[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Is VirtualBox spying on us?


#1

Hi,
I experienced something I consider rather disturbing.
I wanted to use the Whonix-Apparmor-profile for VirtualBox. Because some features would’t work (for example VirtualBox wouldn’t connect to the internet) I ran the following command: "sudo aa-logprof ". I’m not an expert in system administration but some of the permissions to read files in my home-folder VirtualBox had asked for really made me raise an eyebrow: It tried to read the folder “Dokumente” (documents in English), than it tried to read a folder containing the German word for secure in its name and it tried to read a file in my home-folder whose title contains the German word for death. Finally it tried to read encrypted files from the “.Private” folder. (In my case the whole home-folder is encrypted but I guess VirtualBox doesn’t know that.)
Except for the documents-folder I created all these folders/files myself. They are by no means system- or configuration-folders nor folders I store virtual machines in or adviced VB to use in its settings.
Is there any plausible explanation why VirtualBox wants to read those files? I think it’s quite remarkable that all folder/file-names VB was interested in contain certain keywords.
I used the current deb-package for Ubuntu Xenial 64-bit for installation. That would be: virtualbox-5.1_5.1.16-113841~Ubuntu~xenial_amd64.deb.
It might be interesting to see if this behaviour is reproducable.

If there should be a logical explanation and no reason to worry at all I apology in advance for any anxiety or inconvenience this post might cause.

All the best and thanks for a great piece of software to the developers.


#2

Good day,

This is very strange indeed. Especially the death part seems rather peculiar and almost directly out of a creepy Pasta.

That being said, I’m not certain where you are trying to install VBox on? Inside a Whonix Workstation or on a specific host?

If you are using Ubuntu, I’d rather use

sudo apt-get install virtualbox virtualbox-qt virtualbox-dkms

and not some deb package.

Have a nice day,

Ego


#3

Also not specific to Whonix. Please consider asking about this in the VirtualBox forum and then leave a link here for our interest.


#4

Thanks for the answers. I did this on my host system which is running Ubuntu. I know I should have rather used the Ubuntu repositories for installation. But since I don’t only use VB for Whonix but also run a couple of Windows guests I wanted to use the latest version because the virtualisation has improved a lot lately.
The more I think about it the creepier it gets. I hardly see how this could have a harmless explanation. Still stating what happened on the VB forum is probably a good idea. Maybe the people over there or the developers can clear this up in some way. I’ll leave a link here as soon as I find the time to post in the forum.
(Made some minor changes to the first post.)


#5

You are already made the jump and are on Linux so why don’t you move to a privacy and freedom respecting distro like Debian and use KVM instead?