™

Download

Debian morph to Kicksecure (Hardware) Windows (VM) Linux (VM) Mac (VM) VirtualBox (VM) KVM (VM) Qubes (VM) USB ISO (coming soon) More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Contribute

Support

Free Plus Premium Contact

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Website Enhancements Planning

TODO: ADMIN - SOON[edit]

TODO: ADMIN - DELAYED[edit]

illustrative images creation[edit]

Implementation probably needs discussion.

• Hiding your identity is harder than just hiding your IP.
• You can't be anonymous without being secure.
• your Whonix with Tor versus your IP without Whonix
• route randomization
• Ask yourself - privacy by design / privacy by policy
• freedom / freedom security / security
• why security matters
• why anonymity matters

DEV

• It was agreed upon with admin that these tasks need a media / posting strategy first
• So this task is delayed until admin has such a strategy

CSS hide some unused mediawiki footer items[edit]

pagespeed reporting:

Links are not crawlable

footer#footer > ul#footer-places > li#footer-places-privacy > a
<a href="">
footer#footer > ul#footer-places > li#footer-places-about > a
<a href="">
footer#footer > ul#footer-places > li#footer-places-disclaimers > a
<a href="">

The is the HTML which is most likely auto generated by mediawiki on every wiki pages's HTML:

<footer id="footer" class="mw-footer" role="contentinfo" >
	<ul id="footer-info">
	<li id="footer-info-lastmod"> </li>
	<li id="footer-info-copyright">By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements:</li>
</ul>

	<ul id="footer-places">
	<li id="footer-places-privacy"><a href=""></a></li>
	<li id="footer-places-about"><a href=""></a></li>
	<li id="footer-places-disclaimers"><a href=""></a></li>
	<li id="footer-places-Terms_of_Service"><a href="/wiki/Terms_of_Service">Terms of Service</a></li>
	<li id="footer-places-Privacy_Policy"><a href="/wiki/Privacy_Policy">Privacy Policy</a></li>
	<li id="footer-places-Cookie_Policy"><a href="/wiki/Cookie_Policy">Cookie Policy</a></li>
	<li id="footer-places-E-Sign_Consent"><a href="/wiki/E-Sign_Consent">E-Sign Consent</a></li>
	<li id="footer-places-DMCA"><a href="/wiki/DMCA">DMCA</a></li>
	<li id="footer-places-Imprint"><a href="/wiki/Imprint">Imprint</a></li>
	<li id="footer-places-darkmode"><a text="Dark mode" href="#" class="ext-darkmode-link nwwmw-ui-icon mw-ui-icon-before mw-ui-icon-darkmode" title="darkmode-link-tooltip" icon="bright">Dark mode</a></li>
</ul>

To fix, please try adding to our CSS where appropriate:

#footer-places-privacy { display: none; } #footer-places-about { display: none; } #footer-places-disclaimers { display: none; }

DEV

• Done
• Added to Mediawiki:Footer.css on Kicksecure and Whonix

Patrick:

Try the literal example CodeSelect box from above? Maybe works better than the combined CSS syntax?

DEV

• As discussed Admin will think of a solution, maybe write a bug report for Pagespeed

rework Collapsible Elements[edit]

summary, update: This will likely fix itself in a future upgrade of mediawiki.

• pagespeed shows for https://www.kicksecure.com/wiki/Documentation that links the Expand links are not crawlable
• mediawiki upstream: https://www.mediawiki.org/wiki/Manual:Collapsible_elements does not have this issue.
  • https://www.mediawiki.org/wiki/Manual:Collapsible_elements/Demo/Advanced does not have this issue either.
• upstream bug report: Please add role=button in Collapsible Elements to a.mw-collapsible-text (Links are not crawlable)

https://www.mediawiki.org/wiki/Manual:Collapsible_elements uses a different API.

We are using in the mediawiki markup:

<div class="toccolours mw-collapsible mw-collapsed" style="max-width:100%;">

pagespeed shows for Kicksecure:

Links are not crawlable

Search engines may use href attributes on links to crawl websites. Ensure that the href attribute of anchor elements links to an appropriate destination, so more pages of the site can be discovered.

