It is recommended to work in full-screen https://www.whonix.org/wiki/Desktop#Use_Full-screen_Mode
Why? Doesn’t it make more sense to adjust VM screen size to the most common display sizes and blend in with the crowd? The resolution doesn’t get limited to 1024x768 in full-screen as it says.
That page looks rather dated. Yes, I think your idea is correct but it also depends what crowd you’re referring to. Ideally, all Whonix users would have the same screen resolution. May not matter what other Debian users do, since Whonix doesn’t hide itself.
I would argue that using Full-Screen is important for behavioral reasons - so you don’t shoot yourself in the foot by accidentally confusing Host & VM windows. For example, using Qubes, it’s possible for me to have multiple windows open from multiple Workstation VMs. Even though the windows are color-coded, it’s easy to type accidentally in the wrong window. I actually take it one step further and use a separate virtual desktop for each vm: host / dom0 / gateway + workstation1 + workstationX…
fish:
Doesn’t it make more sense to adjust VM screen size to the most common display sizes and blend in with the crowd?
What’s the most common display size anyhow?
VirtualBox: If you can even do that. (Technical limitations: VirtualBox
gui driver; VirtualBox display size support)
Possibly a good source http://gs.statcounter.com/screen-resolution-stats
Also https://www.w3schools.com/browsers/browsers_display.asp
1366x768 looks like the clear winner for desktop/laptop, plausible.
So do you agree it’s best for users to emulate 1366x768 at this time?
Hard to say. HD (1080p) has taken the top spot in the US according to your links. Maybe most Whonix users are in underdeveloped countries or maybe they’re all techies with 4k monitors…
Building a usable anonymity set would require sticky defaults - including Host OS packages to enforce or warn against resolution changes. Tor Browser addresses screen size fingerprinting. Are there other programs that you’re concerned about leaking screen info?
It would be cool to hide screen resolution size even after Whonix-Workstation VM compromise.
(As a host feature. Similar to https://github.com/QubesOS/qubes-issues/issues/1850 .)
I’d conclude full screen isn’t the best choice, pick a common resolution instead. Do I fix the documentation?
Yes, if it makes profiling possible. Which other programs I’m not sure, the browser is reason enough to consider screen size.
I’d like to edit the documentation, but you have to help me out.
Full-screen mode leads to the Whonix (and Debian) default resolution and color depth of 1024x768x24.
Screen size shouldn’t affect color depth. Large enough screens can always display the Whonix default resolution, no advantage to full screen then. Agree?
We don’t know what the most common resolution of Tor Browser users is, but Whonix default 1024x768 is probably not it. Keeping Whonix default may not be the best option. Agree?
Changing the scale display setting in virt-manager may change your resolution and hurt your anonymity. Agree?
What about full screen is inherited from Virtualbox is unclear.
with guest additions installed in whonix workstation, setting the workstation vm to “full screen” will integrate the vm with the resolution for your host os. however, in the “view” menu, there is a “virtual screen x” submenu that offers a number of different resolutions to set for a vm. this will run it in windowed mode at the chosen resolution. i have not really experimented with this or run any tests to see what may leak if properly exploited. but, the functionality appears to be there.
with that said, i’m not sure if this is a security issue vs. a usability issue. are there any exploits we are aware of that break out of a window in order to determine the desktop size? would this be a use case that malware developers would concern themselves with?
fish:
Full-screen mode leads to the Whonix (and Debian) default resolution and color depth of 1024x768x24.
Screen size shouldn’t affect color depth. Large enough screens can always display the Whonix default resolution, no advantage to full screen then. Agree?
Full screen: to avoid confusion and accidentally using other programs
such as clearnet browser. Please add a footnote with this rationale.
Maybe this advice belongs to security guide or should be referenced
(also from security checklist)? @torjunkie
We don’t know what the most common resolution of Tor Browser users is, but Whonix default 1024x768 is probably not it. Keeping Whonix default may not be the best option. Agree?
Changing the scale display setting in virt-manager may change your resolution and hurt your anonymity. Agree?
//cc @HulaHoop (maintainer of KVM)
The resolution differences are not enough to damage your anonymity. Usually not detectable if you follow TBB best practices (also they are working on fixing it so you can maximize without detectable remote differences). As for a locally present adversary, you will have a lot more problems to worry about than them detecting you have a different resolution.