emarex via Whonix Forum:
So in the latest Whonix updates the option to change wallpaper has been removed
Default wallpaper changed. Option to change wallpaper wasn’t removed
intentionally by Whonix.
in order to minimize the risk of system’s compromisation. (via fingerprinting i guess)
Wrong assumption. Wallpaper gateway vs workstation was changed to make
it harder to visually confuse host vs gateway vs workstation.
My question comes in 2 parts:
- Is it possible in a compromised system, that custom wallpaper to be used against you?
If the system is already compromised, then the wallpaper is the least of
the worries. In theory a specifically crafted image could exploit the
system and gain remote code execution by using that image as a
wallpaper. I haven’t heard that happening in practice yet but it would
be conceivable for targeted attacks as the code processing the wallpaper
may or may not be scrutinized as much.
In theory, metadata removal might help to reduce attack surface when
viewing images in image viewers or using images as wallpapers. Because
that is probably what an attacker excepts to happen when sharing
malicious images designed to exploit vulnerabilities. Some buffer
overflow bug might happen during processing of the metadata. I would
speculate it is less likely having an attacker targeting metadata
removal tools such as
mat2 than popular image viewers.
- What if i already have the metadata removed?
Why would you bother changing the wallpaper in first place? Consider a
VM might be compromised at some point. Best to drop anything non-essential.
Metadata removal is not a magic bullet.
A wallpaper isn’t a special kind of image. It’s just a normal image used
I don’t see any use case of removing metadata (hiding data such as
location data, where image was made) from an image and then at the same
time using that image as wallpaper (making it more visible for anyone