How anonymous is Qubes + Whonix out of the box, and how to harden it?

  1. Suppose I only use Tor on Whonix. How anonymous can I consider myself with this setup?

(I know that it also depends on my behavior while browsing the internet. I just mean the setup itself. You can assume that my behavior is appropriate).

  1. Ideas how to harden it are welcome.

if you want to, there not much thing you can do since it already secure by defaults

and more

2 Likes

Thanks, you are a hero.

I’m having a specific question regarding anonymity: (I have also asked this in another question but as I appreciate your opinion the most and I wanted to be safe, here it is for you)
I have heard that browser extensions in Tor endager my privacy. Is this always the case? I would eventually install MetaMask (the most popular browser crypto wallet). What do you think regarding this?

And secondly: I also know that you shouldn’t maximize Tor browser. Can I still increase the window size as long as I’m not maximizing it? I also have a standard screen size, therefore it is very common. Is it still too critical?

Thanks. :slight_smile:

it depend, most brw ext make you more unique (tails tor browser have ublock o so website can know if you using tails)

you shouldn’t install it on tor browser AFAIK

you can, you should change it from default to random thing

as long as you don’t maximize Tor browser, it safe
(.)

1 Like

you shouldn’t install it on tor browser AFAIK

Is there really a better alternative? I definitely need a browser wallet.

as long as you don’t maximize Tor browser, it safe

Is there really a big difference between always increasing it to about 95% of my screen, or just maximizing it if it’s a common standard size?

i’m not sure

.

only if you don’t resize it to edge of screen, it better (mostly because there no truly standard screen size)

1 Like

Vary wide question, could lead to very wide answers.
If you only user Tor on Whonix on [Qubes] and you do no other internet work, (assuming ‘you’ don’t post on this forum, or have another laptop in the same physical location, or log into the same accounts, or type with the same cadence (does Qubes-whonix-16 include typing-cadence standardisation like on KVM they already do?) - then I would say more anonymous than most (if you are thinking in terms of Tor and Whonix only).

However, consider this. When you say anonymity? Why do you ask this? What are your goal(s)?

For me, Anonymity = NUI (Not Uniquely Identifiable).
Given that Anonymity on the binary web is just a matter of ‘entropy’ or how many datapoints/bits I can collate on everyone, (to find how you are unique - i.eNOT=NUI), I would say (IMHO) Tor and Whonix is perhaps not sufficient to be anon from the NSA. But then if you want to be anon from NSA,FBI,etc, I can’t help you.

However, if you want to be anon from your local police - Tor + Whonix is 9900%+++ better than most users.

Unless I am mistaken, any modification/deviation of the Qubes-Whonix template is highly ill-advised (unless you understand precisely the implications). This is a very good introduction, for those whom are not already familiar with Whonix.

Vary wide question, could lead to very wide answers.
If you only user Tor on Whonix on [Qubes] and you do no other internet work, (assuming ‘you’ don’t post on this forum, or have another laptop in the same physical location, or log into the same accounts, or type with the same cadence (does Qubes-whonix-16 include typing-cadence standardisation like on KVM they already do?) - then I would say more anonymous than most (if you are thinking in terms of Tor and Whonix only).

These are good questions.

Understanding anonymity and fingerprinting is difficult.
In some cases having a unique fingerprint may be an excellent path to
anonymity, provided that the fingerprint cannot be correlated to you
or your other activities.
Remember too that there is a difference between fingerprinting that can
be used to identify you online, and fingerprinting that can be used to
confirm identification once you are in the frame.

2 Likes

100% agree. This was why I said for your local police TOR&Whonix is probably good enough, but for the NSA no (as they are a GPA).

Hi, thank you for the nice answer and sorry for my late reply.

or have another laptop in the same physical location

Why does this matter?

However, consider this. When you say anonymity? Why do you ask this? What are your goal(s)?

My goal is to be anonymous to my internet providers since I am often using public WiFi, like in hotels where I have to check-in with my ID. Also anonymous to authorities who shouldn’t be able to track and monitor me.

Tor and Whonix is perhaps not sufficient to be anon from the NSA

Can you elaborate why? I highly highly doubt they are interested in me, but I do want to know it. Qubes + Whonix + Tor seems to be one of the best options you can get at all. I don’t understand what their attack options could be, even if it’s the NSA.

And thanks for the link! :slight_smile:

Correct. However, I don’t see any big threat in letting possible trackers know that my actions are connected to each other as long as they don’t find out my real identity, as I am not entering any personal information.

It is mainly about my real identity.

See also:

https://amiunique.org/

Be sure to read whonix’s Threat Model wiki page

And their wiki in general is pretty complete. They also have a forum where questions like this would be fitting