Learn how to make links crawlable -> https://support.google.com/webmasters/answer/9112205

Uncrawlable Link

body.mediawiki > div#content > a#top

<a id="top">

Can we use a better API from mediawiki upstream documentation (linked above)?

Or alternatively, could we simply add an id= to our div?

DEV

• First the mediawiki links were researched.
  • They are actually using the same syntax just on wikitables, but later down they are using the same syntax.
  • It seems they may have a newer mediawiki version - one where they fixed the "bug" that we reported a couple of weeks ago. Because for example in this old verison https://web.archive.org/web/20221008164934/https://www.mediawiki.org/wiki/Manual:Collapsible_elements they still have the [a] element like we still have now, so they are probably just a couple of versions ahead
• About the "body.mediawiki > div#content > a#top" - this is an element that seems Mediawiki auto-generates. It is above the content area which the wiki editor can influence. The very first thing right above the sitenotice. Wikipedia actually also has this very element at the top of every article

Patrick:

• MediaWiki 1.40 does not have this fix yet.

TODO:

• recheck in mediawiki 1.41

Check Useragreement[edit]

Please check Useragreement on Kicksecure and Whonix. Widgets have been restored. But the "Yes" Widget seemed to be broken a while ago

new thank you donation message[edit]

1) CORS issues are fixed now? (Patrick attempted to fix these.)

2) explain Patrick how to draft a HTML e-mail with text-only fallback in Thunderbird

3) Possible to have a plaintext fallback if HTML is disabled by the e-mail client?

4) e-mail for

• Kicksecure
• Whonix

5) bug?

This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.

https://developer.mozilla.org/docs/Web/HTML/Quirks_Mode_and_Standards_Mode

Valid HTML better / good idea for best e-mail reader compatibility?

DEV

1. How can I check CORS issues?
2. In thunderbird multipart email can be accomplished by going to "Options > Sending Format" and choose "Both HTML and Plain Text"
   1. This Sending Format however only seems to take effect if the mail is truly sent. So saving it as a draft and then "saving as" .eml does work but does not create a multipart email
   2. So maybe admin should send the email to his own email address and then save the .eml file
   3. However this eml file needs to be modified for each recipient, so there needs to be more work done
   4. Maybe another mail software needs to be involved
3. The plaintext fallback is exactly what we want to accomplish with multipart
4. What is meant with task 4?
5. Maybe live discussion is needed

Patrick:

send HTML Content-Type: multipart/alternative; boundary= message

cat filename.txt | sendmail -i test@test.com

mediawiki-extensions-Purge[edit]

todo: discuss

What does https://github.com/AlPha5130/mediawiki-extensions-Purge/blob/master/resources/ext.purge.js (15 lines only) do?

Probably would have little effect for our wiki because of our custom skin? Does this functionality seem useful?

DEV

• The development of this extension seems pretty interesting
• The new extension (from pseudonym dev) is not much different from the original and seems to fix a faulty behavior of the original extension
• Both versions consist of 2 parts: ext.purge.js and Hooks.php
  • In Hooks.php in every page (without our skin) there is a link added to call the purge page (which is not part of the extension but of mediawiki itself)
  • This is just a convenience shortcut, but useful - even for us. Because if a dev is already on the edit page then our purge via super menu is not available. Removing this extension however would not be a terrible loss but a small convenience downgrade
  • In ext.purge.js the convenience is even more improved for Javascript users only. Because then the link does not open the purge-page but is stopped and instead the purge action is instantly performed without going to the purge page
• Both versions are not perfect
  • The original version fails to prevent the link to be augmented by Javascript. This might be due to it being loaded to early or other factors
  • The newer version fixes this behavior but also prevents nojs users to use this button at all. It will be there but non-functional
• Suggestion (in order of preferability from Dev's perspective)
  1. However because it would be mainly for our convenience I suggest use the newer version
  2. If not then use the older version
  3. If not then write our own fork which would be the perfect solution
  4. Another option would be to just add our own purge button via a simple Javascript file on pages that don't have the skin. That would also be a ONLY-JS solution but it would be a bit quicker than the "perfect fork" solution
  5. If not then don't use at all, because we have instant access to purge via our skin

Patrick:

• Do we even need the purge button still?
  • Only for template changes?
  • Otherwise cache invalidation is stable nowadays?
• Weird anyhow that non-admins can clear cache.
• MediaWiki's solution prevents crawlers from accidentally pressing that button.
• noJS support not required.
  • JS-only solution good enough.
• Could we make it login-only or admin only?

