I want to create an appvm with fedora 41 as template and sys-whonix for networking. What are the privacy concerns vs whonix-ws with sys-whonix ? Is it just fingerprinting ?
Using sys-Whonix as a netvm will not automatically make all your network connections anonymous. The main reason Whonix provides excellent anonymity and privacy is that Whonix-ws appqube uses Tor browser configured to use the Tor daemon from sys-Whonix. In simple terms, a Qubes Whonix workstation user has most of the fingerprints of a regular Debian with Tor browser.
Using fedora as a Whonix-workstation will hardly give you any significant benefits in terms of privacy or anything else. In fact, sys-whonix will just run as a Tor VM. So instead of running Tor daemon on fedora, you will move it to another cube. And in terms of fingerprints, you will most likely be very unique. Since Firefox, Chrome and all other browsers have very different fingerprints from tb and give more fingerprints
And don’t forget about one of the most important privacy features in Whonix. Isolation circuit. For it to work correctly, you need the Tor browser, and nothing else. When using Whonix workstation and opening, for example, YouTube, all requests to all subdomains with video, analytics and everything else go through one Tor chain and each of the sites that are additionally linked to the page receives one IP. In the case of fedora, you either configure it correctly and get a unique chain for everyone, or vice versa, one chain for all sites, tabs, connections. Both make you very unique on the network. (and with a non-tor browser through tor you will receive cloudflare captcha almost every time)
2 Likes
Thank you very much for the detailed explanation
2 Likes
Nothing here has to do with privacy. Everything here is about anonymity.