Some further information on the topic:
Is this available on the latest qubes release?
The Issues above aren’t closed, so no.
1 Like
To what extent disp VMs in QubesOS are amnestic?
Tails is amnestic. How much a disposable whonix might leak relative to tails? What is left exactly?
If it’s just a little information (like this user has used whonix or tor), that’s not concerning . If it might leave traces of communication, DNS, files, that could be game over.
Whonix is supposed to be better than Tails. I know in terms of security it is better but not sure of privacy.
You can use this. Dispvms and dom0 on varlibqubes and all another VMs on vm-pool. Qubes in tmpfs 🤫
It’s fully “as tails”
1 Like
Quite a lot. It spills a lot of logs to dom0 by default.
1 Like
Whose idea was it to export a lot of logs from a VM that is meant to be ephemeral, by default?!!
Sounds like a choice, that can be changed to zero or absolutely necessary logs.
That’s not that simple. As far as I understand, the VM is not technically meant to be ephemeral, the volume is. Every linux distribution exports a lot of logs by default, even Tails OS (in that case, on RAM?).
Reading the previously mentioned Github issues will give you an insight into the questions related to this topic.
1 Like
Dom0 on ram too
At least disposable whonix should be read only like tails. It’s doable as tails shows.
Does this patch even solves the issue of the ephemeral key being saved on dom0’s swap?
The most effective solutions for creating fully amnesic live qubes for max forensic protection:
Qubes dom0 ZRAM Live Mode It uses memory very carefully
Qubes dom0 OverlayFS Live Mode It is the safest mode (/ read-only)
Really disposable (RAM based) qubes This is great for new users, who can’t run dom0 live yet
To avoid any potential confusion: RAM-based qubes were never meant to be an anti-forensic tool.
2 Likes