On the first run of Whonix I had to change in Virtual Machine Manager the display type from Spice server to VNC server. I also had to change the processor model from to qemu32. Are these settings good choices, what CPU is best, does it matter?
I’m also posting this because to some users these steps may not be entirely obvious, so they may be good to mention somewhere.
Its not really clear why you had to change anything. If you are seeing errors with the defaults what are they?
VNC is slower and less secure than SPICE.
Sorry for being brief, I didn’t think display choice matters and that I would have to fix it. I queried the error, no problem.
About the CPU: there are so many in the drop-down menu, does it matter at all for anonymity which model is chosen? You emphasize CPU here.
Yes it does. Pretty much and non-qemu CPU will passthru more info from the underlying hardware than these two models. For best compatibility with software keep it 64bit as default.
I assume by “these two” you mean qemu64 and qemu32? I’m asking because QEMU is deprecated in favor of KVM which makes the naming a little confusing, there are also kvm32 and kvm64 models on the list. Only in terms of anonymity is qemu32 as good a choice as qemu64? Same question for kvm32 and kvm64.
By passing info through from the underlying hardware do you mean only the CPU info, as everything else is virtual?
Yes.
kvm32/64 is a new thing that wasn’t around when I picked qemu64. I will have to dig up some info about it to answer this question. qemu64 is just a name they picked for this mask. You are still running under KVM and not QEMU meaning using the speed of your real processor.
Yes.
UPDATE:
The main point of CPU masks is to provide a homogeneous hardware set for guests that need to make use of the migration feature. Without this guests would fail to start on hardware that had more cpu flags than the hardware it was running on before suspension.
On Whonix 13 where choice is possible what difference does qemu32 or qemu64 make, if any? No difference in terms of anonymity, privacy?
None