Full-screen recommended

fish · May 11, 2018, 9:43pm

It is recommended to work in full-screen Platform-specific Desktop Tips

Why? Doesn’t it make more sense to adjust VM screen size to the most common display sizes and blend in with the crowd? The resolution doesn’t get limited to 1024x768 in full-screen as it says.

entr0py · May 11, 2018, 11:04pm

That page looks rather dated. Yes, I think your idea is correct but it also depends what crowd you’re referring to. Ideally, all Whonix users would have the same screen resolution. May not matter what other Debian users do, since Whonix doesn’t hide itself.

I would argue that using Full-Screen is important for behavioral reasons - so you don’t shoot yourself in the foot by accidentally confusing Host & VM windows. For example, using Qubes, it’s possible for me to have multiple windows open from multiple Workstation VMs. Even though the windows are color-coded, it’s easy to type accidentally in the wrong window. I actually take it one step further and use a separate virtual desktop for each vm: host / dom0 / gateway + workstation1 + workstationX…

Patrick · May 12, 2018, 1:43pm

fish:

Doesn’t it make more sense to adjust VM screen size to the most common display sizes and blend in with the crowd?

What’s the most common display size anyhow?

VirtualBox: If you can even do that. (Technical limitations: VirtualBox
gui driver; VirtualBox display size support)

fish · May 14, 2018, 10:10pm

Possibly a good source Screen Resolution Stats Worldwide | Statcounter Global Stats
Also Browser Display Statistics
1366x768 looks like the clear winner for desktop/laptop, plausible.

fish · May 19, 2018, 6:13pm

So do you agree it’s best for users to emulate 1366x768 at this time?

entr0py · May 19, 2018, 10:00pm

Hard to say. HD (1080p) has taken the top spot in the US according to your links. Maybe most Whonix users are in underdeveloped countries or maybe they’re all techies with 4k monitors…

Building a usable anonymity set would require sticky defaults - including Host OS packages to enforce or warn against resolution changes. Tor Browser addresses screen size fingerprinting. Are there other programs that you’re concerned about leaking screen info?

Patrick · May 22, 2018, 2:28am

It would be cool to hide screen resolution size even after Whonix-Workstation VM compromise.

(As a host feature. Similar to Feature Request: Anti-Keystroke Fingerprinting Tool · Issue #1850 · QubesOS/qubes-issues · GitHub .)

fish · May 22, 2018, 11:02am

I’d conclude full screen isn’t the best choice, pick a common resolution instead. Do I fix the documentation?

Yes, if it makes profiling possible. Which other programs I’m not sure, the browser is reason enough to consider screen size.

fish · May 30, 2018, 12:45pm

I’d like to edit the documentation, but you have to help me out.

Full-screen mode leads to the Whonix (and Debian) default resolution and color depth of 1024x768x24.
Screen size shouldn’t affect color depth. Large enough screens can always display the Whonix default resolution, no advantage to full screen then. Agree?

We don’t know what the most common resolution of Tor Browser users is, but Whonix default 1024x768 is probably not it. Keeping Whonix default may not be the best option. Agree?

Changing the scale display setting in virt-manager may change your resolution and hurt your anonymity. Agree?

What about full screen is inherited from Virtualbox is unclear.

github.com/gorhill/uBlock

uBlock affecting Tor Browser default screen size

opened 01:16AM - 05 Dec 16 UTC

closed 11:51PM - 25 Jan 17 UTC

bendover22

Following up on <https://github.com/gorhill/uBlock/issues/714> uBlocko affectin…g Tor Browser default screen size in Windows. In last few Tor Browser - TBB - versions, still in TBB 6.0.6, 6.0.7 - uBlocko is definitely affecting the default screen size on startup. Disable uBo and the issue goes away. Re-enable it & issue returns. Haven't used uBo that long in TBB. Issue began immediately on installing uBo 1.9.16, now updated to 1.10. I use default uBlock settings & default filter lists. Only default setting changed - checked "I'm an advanced user." (and read Advanced User Features couple of times). I'm not using uMatrix along with uBlock, as Ghost said in issue #714. I use NoScript (default in TBB), but tried uBlock alone w/ all default TBB addons disabled - same issue. uBlocko is the only non-standard addon installed. Perhaps this depends on specific user prefs choices - ones generally accepted as OK to change in TBB? Like the security level slider setting - under Tor Button (green onion) > Privacy & Security Settings. Or whether NoScript is set to block all scripts, or using the default to allow all scripts? When 1st start TBB, the overall height is much taller than the standard size - by 2 inches or more. Screen width seems the same. I did check dimensions w/ screen capture prgm, & at a couple of fingerprinting test sites. After opening TBB, if select "New Identity" - once - from the TBB onion button, it restarts at the correct default screen size - every time. Odd. After one new identity, opening & closing tabs has no affect, but close & restart TBB consistently causes incorrect screen size. Thanks.

tempest · May 30, 2018, 1:30pm

with guest additions installed in whonix workstation, setting the workstation vm to “full screen” will integrate the vm with the resolution for your host os. however, in the “view” menu, there is a “virtual screen x” submenu that offers a number of different resolutions to set for a vm. this will run it in windowed mode at the chosen resolution. i have not really experimented with this or run any tests to see what may leak if properly exploited. but, the functionality appears to be there.

with that said, i’m not sure if this is a security issue vs. a usability issue. are there any exploits we are aware of that break out of a window in order to determine the desktop size? would this be a use case that malware developers would concern themselves with?

Patrick · May 30, 2018, 3:00pm

fish:

Full-screen mode leads to the Whonix (and Debian) default resolution and color depth of 1024x768x24.
Screen size shouldn’t affect color depth. Large enough screens can always display the Whonix default resolution, no advantage to full screen then. Agree?

Full screen: to avoid confusion and accidentally using other programs
such as clearnet browser. Please add a footnote with this rationale.

Maybe this advice belongs to security guide or should be referenced
(also from security checklist)? @torjunkie

We don’t know what the most common resolution of Tor Browser users is, but Whonix default 1024x768 is probably not it. Keeping Whonix default may not be the best option. Agree?

Changing the scale display setting in virt-manager may change your resolution and hurt your anonymity. Agree?

//cc @HulaHoop (maintainer of KVM)

HulaHoop · May 31, 2018, 1:09pm

The resolution differences are not enough to damage your anonymity. Usually not detectable if you follow TBB best practices (also they are working on fixing it so you can maximize without detectable remote differences). As for a locally present adversary, you will have a lot more problems to worry about than them detecting you have a different resolution.