I think most people who start the DVM Template will run TorBrowser or a terminal, so it seems like a warning in those 2 locations would be seen.
Unless you separate out the user files from the application files of torbrowser, I think making it more “deb like” is a lost cause?
Is (2) customizing DVM templates really very geeky? Having lots of customized DVM templates is a natural consequence of Qubes 4.0’s new support for multiple DVM templates.
Outside of whonix, one might already have:
DVM template with no network for opening PDFs
another DVM template for clearnet web browsing with various adblockers preconfigured to block certain resources on certain sites
another DVM template preconfigured with an IRC login, etc…
Even inside of Whonix, it’s natural to have multiple whonix DVM templates, corresponding to various tradeoffs between signature, speed, and security.
factory DVM template
DVM template whose torbrowser has addons to block 3rd party resources; to make it faster, at the expense of sticking out more. For non-security critical general browsing, where the adversary is merely advertising and tracking companies. DispVM enforces wiping history / cookies / browser state.
Even if a user only wants one whonix DVM template, they may find it surprising that their method of customizing non-whonix DVM templates doesn’t work in whonix.
And if they actually want multiple whonix DVM templates, it would be very easy to set up if DispVMs inherited their TorBrowser from the DVM template: open TorBrowser in each DVM Template and customize it. All done via GUI.
For sure. Having Tor Browser not installed by default (early Qubes-Whonix version…), needing to repeat the installation process per VM, different updater procedures, having to run the updater in more than one VM (let alone more than on the host [dom0]) were among the biggest usability hassles that were identified by usability designer @bnvk when he was working with Qubes.
Would be good if Tor Browser had an environment variable to increase the security slider level. Could you please submit a feature request against Tor Project?
If we had that, there could be a qvm-service which I would develop which would then set that environment variable so Tor Browser does no longer need that modification on the (file level / start change setting level).
By using a standard Salt created whonix-ws-14-dvm, I was able to abbreviate this process. Basically, I skipped steps 1-6, then did:
7. Spawn a Tor Browser dispvm from the new [stock] whonix-dvm 8. Add all other setting ( bookmarks, HTTPSEverywhere rules etc) to the Tor Browser dispvm 9. Copy all pertinent files from Dispvm: /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default to the same location in the whonix-ws-dvm
I noticed several cache related files listed under profile.default. Is there any impact to uniqueness by using a copy of the profile like this (beyond having non-default settings), instead of starting from a fresh one every time? It does seem to have resolved an issue I was having with TB freezing for ~30 seconds on startup; I’m guessing as it was creating profile files.
Good idea, but it isn’t sustainable. 14-DVM wants to install a fresh TBB through whonix-ws when updates are released.
I don’t want to complain but I do hope to find a way to painlessly carry over DVM customizations. The combined effect of Whonix 14 and TBB 8.0 completely destroyed what I had. (TBB 8.0 upgrade erased custom rulesets.) Repeating my work so often would be a complete waste of time.
I don’t see how Whonix gets into the way here. tb-updater is maximum configurable. You can even overrule each shell function with custom code.
Tor Browser Advanced Topics documents (Option 1 - /etc/torbrowser.d/ settings method) how to start torbrowser / update-torbrowser in DVM Template. first-boot-home-population won’t be touching /home/user/.tb/tor-browser. So I don’t see what’s missing here.
Aside from doing it all by yourself (not relying on Whonix code doing anything wrt Tor Browser / DVM / DispVM)…
What about file based modification and a hook that runs after tb-updater which copies over your file?
What method did you use to customize the torbrowser in 14-DVM?
I think the cleanest way is to just create a new DVM template whose name does not end in *-dvm, let’s call it whonix-ws-dvm2. Then it behaves like a traditional qubes DVM template (i.e. all of home persists, torbrowser isn’t recreated on startup every time). Then for updates and customization, you do them from within torbrowser in whonix-ws-dvm2 (and torbrowser’s internal updater preserves customizations!).
The result is 2 DVM templates:
a) the original whonix-ws-dvm. dispvms based on it have the default experience, good for troubleshooting, minimal fingerprintability
b) whonix-ws-dvm2. dispvms based on it have a more comfortable, customized experience.
Apply instructions from (click expand button) Tor Browser Advanced Topics and “there will be no Whonix doing something”, i.e. tb-updater won’t overwrite anything. All that Whonix does by design is configurable and can be disabled.
I want to share a quite simple way to make a whonix friendly minimal changes to the tor browser config. It will allow you to update the browser to a fresh version with update-torbrowser (in whonix-15 template).
You can use >> for save the default effect of security-slider-highest.js file.