Qubes identifiers

Aleow · December 19, 2023, 12:28pm

I use Qubes and Whonix, when I run telegram in my Whonix Workstation, in the settings, where the ip address is, it says what system I am using, it says I am using the Qubes system.

I have a question, why the developers of Qubes/Whonix didn’t think about to do a system identifier change? And it’s possible to do that?
It doesn’t look good that in all my telegram accounts it says I’m using the Qubes system, because not a lot people using Qubes.

Here’s one interesting opinion on this.

Someone said me: What exactly is wrong with displaying “Qubes OS”? It’s just a name and doesn’t reveal anything unique.
And the other person responded:
Well, it kind of does. Qubes OS is used so rare, it can make user almost unique. Especially if you limit the choice with connection info, country, screen size and etc. All that is available to any app in every online qube.

I would even not exclude the possibility, that there are countries that have only 0-1 actual users of Qubes OS. It makes them completely unique.

I think it is a design problem. Qubes OS is about security, not privacy. So, privacy in Qubes OS not good at all. All applications in qubes can get information in million ways that they not simply run in the Xen but on Qubes OS. qvm-copy still reveals on each copy process the source qubes names to the target qubes and all their applications, for no reason. Even hostname in the qube is the same as qube’s name (instead of general or random or something else).

Major design problem/flaw for privacy.

P.S. Whonix is helping with privacy but it is targeting mostly the different problems: like TOR connection with no leaks, security of something running in the browser sandbox. It probably does not help much against application that run in the qube.

Patrick · December 19, 2023, 2:01pm

The premise is wrong. Not useful to start with the premise that this came never to mind.

So the mini history of Whonix:

It was difficult to have a VM that anonymizes all traffic, reliably redirects runs all traffic over Tor. Instructions were ambiguous, difficult.
I started to research, document that, others joined, a script was written and now downloadable images are being provided.
This is was resolved.
Other anonymity and security improvements are being worked on.

But what’s happening now some people are requesting to be able to run malicious, locally compromised software and still have no useful information such as what operating system (such as Qubes) is being used inside that VM. That’s a reasonable request, reasonable development goal. Nobody going to argue against “make thing better”. But also totally different ball game.

Many of underlying components that Whonix is based on that to name a few, Debian, a virtualizer, the Linux kernel aren’t primarily projects focused on security, privacy, let alone anonymity. These are independent Open Source / Freedom Software projects with thousands of users. These are not part of a company where I am the CEO where I could order them to change things.

In case of Qubes-Whonix, the virtualizer is Xen. And Qubes is a distribution of Xen. The local VM fingerprinting issues are inherited from Debian, Xen, Qubes. This is not something that realistically ever can be fixed by Whonix because that would cost literally millions of USD to fix these issues at the root. And there’s no market of that size and/or business model for that either. At least I didn’t figure that out.

Computers are notoriously insecure, see:

You already have better protection by using a VM instead of lets say a Windows host were applications can read unique hardware identifiers. See:

The issue of locally running malicious software reading identifiers, for example Linking two or more locally compromised Virtual Machines (VMs) to the same pseudonym, is a known issue see:

Also related:

Organizational structure:

I can document these imperfections and hopefully motivate others to work on them but that’s it. I cannot possibly solve them all by myself.

On telegram specifically:

Do not Use (Mobile) Phone Verification.

Realistically, no. At least nobody on the internet I am aware is explaining how to do that.

But I see an issue creating the impression that is an issue that Whonix ought to fix or can fix.

Maybe the way to frame it…

Qubes is security focused VMs.
Kicksecure is a security-focused OS.
Whonix is a research and implementation project for network level privacy. It will also incorporate security improvements (Qubes, Kicksecure).
There is no privacy focused virtualizer project or fork of Xen or Qubes.

Aleow · December 19, 2023, 8:55pm

Thank you so much for such a detailed response.

One user on the Qubes forum suggested how to change the name from Qubes to Linux, that is, it will show in Telegram that you are not using the Qubes system, but just some Linux. But by the way telegram sees that you are using hypervisor XEN, but it is better than Qubes.

Patrick · December 20, 2023, 2:26pm

I am not sure that helps. How many users using Xen to run a graphical Linux VM to run Telegram? Xen might have server users but on the Linux desktop for end-users? What VM management GUI do users even use? Some Linux desktop end-users use virtualizers such as Qubes, VirtualBox, KVM (not ordered in any particual order such as popularity) and others but not sure about Xen.

By changing from Qubes to Xen you might make yourself more unique by leaving the shared identifiers with other Qubes users. In anonymity that would be called an anonymity set reduction.

I don’t see an option other than avoiding privacy-hostile software such as Telegram, which is adamant about phone number validation, see: Phone Number Validation vs User Privacy.

If you kill identifier available to locally running tracking software, there’s a ton of others. There’s not even a complete list of these identifiers. For instance, see ls -1 /usr/bin/qvm*. That could be used to identify a VM is probably a Qubes VM. All of that is not to get normalized anytime soon, if ever.

Aleow · December 20, 2023, 11:12pm

It doesn’t help, that’s why I created the topic, because it only hides that I’m using Qubes OS, but doesn’t hide the hypervisor XEN, if you use Virtualbox, telegram will see that too.

When I’m using Virtualbox + Whonix it says that I’m using a system Linux XFCE X11 glibc 2.36

But when I’m using Qubes + Whonx it says that I’m using Qubes OS, but if you do this: How to hide the fact that I'm Qubes OS from Telegram - #41 by DVM - General - Qubes OS Forum

Then it’ll say that I’m using the system Linux XFCE X11 glibc 2.36, but telegram sees that I have the XEN hypervisor. And that’s a big problem.

Of course I agree with you, but sometimes you gotta use that shit (telegram). I don’t use physical numbers (which I have in my house), I use virtual or purchased accounts.

And it’s sad

So if you don’t want them (Telegarm) to know what system you are using, you need to buy a VPS (with any OS) and use your Telegram only there and write all the text through a text file and then copy this text to Telegram

Patrick · December 21, 2023, 11:26am

Which then comes with different trade-offs. See:

Aleow · December 21, 2023, 8:35pm

That’s the important thing:

Remote administration of any system should be considered a potential anonymity hazard, since it is not under the user’s physical protection and could be compromised. All activities, all programs, everything should be assumed to be monitored by the host of the server (VPS, dedicated server, etc.).

Patrick · January 9, 2024, 8:48am

Just now written: