratch. No one’s asking you rewrite all the code from scratch. You just asked to patch a few holes related to anonimity in your OS:
- Stop dom0 timezone leakage to app qubes.
- Create mechanism giving (and warning user) to re-route all update checks and update downloads (and not only update downloads) through Tor (in other words to hide Qubes usage from user’s ISP if user wants it). It has sense more to do before user’s first connection to the Net than only after. That’s why it is important to implement this in installer (or in that post-installation configuration part where user asked to install templates and so on).
- Give user ability to hide Qubes presence on his computer from forensic investigation, if user decides that it is better for him.
At this time this is all. And I don’t think that it is too much. All this can’t be done by Whonix developers, but only by Qubes developers.