Warrant Canary Draft
From Whonix
< Dev
Prerequisite knowledge: Whonix ™ warrant canary.
As the page title Dev/Warrant Canary Draft indicates, this is only a draft. This is not the actual Whonix ™ warrant canary. This page is just for discussion and suggestions; only the actually valid, fresh, signed canary matters.
This page allows for easier edits compared to git and is far more accessible to users.
DRAFT[edit]
{{project_name}} Canary
----
Statements
-----------
The {{project_name}} lead developer who digitally signed this file states the following:
1. Canary issue date: see the gpg signature time.
2.
Definition “artifact”: {{project_name}} software, {{project_name}} downloads, {{project_name}} source code
* The {{project_name}} Project has never added any backdoor to any artifact.
* The {{project_name}} Project has never turned over any signing key.
* The {{project_name}} Project has never knowingly signed any artifact containing any backdoor.
* The {{project_name}} Project has never weakened, compromised, or subverted any of its cryptography.
3. We plan to publish the next canary statement within 4 weeks.
This file should be signed with a detached OpenPGP signature by the {{project_name}} lead developer.
Do not trust the contents of this file blindly - always verify digital signatures!
Take special note if this message ceases to exist.
Special announcements
---------------------
None.
Disclaimers and notes
---------------------
Be mindful that {{project_name}} has been designed under the assumption that all relevant infrastructure is permanently compromised. This means NO trust is placed in any of the servers or services which host or provide any Whonix-related data, particularly software updates, source code repositories, and {{project_name}} downloads.
This canary scheme is not infallible. Signing the declaration makes it very difficult for a third party to produce arbitrary declarations, but this does not prevent the use of coercion, blackmail, compromise of the signer's laptop or other measures to produce false declarations.
The news feeds quoted below (see Proof of freshness) confirm this canary could not have been created earlier than the issue date. This demonstrates a series of canaries was not created in advance.
This declaration is provided without any guarantee or warranty. It is not legally binding upon any parties in any form. The signer should never be held legally responsible for any statements made here.
Proof of freshness
-------------------
Editor comment: Proof of freshness will be automatically appended as a result of the warrent-canary-update script. Do not edit below here without prior discussion.
Links[edit]
- https://gitlab.com/whonix/whonix-developer-meta-files/-/blob/master/misc/canary-template.txt [archive]
- https://gitlab.com/whonix/whonix-developer-meta-files/-/blob/master/release/upload-canary [archive]
- https://gitlab.com/whonix/whonix-developer-meta-files/-/blob/master/release/warrent-canary-update [archive]
- Whonix ™ warrant canary
- Warrant Canary Check
Forum Discussion[edit]
https://forums.whonix.org/t/whonix-warrant-canary/3208 [archive]
Footnotes[edit]
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
.svg.png&filetimestamp=20200623163525&.html){kind=small}
Please contribute by helping to answer Whonix ™ questions.
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.