I installed a messaging app in whonix-ws-16 to message over Tor. Typically I use a Debian template for the messenger app but decided to use the whonix ws template for a more robust Tor connection.
The messaging app uses the default system font to display emojis. The current default whonix font is extremely limited. Even a simple displays as a white box.
Is the default whonix workstation font customized from within the VM template or is there a setting in dom0?
Is there a relatively secure way to install a custom font or should it be avoided?
The messaging app recommends the Linux-compatible “emojione” font. emojione/extras/fonts at master · joypixels/emojione · GitHub The install process appears to be relatively straightforward but I am concerned about possible security risks and unclear if it is the whonix template or another part of Qubes that needs to be changed.
Is there a relatively secure way to install a custom font or should it be avoided?
Good question. I have installed the Ubuntu fonts manually in my whonix-ws templates, but haven’t thought to much about eventual security implications. I know that the TorBrowser has it’s own set of fonts and doesn’t expose your system config to the outside. Another question would be: where did you get the fonts from and can they be a vector?
The general advise as I understand it is to not modify your whonix-ws template unless you absolutely know what you are doing. I was unable to locate any specific Whonix documentation about this topic, so I would recommend asking this question (the part about the security implications) over at the Qubes-Whonix category in the Whonix forums.
That sounds like wise advice. I’m not sure smiley faces are worth my peace of mind. I’ll follow up at Qubes-Whonix - Whonix Forum and see if it’s possible to do it securely. Thanks.
displays as a white box.