Upgrade mw-multi-wiki - delete deleted files[edit]

DEV

• I suggest upgrading mw-multi-wiki
• Currently it is the case that files which are deleted are not updated during mw-multi-wiki deploy
• This means that a dev would have to delete the other files manually and keep track somewhere which files to delete later
• This is a problem because sometimes files should not be deleted before everything is finished and admin has approved development. And it also cannot be deleted before because then the wiki which is not updated yet would not function anymore
• So I suggest admin upgrades the mw-multi-wiki script and checks for formerly Category:MultiWiki files that are now deleted and delete them too
• Or maybe find another solution

Patrick:

• How mw-multi-wiki could detect deleted files from Category:MwDeleteMe?
  • Currently mw-multi-wiki uses MediaWiki API to look at https://www.kicksecure.com/wiki/Category:MultiWiki
  • Once a page is deleted, it vanishes from the Category:MultiWiki page. Therefore mw-multi-wiki "forgets" about its existence.
• A) mw-multi-wiki could be stateful and "remember" which pages were ever in mw-multi-wiki but that's ugly because then an idempotent, clean script would be dependent on remembering the state in some state file. The state would be difficult to share among developers.
• B) A Category:MwDeleteMe could be invented. Delete all contents from the page and add that Category. Then mw-multi-wiki could remove it first from slave and eventually form the master wiki. Also non-ideal because not an intuitive process as it requires the developer to remember this because it's not a simple as using as using the wiki's internal deletion feature.
• C) Deletion log https://www.kicksecure.com/wiki/Special:Log/delete doesn't contain categories.
  • Parsing the deleted revision for Category:MultiWiki might be error prone (if a wiki page was MultiWiki in the past but then it was only a comment).

status:

Patrick asked on the MediaWiki mailing list. https://lists.wikimedia.org/hyperkitty/list/mediawiki-l@lists.wikimedia.org/thread/DIREH7YFVQPYHIJFFUXNBE6PVJ6OSMUX/

new idea: diff the categories in the different wikis

report only

Logos Misc TODO[edit]

TODO:

• github sponsors credit card
• Content in Kicksecure wiki and Whonix wiki
• wiki text inconsistencies
  • Chapter "Definitions" currently shows:
    • Logo - seems to unspecific
    • Landscape logo
    • Text logo
    • Icon logo
  • Chapter "Current Kicksecure logos" uses a different language.
  • Chapter "Current Whonix logos" uses a different language.
• logo consistent naming
• projectname-logo-definition
  • example: kicksecure-logo-rectangular
  • rename File, Special:ReplaceText to update old references

misc[edit]

• https://www.debugbear.com
• https://www.speedcurve.com/
• https://developer.chrome.com/docs/devtools/application/back-forward-cache/
• https://www.mediawiki.org/wiki/Snippets/Load_an_additional_JavaScript_or_stylesheet_file_on_all_pages
• https://marketingpipeline.github.io/CSS-Image-Loader/index.html
• https://medium.com/free-code-camp/using-svg-as-placeholders-more-image-loading-techniques-bed1b810ab2c
• https://github.com/fogleman/primitive
• https://github.com/kizule/mediawiki-extensions-Kicksecure
• https://textoptimizer.com/
• https://github.com/vozlt/nginx-module-vts

MultiWiki: Think about PHP files[edit]

• For the workflow it would be good to not only deploy the js and css files to the "slave" wikis, but also the php-scripts for combined and headscript content
• Pro: if there are more than 2 wikis (which are not at the moment) then it's way easier to manage
• Con: At the moment it's not necessary. And we would need to be very careful with who gets the rights

Stage Server as Master[edit]

• MultiWiki feature requests:
  • The idea is the separate MultiWiki files into "code" (js, css files) and "content" (content pages)
  • pull code (CSS, JS, widgets) from Kicksecure stage server
    • How about templates such as Template:Header?
      • These need to be in a special category to be recognized as code?
• stage server feature request:
  • The stage server becomes the master server for code files. That way new scripts can be developed and tested on the stage server without disrupting the normal production use of the public wikis. Once a new feature is ready it can be multiwiki deployed from the stage server (master) to the slave wikis
• For content pages the Kicksecure wiki might still be the master however

