Can i install Genymotion in whonix?
If they offer a version compatible with Debian, there shouldn’t be any issue with that.
Have a nice day,
Will it save anonymity from the whonix? Need I setting system for it?
You can but you might not have network access. Many Android emulators do not support static IP addresses. If that’s the case for Genymotion, you have several options to work around that:
- DHCP server in Whonix-Gateway
- Set Genymotion’s VM network to NAT and connect machine to a Physical Whonix-Gateway
- Use Genymotion with Qubes-Whonix (not sure about compatibility)
Whonix will route your traffic over Tor. It won’t protect you from tracking mechanisms within Android (example: Google Account / Play services).
Beyond this, you’re on your own since Whonix-Android is largely undocumented and unsupported.
If you are willing to try Qubes, I’m currently attempting to get an installation of Android-x86 into a usable state: https://groups.google.com/forum/#!topic/qubes-users/frK8xaBh9pI (but it’s not going well…)
Warning: this leads to a massive attack surface on the GW and the DHCP server may ask clearnet upstream servers for DNS queries which will deanonymize you.
Is that a possibility (as I guess) as per caution caused by https://phabricator.whonix.org/T239 since no one deeply understands DHCP or is this already an established fact?
Fact. AFL uncovered many serious 0days in the DHCP server reference implementation.
That Android emulators I could be use?
I don’t recommend using Android for anything serious. Android and iOS are full of fingerprinting vectors and their push notification connections (especially Google Cloud Messaging) are really, really persistent. (Another thread coming about that.)
If anonymity is not important to you, Virtualbox seems to have the best compatibility with AOSP systems. You’ll also want to use a privacy filter like xprivacy and connect to Whonix using one of the methods I listed earlier.
Uh, what was your question?
Crap. I moved DHCP to a DHCP server VM between Gateway & test Android VM after I read this. But the better mitigation would be to use a Corridor VM upstream of Gateway I think.
0days perhaps… But the following is another league…
the DHCP server may ask clearnet upstream servers for DNS queries which will deanonymize you.
Is this a possibility or fact?