How do I customise Tor Browser in a Whonix TemplateBased DVM in Qubes-Whonix

I think most people who start the DVM Template will run TorBrowser or a terminal, so it seems like a warning in those 2 locations would be seen.

Unless you separate out the user files from the application files of torbrowser, I think making it more “deb like” is a lost cause?

Is (2) customizing DVM templates really very geeky? Having lots of customized DVM templates is a natural consequence of Qubes 4.0’s new support for multiple DVM templates.

Outside of whonix, one might already have:

  • DVM template with no network for opening PDFs
  • another DVM template for clearnet web browsing with various adblockers preconfigured to block certain resources on certain sites
  • another DVM template preconfigured with an IRC login, etc…

Even inside of Whonix, it’s natural to have multiple whonix DVM templates, corresponding to various tradeoffs between signature, speed, and security.

  • factory DVM template
  • DVM template whose torbrowser has javascript disabled to make it safer, at the expense of sticking out more
  • DVM template whose torbrowser has addons to block 3rd party resources; to make it faster, at the expense of sticking out more. For non-security critical general browsing, where the adversary is merely advertising and tracking companies. DispVM enforces wiping history / cookies / browser state.

Even if a user only wants one whonix DVM template, they may find it surprising that their method of customizing non-whonix DVM templates doesn’t work in whonix.

And if they actually want multiple whonix DVM templates, it would be very easy to set up if DispVMs inherited their TorBrowser from the DVM template: open TorBrowser in each DVM Template and customize it. All done via GUI.

Edit: more cohesive.

For sure. Having Tor Browser not installed by default (early Qubes-Whonix version…), needing to repeat the installation process per VM, different updater procedures, having to run the updater in more than one VM (let alone more than on the host [dom0]) were among the biggest usability hassles that were identified by usability designer @bnvk when he was working with Qubes.

Would be good if Tor Browser had an environment variable to increase the security slider level. Could you please submit a feature request against Tor Project?
If we had that, there could be a qvm-service which I would develop which would then set that environment variable so Tor Browser does no longer need that modification on the (file level / start change setting level).

The user.js solution, i.e. creating /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/user.prefs containing

user_pref("extensions.torbutton.security_slider", 1);

before the first run of TorBrowser, is not acceptable?

TBB folder structure changed several times over the years.

There might already be a ticket for an env var actually could you check

Found it! [Feature Request] Environment Variable to set security slider level (#25391) · Issues · Legacy / Trac · GitLab

By using a standard Salt created whonix-ws-14-dvm, I was able to abbreviate this process. Basically, I skipped steps 1-6, then did:

7. Spawn a Tor Browser dispvm from the new [stock] whonix-dvm
8. Add all other setting ( bookmarks, HTTPSEverywhere rules etc) to the Tor Browser dispvm
9. Copy all pertinent files from Dispvm: /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default to the same location in the whonix-ws-dvm

I noticed several cache related files listed under profile.default. Is there any impact to uniqueness by using a copy of the profile like this (beyond having non-default settings), instead of starting from a fresh one every time? It does seem to have resolved an issue I was having with TB freezing for ~30 seconds on startup; I’m guessing as it was creating profile files.

1 Like

No actual issue known but discouraged as precaution under Tor Browser Advanced Topics please see To understand why, please press on Expand on the right.

Good idea, but it isn’t sustainable. 14-DVM wants to install a fresh TBB through whonix-ws when updates are released.

I don’t want to complain but I do hope to find a way to painlessly carry over DVM customizations. The combined effect of Whonix 14 and TBB 8.0 completely destroyed what I had. (TBB 8.0 upgrade erased custom rulesets.) Repeating my work so often would be a complete waste of time.

What do you mean by “wants”? won’t be touching /home/user/.tb/tor-browser if /home/user/.tb/tor-browser already exists.

That’s because it’s using


Won’t be running in DVM Template anyhow…

I don’t see how Whonix gets into the way here. tb-updater is maximum configurable. You can even overrule each shell function with custom code.

Tor Browser Advanced Topics documents (Option 1 - /etc/torbrowser.d/ settings method) how to start torbrowser / update-torbrowser in DVM Template. first-boot-home-population won’t be touching /home/user/.tb/tor-browser. So I don’t see what’s missing here.

Aside from doing it all by yourself (not relying on Whonix code doing anything wrt Tor Browser / DVM / DispVM)…

What about file based modification and a hook that runs after tb-updater which copies over your file?


What method did you use to customize the torbrowser in 14-DVM?

I think the cleanest way is to just create a new DVM template whose name does not end in *-dvm, let’s call it whonix-ws-dvm2. Then it behaves like a traditional qubes DVM template (i.e. all of home persists, torbrowser isn’t recreated on startup every time). Then for updates and customization, you do them from within torbrowser in whonix-ws-dvm2 (and torbrowser’s internal updater preserves customizations!).

The result is 2 DVM templates:
a) the original whonix-ws-dvm. dispvms based on it have the default experience, good for troubleshooting, minimal fingerprintability
b) whonix-ws-dvm2. dispvms based on it have a more comfortable, customized experience.


I think the cleanest way is to just create a new DVM template whose name does not end in *-dvm, let’s call it whonix-ws-dvm2.

Please don’t. This will break in near future. There are other already
documented options to reach the same goal.

I thought that’s how it worked. This wiki entry explains my reasoning:

So, if Whonix works like I think it does (I guess it doesn’t) than tb-updater would overwrite any customizations I make when a new TBB version comes out.

I’m not proficient enough for that. I wouldn’t know where to start.

@tatertot: Was carrying over from pre-Whonix 14. Please forgive me, If the problem is only me I’d rather not use more of everyone’s time.

Apply instructions from (click expand button) Tor Browser Advanced Topics and “there will be no Whonix doing something”, i.e. tb-updater won’t overwrite anything. All that Whonix does by design is configurable and can be disabled.

Thank you.

sorry for necroposting

I want to share a quite simple way to make a whonix friendly minimal changes to the tor browser config. It will allow you to update the browser to a fresh version with update-torbrowser (in whonix-15 template).
You can use >> for save the default effect of security-slider-highest.js file.

In whonix-dvm (template_for_dispvms):

user@host:~$ tail -n 2 /rw/config/rc.local 
sed -i 's/#tb_security_slider_safest=true/tb_security_slider_safest=true/' /etc/torbrowser.d/30_default.conf
echo 'user_pref("browser.ctrlTab.recentlyUsedOrder", false);' > /usr/share/torbrowser/security-slider-highest.js

Does nothing.
(tb_security_slider_safest=true = tb_security_slider_safest=true.)

You can use any of these folders depending on where you want the setting to apply. As per usual Qubes persistence.

  • /etc/torbrowser.d - TemplateVM, inherited by all templated based AppVMs, DVM Template and DispVMs
  • /usr/local/etc/torbrowser.d - persists in AppVM, DVM Template → DispVM (i.e. if you want to have settings per AppVM and for all VMs based on TemplateVM)


1 Like

Thanks for the pointer, this helped me solve the issue. Any way to change HTTPsEverywhere’s settings in a file like this? (blocking non-https pages by default)

  1. figure out how to do this with Tor Browser Bundle on plain, non-Whonix Debian as per Self Support First Policy for Whonix
  2. only then start considering DispVM
1 Like

Thanks! Will do