Cross-browser Tracking Vulnerablity and DispVMs

And this is why i LOVE my Qubes OS with it’s “dispVM’s” and isolation!!

Techinally this works only if the dispVM has no applications that are tested for the scheme flood. So if your template has any of these, then I guess it can be identfied. I tested basic fedora-33 template, the scheme flood didn’t find anything.

Good to know

I haven’t read the article but just wanted to point out that there is the common misconception that dispVMs protect from fingerprinting. They do not.

Read the FAQ on What about privacy in non-Whonix qubes?:

The main way Qubes OS provides privacy is via its integration with Whonix. Qubes OS does not claim to provide special privacy (as opposed to security) properties in non-Whonix qubes. This includes disposables.


edit: made the title a bit more specific over the issue. Feel free to tweak it.

1 Like

It’s all good Deeplow…

1 Like