Clipboard sharing is disabled by default in the VirtualBox VM settings for Whonix-Gateway and Whonix-Workstation for security reasons.[3]
To prevent accidentally copying something (non-)anonymous and pasting it in its (non-)anonymous counter part (browser etc.), which would lead to identity correlation.
That reasoning doesn’t apply to stuff pasted into Whonix-Gateway. No client applications are supposed to be used there anyhow.
I think there should be a complete separation between Host and VM, with the only exception being a shared folder that need root access. Let’s be real here: physical isolation is limited to a tiny portion of user and if they know how to set it up, then they will also know how to enable clipboard sharing.
The majority of users use their everyday Host OS when using Whonix. Too many things can go wrong and the initial logic of disabling it was right.
This is just a little suggestion for increasing a security. I think disabling a shared clipboard by default is the best way to increase security. If a user want to use shared clipboard, he will check the box from guest VM menu bar. Enabling it by default is not a good decision.
Due to a VirtualBox bug, clipboard sharing will be broken in Whonix 18. There is no ETA from Oracle of when the issue will be fixed.
There are possible security risks with sharing the clipboard, as malicious software could sniff the host’s clipboard this way. This is no longer a theoretical risk, Stardict was grabbing clipboard contents and uploading them to third-party servers over HTTP to provide dictionary lookup functionality, this behavior was reportedly patched out shortly before the Trixie release. Since clipboard sharing doesn’t work anyway, this is a good time for us to disable it by default. If and when clipboard sharing becomes functional again, users will still be able to manually enable it.