Advertisement Tracking - Real threat to Whonix Project

Trail · November 26, 2016, 1:33pm

There are few advertisement networks which are tracking real location. I do not want to mention all those names, I been keeping an eye on them. Just to give you a glimpse of it, all the advertisements on blockchain dot info are always showing ads from real location in whonix workstations(tor browser) whether JS is inactive or active. I tested custom workstations as well, same thing. I tried atleast thousand circuits, same thing. Reinstall gateway twice, same thing.

Then I installed TBB on host tried and the problem was not there any more, I even tried it on AdvOR again no problem.

I think it is a real threat to this project, should not be taken easily.

Tested in VirtualBox and Not tested in KVM yet.

Patrick · November 26, 2016, 2:35pm

Do you mean Network Propagation (Click to view) for some random tx transaction? I picked some from recent on blackchain.info/.

Location is Golf of Guiana no matter in which browser it is opened for me.

I even reloaded the same page like 20 times in my non-anonymous browser and was never shown advertisements in my native language or from my native country. Not once.

This needs a better description / examples on how you come to that conclusion.

HulaHoop · November 26, 2016, 7:43pm

@Trail Run some leaktests before making such claims please.

Patrick · November 26, 2016, 11:49pm

For reference:

whonixbest · November 27, 2016, 12:05am

I’d walk into the line exchanger, me with a probability of 80 percent gives the captcha in their native language. I check the ip address, but according to the data I’m in a different language country. why CAPTCHA in my native language?

Patrick · November 27, 2016, 12:20am

Did you use Tor Browser?

Changed any settings for language or spell checker?

Installed any add-ons or plugins?

Logged in or not logged in into a website?

What is the line exchanger?

whonixbest · November 28, 2016, 11:42am

I use qubes-whonix that is based on whonix-ws dispvm and turn this dispvm when I go to btcu.biz in dicpvm installed firefox. Uses in English, no additions are not. this site btcu.biz does not work with the browser tor

HulaHoop · November 28, 2016, 1:01pm

You used a browser that is easily fingerprinted, with the clearnet before. Then you use it again with Tor.

You will be easily unmasked with today’s tracking tech. Things like Canvas can unmask you easily.

Patrick · November 28, 2016, 9:46pm

Use Tor Browser and you won’t have that issue.

Whonix 14 no longer will have iceweasel / firefox installed by default so this mistake gets harder.

Whonix documentation generally is also recommended, since there are various pitfalls.

whonixbest · November 29, 2016, 2:40am

I entered the command: qvm-create-default-dvm whonix-ws.

Watch what happened and;

Error: Domain save error whonix-ws-dvm in var/lib/qubes/appwms/whonix-ws-dvm/dvm-savefile
error: Internal error: failed to maintain the domain 9 using libxenlight

whonixbest · November 29, 2016, 2:43am

I use whonix is that just out of curiosity, not for the real conspiracy.

And thank you for the answer

Patrick · November 29, 2016, 11:54am

Please report a bug at Qubes.
Issues · QubesOS/qubes-issues · GitHub

Patrick · December 5, 2016, 7:27pm

Meanwhile I did run into the same error: Internal error: failed to maintain the domain 9 using libxenlight error. Created a new Qubes bug report.

github.com/QubesOS/qubes-issues

DispVM start error - error: internal error: Failed to save domain '30' with libxenlight

opened 05:27PM - 04 Dec 16 UTC

closed 04:34PM - 02 Sep 20 UTC

adrelanos

T: bug C: core

#### Qubes OS version (e.g., `R3.2`): R3.2 with testing repository. #### A…ffected TemplateVMs (e.g., `fedora-23`, if applicable): whonix-ws (but probably not a template issue) --- ### Actual behavior: ``` /usr/lib/qubes/qfile-daemon-dvm qubes.VMShell dom0 DEFAULT red time=1480778855.52, qfile-daemon-dvm init time=1480778855.52, creating DispVM Can't get domid of domain name 'whonix-ws', maybe this domain does not exist. --> Creating volatile image: /var/lib/qubes/appvms/whonix-ws-dvm/volatile.img... --> Loading the VM (type = AppVM)... --> Starting Qubes DB... --> Setting Qubes DB info for the VM... --> Updating firewall rules... --> Starting the VM... --> Starting Qubes GUId... Connecting to VM's GUI agent: ..............connected Waiting for DVM whonix-ws-dvm ... DVM boot complete, memory used=648672. Saving image... error: Failed to save domain whonix-ws-dvm to /var/lib/qubes/appvms/whonix-ws-dvm/dvm-savefile error: internal error: Failed to save domain '30' with libxenlight ``` Already managed to reproduce this twice. Beforehand it was save domain '23' and now save domain '30'. No power loss at any time. No ctrl + c at any time. No hdd disk errors at any time. ### Steps to reproduce the behavior: Playing around with DispVMs a lot to deepen understanding. However, nothing unjustifiable. Steps here: https://forums.whonix.org/t/qubes-dispvm-technical-discussion/3232/8

Might be that you are having too many VMs running.

Since I cannot reproduce this issue at the moment, please contribute to that bug report by providing the requested debug information when you run into this issue again.

Meanwhile we we working on DispVM documentation. ( Qubes DispVM technical discussion - #17 by Patrick )

Now there is a strong warning against DispVM for anonymity generally at the top of that page that will probably last until Qubes 4.0 unless one knows about these issues and works around those. ( Qubes Disposables )

And there now is a specific warning against using Firefox. ( Qubes Disposables )

Thanks for the report!