Changing the system font in Whonix WS?

I installed a messaging app in whonix-ws-16 to message over Tor. Typically I use a Debian template for the messenger app but decided to use the whonix ws template for a more robust Tor connection.

The messaging app uses the default system font to display emojis. The current default whonix font is extremely limited. Even a simple :slight_smile: displays as a white box.

Is the default whonix workstation font customized from within the VM template or is there a setting in dom0?

Is there a relatively secure way to install a custom font or should it be avoided?

The messaging app recommends the Linux-compatible “emojione” font. emojione/extras/fonts at master · joypixels/emojione · GitHub The install process appears to be relatively straightforward but I am concerned about possible security risks and unclear if it is the whonix template or another part of Qubes that needs to be changed.

@necker:

Is the default whonix workstation font customized from within the VM template or is there a setting in dom0?

Whonix is based on Debian, which means the respective instructions work there too.

Is there a relatively secure way to install a custom font or should it be avoided?

Good question. I have installed the Ubuntu fonts manually in my whonix-ws templates, but haven’t thought to much about eventual security implications. I know that the TorBrowser has it’s own set of fonts and doesn’t expose your system config to the outside. Another question would be: where did you get the fonts from and can they be a vector?

The general advise as I understand it is to not modify your whonix-ws template unless you absolutely know what you are doing. I was unable to locate any specific Whonix documentation about this topic, so I would recommend asking this question (the part about the security implications) over at the Qubes-Whonix category in the Whonix forums.

2 Likes

That sounds like wise advice. I’m not sure smiley faces are worth my peace of mind. I’ll follow up at Qubes-Whonix - Whonix Forum and see if it’s possible to do it securely. Thanks.