Suggestions for Whonix Host

These are suggestions copied verbatim from a user on Tails mailing list and they might be very relevant to the scope of a host distro also whonix VMs:

  1. Please turn off camera and microphone by default.

  2. MAC address 10:62:E5:… is very unique. Government, Administrator, Network Controller, ISP and others will know that you are using Tails from very unique MAC address especially in censorship-surveillance-nonfree society/city/state/territory/country and they will force Tails user.

  3. Please have tool for clear clipboard automatically. Example auto clear after 10 seconds.

  4. Please auto login to persistent volume after user type a password and press enter no need to click anymore.

2 Likes

Please turn off camera and microphone by default.

Instructions to blacklist the modules are here Hardware Threat Minimization - Kicksecure

MAC address 10:62:E5:… is very unique. Government, Administrator, Network Controller, ISP and others will know that you are using Tails from very unique MAC address especially in censorship-surveillance-nonfree society/city/state/territory/country and they will force Tails user.

You can’t tell a Tails user from their MAC address anyway.

MAC address randomization is important though. Just make sure not to randomize the OUI as it can make you stand out if you choose an OUI nobody has ever used before.

3 Likes

With Debian now supporting Secure boot would something like that make sense for Whonix Host?

Secure Boot is being discussed here: