Your disguise: 90% Minor remarks regarding your anonymity and security
-10% System time different
The time set in your system differs from your IP addresses time zone. You are possibly trying to hide your current location by anonymity means.
Is there an automated way to change the time in every AppVM? For example:
sys-net ↔ sys-firewall0 ↔ sys-VPN0 ↔ … ↔ sys-VPNx ↔ sys-firewall1 ↔ AppVM
How do I have every AppVM check the time of the VPN-exit-node and change it’s system time accordingly?
Secondly: how do I make AppVM check the time every minute or so and change it’s system time whenever I change VPN-exit-node?
I think appVMs get their default time zone setting from the main system setting. It’s also not clear if you would have to change the time zone in multiple VMs. For example, the MAC address and hostname for a large networked group of VMs is still just the MAC address and hostname provided by sys-net… which is the default VM that syncs the system clock. So I would assume that you just need to change the system clock setting to get your time to align with your VPN server location.
Not sure how to automate that dynamically though. Maybe it would be easier to some how hide the time zone? Or use UTC as a default? i.e. more emphasis on privacy than spoofing.
I tried to fix this, but ended up putting it aside and using certain VMs with certain locales. Lately I gave up.
I had a startup line in the VM rc.local file (see Documentation. I can’t post more than 2 links right now) that changed via timedatectl to whatever setting. That didn’t always work for reasons that were never clear to me (others have also struggled with .rc) - the system time / locale seemed to override it sometimes/often.
For a while I used SecBrowser (discontinued), which was like a TorBrowser without Tor - that hid your timezone to UTC, IIRC. You could do the same maybe with TorBrowser rigged for clearnet. Check Whonix forums.(Of course, if it suits you, there’s Tor!). I use Librewolf a lot and I could have sworn it was doing the same UTC thing, but currently its not. Yaaay…
But its not what you are asking. Honestly, I think that timezone settings are something that get ‘overwritten’ a lot in Qubes. If its important to you, you have to be ‘on it’. It just seems that way to me.
There is a thread somewhere about exactly this timezone-VPN in Qubes issue, but I can’t find it now. Maybe on Github?
Depending how you are doing your VM, you could make a script that frequently checks your vpn ‘status’, takes return locale, compare to timedatectl status and if different, run a change. You’ll have to deal with a sudo challenge, though. Of course, if you are managing your VPN by CLI, you could just make a script that changes both at the same time (and confirms that its done it).
Depending on what you are doing, I found a couple of tips in this discussion quite helpful.
It took some time, but today I had a breakthrough… thanks to a friend (windows user LOL)
In your favorite browser install the extension: Spoof Timezone
=> in options, select: “Automatically update timezone based on my IP address”
What extensions do you use?
I am exploring:
DuckDuckGo Privacy Essentials
uBlock Origin
NoScript
Spoof Timezone
HTTPS Everywhere
Browser Fingerprint Protector
WebRTC Network Limiter
But I have no idea if all these apps are ‘safe to use’, or whether they have backdoors/Trojans/leaks in them.
Would it be safe (as in improve security, privacy and/or anonymity) to install these extensions in the tor-browser of sys-whonix? Or would they lower the safety overall?
@VPN-time I won’t presume to know what is best for you but if you are worried about hidden malware, you might want to stick with open source add-ons that are well-vetted and used by a lot of people.
That time zone add-on appears to be proprietary and not used by many people. That alone increases both security and privacy risks from unknown source code and fingerprinting.
It’s generally not a good idea to install add-ons to Tor Browser. Try to keep the browser as original as possible to reduce fingerprinting (not to mention concerns about installing something bad). You will get far more mileage from hardening the default settings and changing your online habits than you will installing add-ons that change your time zone. (my 2 cents anyway)
I would avoid any extensions that aren’t “Recommended” by Mozilla. Those ones they have checked for malware / bad action.
I also try to use about:config to adjust settings in the browser itself, where its possible, instead of adding another extension / another set of code / another future weak spot. (e.g. switch off webRCT, https everywhere).
Very sad though, I am starting to be a little suspicious of Mozilla lately. But, what to do?
I found material on subreddit PrivacyTools, which has now gone to Privacy Guides, really useful.
For tor-browser, don’t modify it! No extensions! It makes you more vulnerable to being identified by browser fingerprint.
Yeah… I got nervous about Mozilla a decade ago… but yeah… is Opera or Vivaldi better? :-s
But Tor-browser seems to like Mozilla…
A colleague I had a decade ago used lynx… and those text-based browsers sound more and more attractive to me… but then the same questions pop up… are they safe out of the box or do they need tweaking. (and how many sites won’t work with it (but I won’t know until I make time to experience it…))