Newsletter Widget[edit]

• Widget here means "widget" generally as in a box with a special feature.
  • Not necessarily a MediaWiki widget.
  • Is there a better terminology than widget to avoid confusion?
• features:
  • subscribe
  • unsubscribe
  • add the newsletter subscribe/unsubscribe to homepage
  • the widget should be re-usable in other places in the wiki
  • Ideally noJS compatible.
  • Just two (subscribe/unsubscribe) POST submit boxes.
  • The backend on the server could be a simple PHP script that just appends the e-mail address to a file subscribe.txt / unsubscribe.txt.
    • The PHP script should reject invalid e-mail address formats (such as with spaces in the middle or missing @ sign)
    • The PHP script would return "Success. Thanks for signing up!" or "Failure to sign-up. Please report this bug in the forums."
• non-features:
  • double opt-in (this will be done manually at a later stage before sending any e-mails)
• TODO: discuss

DEV

• Topic was discussed. Script should be simple and at best not using a database
• Dev did newsletter research. Conclusions
  • Most scripts are paid and proprietary, e. g. https://www.formget.com/newsletter-php-script/
  • Most scripts are rather complex
  • Most scripts use MySQL
• Options
  • We could write a completely new scripts
  • We could base a widget on the research by admin: https://github.com/rodhilton/maillister (an old script)
  • We could by a modern script and set it up with mysql
• Admin said he will do script research again

FlaggedRevisions CacheClear Workaround[edit]

TODO

TODO DEV[edit]

FYI - mediawiki changelog[edit]

FYI only

• https://phabricator.wikimedia.org/T345866
• https://www.mediawiki.org/wiki/Parsoid/Parser_Unification/Media_structure/FAQ
• https://www.mediawiki.org/wiki/Parsing/Media_structure

mobile thumbnails whonix[edit]

Box wider than image bug.

exclude from google - whonix RAM wiki page[edit]

whonix.org/wiki/RAM

See Also Social Share Button

exclude paypal payment search results[edit]

GoogleOff

WAITING ON[edit]

REVIEW PLEASE[edit]

DONE / Log of DevSprint since 2021-12[edit]

• 2023-09-08
  • Virtualbox installer logo
  • Illustrative images
    • Whonix-Gateway Xfce VM illustrative image
    • Whonix-Workstation Xfce illustrative image
    • Kicksecure CLI illustrative image
  • HP images
    • Stream Isolation image
    • File swap creator image
    • targeted updates image
  • Stream isolation thumbnail too big
  • Nav-menu column overflow bugfix

• 2023-09-07
  • donor cards broken + wikitest
  • Discussion Todo
  • pagespeed fixes
  • discuss CSS hide footer items
  • Expand Collapse replace new technique + docu + tests
  • mediawiki bug report CSS/HTML changes

• 2023-09-06
  • Pagespeed fixes
  • donation appeal page discussion
  • GrapheneOS task review
  • Mobile_Phone_Security wiki page content enhancements
  • CSS hide footer items

• 2023-09-05
  • Mediawiki Code Editor Warnings Research
  • Server Cache Busting review
  • Google Mobile Font review
  • whonix homepage press section
  • mw-collapsible-toggle screenreader aria research
  • header hover over effect and link
  • mw-collapsible bug report

• 2023-09-01
  • add querystring to Headscript discussion + version + hsversion
  • CSS extension cache busting discussion
  • footer - TM vs R – Kicksecure and Whonix Headline + Symbol solution
  • homepage - sequential heading levels
  • Whonix HP new player hero image + play / pause player upgrade + SVG play symbol

• 2023-08-31
  • header nav menu hover plus link analysis
  • Header Hamburger Menu like super menu
    • Kicksecure + Whonix
    • Refactor Header code
  • icon bullet list span upgrade + tests + documentation
  • anti spam email upgrade + Template Contact icon bullet list upgrade
  • Hompages "Learn More" labels
  • TODO Discussion

• 2023-08-30
  • toc line wrapping bugfix
  • forums link indicator wrap bugfix
  • whonix homepage video bugfix
  • anti spam email hover feaure + icons + documentation + whonix port
  • super menu closeable when clicking elsewhere + open when hover

• 2023-08-28
  • Whonix HP VPN table bugfix
  • Kicksecure Whonix Super Menu close via X
  • Antispam Email Tooltip Whonix + Kicksecure + tests + documentation
  • Template:GoogleOff span upgrade + tests + documentation
  • Discussion Header Menus JS Hover

• 2023-08-25
  • footer superfluous scroll bar fix
  • Header menu Kicksecure Whonix
    • new open close technique
    • menu to full size
    • icon switch to x
  • pagespeed fixes for Whonix and Kicksecure
  • Whonix vs VPN table fix research
  • tables word breaking mediawiki bugfix

• 2023-08-24
  • Footer new version for Kicksecure and Whonix
    • Code review + refactor + testing
    • Documentation
    • Dark Mode Button Fix
    • Open Source Logos Upgrade

• 2023-08-23
  • New Header Whonix and Kicksecure
    • Nav Menu
    • Multiwiki restructure
    • code review + refactor
    • testing + documentation
  • FontAwesome research + upgrade
  • Footer new version 20%

• 2023-08-22
  • Whonix Forum banner color
  • Sitenotice id new solution review + tests and documentation
  • Discussion Todo
  • Header new menu structure + design + multiwiki strategy

• 2023-08-18
  • Mediawiki old vector skin
    • Responsive code review
    • 2x bug report upgrades
  • ContentImage upgrade + tests + documentation
  • Flagged Revisions Design Bugfix
  • Mediawiki update review finalized
  • Header new version 60%

• 2023-08-17
  • Wiki update all broken fixes (image, thumbs, thumbgallery, community support, videolink)
  • MediaWiki verison log research + diff file review

• 2023-08-16
  • Community Support Template upgrade + tests + docu + pages
  • New feature pre[data-code]
  • Template nowrap bugfix
  • StageServerIndicator + Headscript modification + documentation
  • wikitest check after update

• 2023-08-15
  • Expand Button different labels + tests + documentation + pages update
  • mininav image icons + tests + documentation
  • Content Review Debian install + verify signatures
  • Content text improvement verifying software signature
  • Community support template : upgrade (first iteration)

• 2023-08-14
  • Tab Controller citation bug search + feature cite-ref + new wikitest + documentation
  • Expand Button label discussion
  • wiki syntax discussion
  • header + footer discussion
  • Whonix Kicksecure HP images review
  • Whonix HP table pagespeed fix
  • tab content controller multi line space reseved + mininav upgrade + tests + documentation

• 2023-08-11
  • Forum links analysis + link upgrade
  • DiscoverHiddenElements new feature
  • tab content controller upgrade
  • FlyinBanner testpage upgrade
  • minimav image support analysis

• 2023-08-10
  • Share Tooltip and headline edit better positioning and better (and more reliable) hover effect
  • Mbox task review (closed)
  • contentimage thumbnail upgrade + documentation
  • GoogleOff for footer QR area
  • too much white space after table bug fix
  • tab controller
    • height bug fix
    • linkid use case upgrade
    • feature reviews

• 2023-08-09
  • Discussion Todo
  • Download Button new icons parameter + titles (for these icons) + tests (wikitest) + documentation
  • Whonix Forum header footer restored
  • Download page Source Code link for Kicksecure and Whonix
  • Footer Header discussion and suggestions for Kicksecure and Whonix
  • Whonix Forum nojs bug research + bugfix + bug report
  • Share widget icon upgrade

• 2023-08-08
  • Discussion Todo
  • Re-Balanced headline visuals
  • Whonix discourse forums revert to default
  • page too long (width) bug fix (2 pages)
  • Whonix super menu mobile fix
  • Share Tooltip Button better click + new icon suggest
  • Download Button custom image feature review
  • CodeSelect spacing bug research

Footnotes[edit]

---

Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.

Kicksecure A secure by default operating system with the latest security research in place.

Dark mode

Follow us on social media

FREE  ·  PLUS  ·  PREMIUM Support

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint Kicksecure ENCRYPTED SUPPORT LP, 2023

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!