Questions regarding Qubes + Whonix' anonymity

I want to maximize my privacy and become anonymous. Therefore, I got myself Qubes + Whonix and I always use Tor. Regarding my anonymity with this setup, I’m having two short questions:

  1. I have heard that browser extensions for Tor browser endanger my anonymity. Is this always the case? I would eventually install MetaMask (the most popular browser crypto wallet). It would be the only extension I use. At worst, two wallets but definitely only wallet(s).

1.1 If it would be too critical, is there really a better alternative? I definitely need a browser wallet.

  1. I have also heard you shouldn’t maximize your Tor browser window. Can I still increase the size as long as I don’t maximize it? The standard size is too small for me tbh.
    My screen size is also a standard, so it’s very common. How critical would be maximizing?

Thank you! :slight_smile:

I think it also depends on preserving your identity from the beginning.

If you are working in a qube where you have never revealed your identity, then they will never know that it is you (for example, Elon Musk). They will know that it is “this unknown person who has this activity” or more precisely “this unknown person who has this browser, with its extensions, with this screen”.

So, if Elon Musk has a secret wallet for which he has never revealed his identity, we will never know that it is him, as long as he stays in the qube dedicated to his wallet.

On the other hand, I wonder about this ban on maximizing the window. As mentioned above, we naturally think that we are not the only ones to own the same machine, and that therefore, we can maximize. Am I missing something? Is each screen specific? With its little defects that are identifiable? I have indeed heard of an American university that was able to identify any device because of interference (I don’t remember if it was the microphone or another device).

The advice against maximising the window is part of the effort to
stop you leaking information about your machine.
There are some things that are equally specific to your software on your screen

As to screen size, you can always “change” it:

xrandr --output LVDS1 --scale 1.02489019034x1.36719

Change your x230 1366x768 display to a 1400x1050 - you wont want to work
on this for too long, but it may help with the fingerprinting.

As so often, you need to distinguish between fingerprints that can be
used to track and identify you, and fingerprints that can be used to
confirm your identity.
In most cases, it’s the correlations between different sets of
fingerprints and public information that you have leaked, that will give
you away. If you read reports on how people have been identified,
it’s almost always stupidity that has given them away - ultra secret Tor
breaking software plays little part in it. (Eldo Kim,Ross Ulbrecht,Gal
Vallerius - read and weep)

This is really a very interesting topic.

Which extension is recommended to block/modify fingerprints.

xrandr --output LVDS1 --scale 1.02489019034x1.36719

I guess I use this command line in the terminal of the qube I’m interested in?

Best of all don’t run JavaScript, or use browsers that don’t bleed all
this information in the first place.
You could look at plugins like Canvas defender, WebGL fingerprint
defender.

Run the xrandr command in dom0 or sys-gui:
--scale 1.405x1.406 will make 1366x768 report as 1920x1080

1 Like

Yes. What do you think about the security level “Safer” in comparison to “Safest” in the browser configurations?

i don’t use “Safest” because it disable javascript and all website are hard to use, some unusable, some just display “please enable javascript” in plain text