If you want to be extra cautious and really authenticate a OpenPGP key in a stronger way than what standard HTTPS offers you, you could use the OpenPGP Web of Trust.
One of the inherent problems of standard HTTPS is that the trust we usually put on a website is defined by certificate authorities: a hierarchical and closed set of companies and governmental institutions approved by web browser vendors. This model of trust has long been criticized and proved several times to be vulnerable to attacks as explained on our warning page.
What in case you want to totally stay anonymous or have no trust path to a OpenPGP key?
Some people just write an unencrypted mail to the recipient and ask them to send their public key. The recipient will most likely either send its public key or at least its fingerprint.
This works against passive attacks. An observer wouldn’t know what they have been talking about in the following encrypted mails. This totally fails against active attacks. A man-in-the-middle could replace the recipient’s key with its own malicious key. The sender would use the wrong key, the man-in-the-middle would decrypt the message, read it, and re-encrypt it with the legit key and forward it to the recipient. Neither sender nor recipient would ever find out that their messages are being read by an adversary. – This is the whole reason, why the trust model path and key signing is recommended in the first place.
Whonix is an anonymous general purpose operating system based on Virtual Box, Debian GNU/Linux and Tor. It has its focus on anonymity, privacy, security and usability.
The Whonix project is looking for a volunteer.
– Join us with https://www.whonix.org
– Reading translation extension’s documentation for mediawiki.  – Getting new translators started.
– Maybe translate into your native language.
– Coordinate translations.
If you are interested, please sign up for the Whonix Developer Mailing List  and say hello.
you may or may not be interested, that Whonix  (a derivative of Debian) first implementation of verifiable builds has been finished. It should make it reasonable to believe, that the original Whonix.ova images have been build from the source code that has been published for that Whonix version with no malicious additions by the Whonix builder or build machine. Next Whonix version will be build that way.
It’s not as good as reproducible-builds , where you can simply compare the hash of the resulting image, but without any
deterministically build operating systems, that’s impossible for the Whonix project to archive.
How it works (very brief)… Whonix does not add binary packages. All binary packages are taken from Debian repositories. Whonix is only a collection of config files and scripts. Images is extracted, MBR, VBR gets dumped and compared, checksums of all files within the image are created. All information is written into a report file. When having two reports (one of official builds and a own build), those can be compared. The full documentation of that feature and links to the related scripts can be found in whonix.org wiki. 
I am happy to hear if I have overseen any holes, where backdoors could still be hidden.
And I also have a question. During Whonix’s build process, after installing all packages inside the image, commands like
are run. And during first boot, commands like
are run. Is there perhaps a better way of temporarily getting rid of non-deterministic files than manually running these scripts, for example letting dpkg call those scripts?
Currently broken due to changes by torproject.org. You have to manually update Tor Browser in meanwhile:
Forum help thread:
Already fixed in git. Due to lack of a release manager and testers it will take some time until we can push an update.
Shared Folders aren’t working with the latest Linux kernel.
Possible workarounds, more information, etc. can be found in the Whonix User Help Forum discussion thread: