When i change the security of Mullvad browser in disp6555 (for example) the vm shutdown because the Browser need to restart to apply the settingss how do you guys deal with this issue ?
you could first open the disposable with a terminal, then from there run the mullvad-browser command.
I know but this is not what i want when you change the security in Tor Browser with whonix it doesn’t do that why with mullvad-browser it does ?
I ran mullvad-browser --verbose from the cli, then changed the security setting, but didn’t notice anything informative. I don’t know why there would be a difference between the two browsers since the Mullvad browser is derivative, but mullvad-browser --help displays lots of options that may help investigate further.
1 Like
Changing the security levels in Mullvad Browser is not recommended, which is why the button was removed from the top bar.
See “Security Levels” in this article:
1 Like
What does Whonix do that is different, so this does not happen?
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
I’d like to know what is different from Mullvad Browser but @DVM showed me we shouldn’t do it it’s not recommend to do that so i would not try to find the issue sorry to have created this post
Thanks @DVM i didn’t know about that
1 Like
Looks like the disposable survives a Tor Browser restart on Whonix Workstation because they run the start-tor-browser script with --verbose. (Which AFAIU makes the detached process from the restart inherit the original stdout and stderr file descriptors, with the effect of somehow letting the launcher know that it is still active.)
So, try editing /usr/share/applications/mullvad-browser.desktop in the disposable template’s TemplateVM to use
Exec=/usr/lib/mullvad-browser/start-mullvad-browser --verbose %uYou’ll have to repeat that after each Mullvad Browser update.
Since changing the level was redesigned to restart the browser, I think that old warning in the Mullvad Browser 14.0 release notes no longer applies. (Of course, each level still puts you into a corresponding fingerprinting bucket. But there should no longer be any inconsistency between starting on a specific level vs. switching to it mid session.)
2 Likes
I just tried what you said and it work ! thanks you but i’m confuse should we change the security level or not ?
As far as fingerprinting is concerned:
-
IMO avoid the Safer level entirely. “Anonymity loves company” and Safer is a bucket with fewer users than Standard (and I’m guessing fewer users than Safest too), but doesn’t constrain fingerprinting within the bucket all that much as JavaScript is still enabled.
-
Safest seems like it can potentially be a worthwhile tradeoff: Although it has fewer users than Standard, it constrains fingerprinting within the bucket by disabling JavaScript etc. (OTOH, on Mullvad Browser specifically: Because they still hide the toolbar button for some reason, their share of non-Standard level users might be even lower than on Tor Browser.)
2 Likes