Last week I installed Qubes 3.0 with Whonix templates. After I installed security updates, whonixcheck alerted me to the fact that unwanted packages had been pulled in by the updates, namely [tt]ntpdate[/tt] and [tt]chrony[/tt]. So I purged them as recommended by whonixcheck.
thank you for pointing me to that bug report. I was not aware of it.
Another thing that caught my attention during a recent security update: Both whonix-gw and whonix-ws installed iceweasel.
Although TorBrowser is based on Firefox, I do not think it depends on having a Firefox installed.
Would it not be better to install only TorBrowser on whonix-ws, and no web browser on whonix-gw?
user@host:~$ dpkg -l iceweasel
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
ii iceweasel 38.4.0esr-1~ amd64 Web browser based on Firefox
On the gateway, that’s a bug. Not supposed to be installed there. Also no harm when installed expect waste of disk space. Fixed in Whonix 12.
On the workstation, it’s safe to uninstall also. It’s a recommended package in case Tor Browser no longer works, so the user has a browser to manually download Tor Browser. Uninstalling it on the workstation however is unfortunately difficult, see: