I remember @Mirimir confirming that canvas fingerprints between host and guest differ. That makes sense because one can access the real hardware while the other cannot.
What I want to find out is whether all users of a given hypervisor have the same virtual GPU fingerprint. This is important for users who use VMs for regular clearnet browsing and also use Whonix. Its important to know if an adversary can compare data once a clearnet vm is fingerprinted, with what they collect inside a compromised Whonix workstation to confirm its the same person.
OS Diversity is Crucial for Compartmentalization Safety
In my experience, VMs with the same or related OS have the same canvas fingerprint. So Firefox in all Debian, Ubuntu etc VMs have the same fingerprint. Tor browser blocks fingerprinting, but Iceweasel doesn’t. But if some bug allowed canvas fingerprinting in Whonix Tor browser, it would be the same as Firefox in another Debian-related VM.
Fedora, PCBSD, OSX and Windows VMs on the same host have different canvas fingerprints. Debian-related VMs on different hosts also have different canvas fingerprints.
I haven’t experimented with using different graphics drivers in Debian-related VMs. Or with host GPU pass-through