I think anon-whonix seems to save bookmarks, settings, files and add-ons, but I feel that the more I use anon-whonix, the greater the risk of fingerprinting and malware infection.
How do people use anon-whonix and disposable whonix depending on the situation? Let me know so I can use it as a reference.
For maximum anonymity and safety I should always use disposable whonix without any changes.
But it’s inconvenient, so we usually compromise with a little anon-whonix. Is there an anon-whonix for this purpose?
I’m not an expert but my understanding is that the Tor browser has a pretty solid sandbox on its own, even independent of Qubes. Bookmarks are probably safe unless something breaks outside the sandbox and enumerates them, of course. Perhaps good practice would be to recycle your anon-whonix instances periodically if you are visiting sites that may have malware.
Persisting bookmarks and downloads is the only thing I find myself needing to use a non-disposable anon-whonix instance for (which is usually all the time, I typically don’t use a disposable anon-whonix)
So, if I download something malicious on my non-disp whonix, I would try to export bookmarks to HTML and copy them off the VM before destroying it and create a new one.
Also one should generally not install any addons whatsoever with Tor. This will make you more identifiable. This includes not using ublock origin - one user blocking ads will fingerprint differently from another not blocking ads.
Additionally, settings should not be changed either. In fact, the default window size must be left as-is. So your scope of concern with the browser really should only be bookmarks and any lingering downloads not yet moved elsewhere.
Would love to hear other people’s thoughts too.