I’ve been testing the 18.0.5.8 kvm/libvirt images and mostly everything is set up the same way as I had it in 17.
I did notice a couple of things though. The first one being a red cross hair under my mouse pointer, I can’t seem to get rid of that.
I’m guessing this is some kind of feature, though it wasn’t there in Whonix 17. What was strange is before it was not there, so I’m not sure what I am doing that is causing that.
The other thing I noticed was you can’t seem to start two separate instances of Tor Browser anymore. For example if I start the main profile it works but if if I try to start a second profile ie with --new-instance -P, I get this error.
I am guessing there’s some issue with Wayland and multiple instances of Tor Browser. I used to like to have one in safest, and a secondary one in safer for a few more trustworthy sites.
Overall though nice work, and congrats in moving to wayland. I swear video play back is a lot smoother under Wayland than it was under XFCE (when playing in VLC etc).
One other thing I noticed is the “desktopswitcher2” widget shows up as n/a. Guess would be this has something to do with labwc. As a workaround I just bind super+1,2,3,4 to switch desktops in labwc ~/.config/labwc/rc.xml
That is the virtual cursor of kloak v2. It might look useless if a “hardware cursor” is being used, but in many situations, it is useful because it shows where your mouse cursor actually is vs. where the rest of the OS thinks it is. This way kloak is able to mask the exact ways in which your pointer moves from fingerprinting software, but you can still see what you’re doing. It wouldn’t be too hard to add an option for getting rid of the crosshairs for users who don’t need them, but in many instances they’re helpful.
It’s just a new thing in Whonix 18, you didn’t do anything to cause it.
Hmm, not sure what’s going on there. Glad to see you found a workaround though.
Yes, unfortunately LXQt’s idea of virtual desktops and labwc’s idea of virtual desktops don’t quite work together correctly yet. I haven’t worked on making workarounds for this, but the solution you made looks pretty good to me. We might add that to the documentation.
Oh, that makes sense I guess. Didn’t think of that. Curious about why that runs in Whonix Gateway though.
Yeah I’m not real sure why it doesn’t work in 18, maybe something to do with Wayland/socket or something, I wasn’t sure how to look further in it. Probably would have to get a meaningful core dump for Tor Browser.
Does it run in the gateway? It shouldn’t, and over here it doesn’t. The blue background in the screenshot you shared suggests that’s the workstation VM.
IMO, kloak probably makes sense in sysmaint mode, since someone might open a browser in sysmaint mode in order to visit a trusted website for the purposes of viewing documentation or similar. The website shouldn’t be able to fingerprint the user in that scenario, if we can reasonably prevent it.
Interestingly now on Whonix 17 it isn’t working for me and I am sure that it did at one stage with Tor Browser 15. In any case a workaround is to just specify the profile name direcftly like .tb/tor-browser/Browser/start-tor-browser -P profile1 or .tb/tor-browser/Browser/start-tor-browser -P default or whatever.
