Confused about Whonix > Qubes

Hi all

I just installed Qubes OS with whonix out of the box (RC3.1)
Im a little confused about Whonix and Qubes with Whonix

Before this I used on my Windows host, Whonix gateway and Whonix workstation (in virtualbox)
In whonix there was a timesync configured and some other usefull security tools.

When I take a look in Qubes, and then open the TOR browser in my Whonix VM,
there are very little options left.
Why is this?

And 2 other questions,
1/ Is Qubes + Whonix out of the box, the same as a seperate Whonix download and install this in Qubes ?
2/ What about the DNS leak problem Qubes still has… (known bug) what about the security through TOR ?

Im a little doubt about using Qubes with the “leaks” during anonymity and security.
Maybe Debian with Whonix (KVM) is a better option…

Thanks!

  1. It is Whonix ported to Qubes.

  2. There never where any Qubes-Whonix DNS leak bugs.

GB:

Before this I used on my Windows host, Whonix gateway and Whonix workstation (in virtualbox)
In whonix there was a timesync configured and some other usefull security tools.

timesync gui / whonixcheck notifications for Qubes-Whonix - we are
working on it. Don’t hold your breath. We could not keep them as is,
because that would be 4 progress bars that are not contained in VM
windows, but popping up on your dom0 desktop.

Other stuff is still functional. Just not added to the default Qubes
start menu. You need to add additional shortcuts. “Add more shortcuts”
in Qubes launcher.

When I take a look in Qubes, and then open the TOR browser in my Whonix VM,
there are very little options left.

Besides timesync gui, nothing is missing.

Good day,

for your initial question about why there are fewer options, please regard this: Post-installation Security Advice

Regarding 1/: If you’ve installed all updates and use the newest version, yes.
Regarding 2/: Is “bypassed”, thanks to Whonix’s design.

Have a nice day,

Ego

Can you clarify or post link to known bug? Are AppVM DNS requests ignoring their nameserver and using Proxy/NetVM nameservers? Are nameservers being ignored and routing to ISP nameserver? Certainly none of that happens with Whonix since no UDP traffic leaves the Gateway.

I have an annoying issue where my NetVM (default Fedora 23 sys-net) performs 1 DNS lookup every 5-10 mins to contact some Fedora mirror (not sure what purpose). Annoying, but that’s not really a leak. Would welcome ideas on what that is and how to stop it. (“Check for VM Updates” is completely unchecked in Global Settings & My UpdateVM is behind my Whonix-GW so those aren’t causing the traffic.) Clock VM is also behind gateway and contacted servers are not NTP.

Thanks all for the explanation!

@entr0py

This is the url:
https://www.qubes-os.org/doc/privacy/vpn/

Thanks for link. I’ve seen that before but didn’t look into it. Sounds like routing in general - not sure if DNS is affected. (Just to be clear, the issue only affects users setting up a third-party VPN.)

  1. Whonix has trained me to not to use NetworkManager so I use OpenVPN on the command-line.

  2. I don’t know if the issue exists with all ProxyVMs or just non-Whonix-Gateway ProxyVMs. I haven’t tested.

In any case, OpenVPN running in a terminal on Whonix-Gateway works just fine.