I may have incorrectly assumed the torbrowser downloader installs into the home folder, where the final torbrowser resides.
I meant with “If nothing special is done, Tor Browser does not come
preinstalled” - if nothing special is done - tb-updater / tb-starter
doesn’t exists which are just hacks around a missing TBB deb package.
To be clear, you mean there would be dueling feature requests?
(1) feature request to be able to update torbrowser in the TemplateVM just like other software
(2) feature requests like mine to be able to update it in the DVM template
There are indeed.
(1) is understandable to make it “deb like”
(2) is quite geeky
I just mention the pop-up to assuage concerns about server-detectable customizations reducing anonymity to pseudonymity.
Based on the final resting place of ~/.tb in home, one would expect the TemplateBasedVM / DVM template to be the place to customize it, like the rest of the home folder.
I think it is a little surprising/unnatural that ~/.tb in home (the purview of the TemplateBasedVM / DVM Template) came from /var/cache/tb-binary (the purview of the TemplateVM), and he has to go to the latter VM to customize it.
It will always be messy in the absence of a TBB deb one way or another.
Without it coming from /var/cache/tb-binary:
Imagine a first time user trying to run a Whonix based DispVM without
any DVM Template customizations beforehand. Result: Tor Browser not
I think most people who start the DVM Template will run TorBrowser or a terminal, so it seems like a warning in those 2 locations would be seen.
Unless you separate out the user files from the application files of torbrowser, I think making it more “deb like” is a lost cause?
Is (2) customizing DVM templates really very geeky? Having lots of customized DVM templates is a natural consequence of Qubes 4.0’s new support for multiple DVM templates.
Outside of whonix, one might already have:
DVM template with no network for opening PDFs
another DVM template for clearnet web browsing with various adblockers preconfigured to block certain resources on certain sites
another DVM template preconfigured with an IRC login, etc…
Even inside of Whonix, it’s natural to have multiple whonix DVM templates, corresponding to various tradeoffs between signature, speed, and security.
factory DVM template
DVM template whose torbrowser has addons to block 3rd party resources; to make it faster, at the expense of sticking out more. For non-security critical general browsing, where the adversary is merely advertising and tracking companies. DispVM enforces wiping history / cookies / browser state.
Even if a user only wants one whonix DVM template, they may find it surprising that their method of customizing non-whonix DVM templates doesn’t work in whonix.
And if they actually want multiple whonix DVM templates, it would be very easy to set up if DispVMs inherited their TorBrowser from the DVM template: open TorBrowser in each DVM Template and customize it. All done via GUI.
For sure. Having Tor Browser not installed by default (early Qubes-Whonix version…), needing to repeat the installation process per VM, different updater procedures, having to run the updater in more than one VM (let alone more than on the host [dom0]) were among the biggest usability hassles that were identified by usability designer @bnvk when he was working with Qubes.
Would be good if Tor Browser had an environment variable to increase the security slider level. Could you please submit a feature request against Tor Project?
If we had that, there could be a qvm-service which I would develop which would then set that environment variable so Tor Browser does no longer need that modification on the (file level / start change setting level).
By using a standard Salt created whonix-ws-14-dvm, I was able to abbreviate this process. Basically, I skipped steps 1-6, then did:
7. Spawn a Tor Browser dispvm from the new [stock] whonix-dvm 8. Add all other setting ( bookmarks, HTTPSEverywhere rules etc) to the Tor Browser dispvm 9. Copy all pertinent files from Dispvm: /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default to the same location in the whonix-ws-dvm
I noticed several cache related files listed under profile.default. Is there any impact to uniqueness by using a copy of the profile like this (beyond having non-default settings), instead of starting from a fresh one every time? It does seem to have resolved an issue I was having with TB freezing for ~30 seconds on startup; I’m guessing as it was creating profile files.
Good idea, but it isn’t sustainable. 14-DVM wants to install a fresh TBB through whonix-ws when updates are released.
I don’t want to complain but I do hope to find a way to painlessly carry over DVM customizations. The combined effect of Whonix 14 and TBB 8.0 completely destroyed what I had. (TBB 8.0 upgrade erased custom rulesets.) Repeating my work so often would be a complete waste of time.
I don’t see how Whonix gets into the way here. tb-updater is maximum configurable. You can even overrule each shell function with custom code.
Tor Browser Advanced Topics documents (Option 1 - /etc/torbrowser.d/ settings method) how to start torbrowser / update-torbrowser in DVM Template. first-boot-home-population won’t be touching /home/user/.tb/tor-browser. So I don’t see what’s missing here.
Aside from doing it all by yourself (not relying on Whonix code doing anything wrt Tor Browser / DVM / DispVM)…
What about file based modification and a hook that runs after tb-updater which copies over your file?
What method did you use to customize the torbrowser in 14-DVM?
I think the cleanest way is to just create a new DVM template whose name does not end in *-dvm, let’s call it whonix-ws-dvm2. Then it behaves like a traditional qubes DVM template (i.e. all of home persists, torbrowser isn’t recreated on startup every time). Then for updates and customization, you do them from within torbrowser in whonix-ws-dvm2 (and torbrowser’s internal updater preserves customizations!).
The result is 2 DVM templates:
a) the original whonix-ws-dvm. dispvms based on it have the default experience, good for troubleshooting, minimal fingerprintability
b) whonix-ws-dvm2. dispvms based on it have a more comfortable, customized experience.
Apply instructions from (click expand button) Tor Browser Advanced Topics and “there will be no Whonix doing something”, i.e. tb-updater won’t overwrite anything. All that Whonix does by design is configurable and can be disabled.
I want to share a quite simple way to make a whonix friendly minimal changes to the tor browser config. It will allow you to update the browser to a fresh version with update-torbrowser (in whonix-15 template).
You can use >> for save the default effect of security-slider-highest.js file.