Hiding CPUID from AppVM (why is this not default)?

as time goes on i’m learning qubes isn’t as private and secure as i originally belived
while this sepsific issue is less important to me personally (since i care more about security then privacy…) you’d think that by principal the hardware id should be hidden from vm’s by default…

and while yes it is hard to believe any entity less powerfull then maybe a full blowen government would be able to use such a “meaningless” piece of information
think of the journalists using qubes and tyranical goverments such as china’s… to give and example


i’ve found this after a quick search Setting the CPUID of a XEN guest - Intrbiz Blog

but the link given is old

wayback machin gets me to 2012 and not much usefull information either

and well most lickly that anything from 2012 is very very outdated
if anyone can direct me to a patch or instruction/… anything like that i’d appreciate it

no need to really dig into the matter it’s just “general discussion”

(it’s not that important to me as i said i’m not in the business of upsetting governments/ paranoid to the degree where a attacker would have the ability to identify who am i from the device…
and if i were i would’ve got my self a cheap second hand laptop for cash anyway so…
or paid someone in cash to buy me a good cpu/… not to step foot in a store with cameras or credit card or…)

but i mean…
u get the point it’s a matter of principal

(Adjusted your title for clarity, but fell free to tweak it if it is not adequate)

I think this will answer your question (marmarek is the lead developer of Qubes):

if this kind of thing surprises you, you should definitely be aware of other limitations (and benefits) from Qubes. For anyone else reading this in the future too, check the Whonix forum for the entry “Qubes-Whonix security disadvantages,” (.onion) in summary, some modules like kloak (keystroke timing anonymization), lkrg (linux kernel runtime guard), and tirdad (TCP ISN CPU information leak protection) do not work on Qubes-Whonix. also i talk about whonix here because you mentioned journalists hiding from oppressive governments (and nothing else on qubes besides the deprecated TorVM)
fyi there’s a lot of other modules i didn’t mention, so go give the forum post a read
however, qubes offers a lot of other security benefits over virtualbox, see the whonix wiki entry on why qubes is better than other virtualizers (.onion) (benefits in security, anonymity, and privacy)

There are pragmatic reasons for not masking information about the CPU from VMs. E.g. a lot of programs, particularly compilers/linkers, use the information to assist in giving correct/optimal output.