Hi qubes forum,
Let say you have a normal working environment with Qubes OS 4.0 (R4) with whonix templates installed and configured. You want to install an application and take advantage of whonix tor security for that application.
I can see two ways of doing this
First one is
- clone a debian or fedora template (minimal or not)
- install your application in template
- create an AppVM based on that template and use sys-whonix as network VM
Second one would be
- clone whonix workstation template
- install your application in template
- create and AppVM based on that template and use sys-whonix as network VM
What would be the main differences and the pro / con of those two methods ?
I was always using the first method until I noticed that when using the whonix workstation, the tor icon toolbar include a specific sub-menu for my VM…
Some of my thoughts are that from a surface of attack pov the minimal template with sys-whonix is better but from a tor integration / efficiency the second option is better…maybe