Ways to compromise whonix setup

On host os i’m removing the services,software that i don’t need. Like avahi, mta, rpc,nfs. Can this effect my whonix workflow ? Or as long as virtualbox is working there is everyting ok?


Btw if you are looking for a host that comes with a sane default configuration, look into Qubes. The host there (dom0), has not even networking enabled (that is done in netvm).

thanks, i will look at that.

It’s possible to have “silent” leaks between whonix-workstation and gateway ?
I mean that data from workstation somehow,sometimes don’t hit gateway, instead it go straight to internet without me knowing ? Can this happen becouse of host configuration ? Or something else?

Host config, no. Except wrong VM config.

See also:

And except perhaps “strange” stuff such as this (did not apply to Whonix):

Probably asking same question, but can leak happen because of apparmor profile for virtualbox ? Can too strict profile couse some problems,crashs in virtualbox and after that leaks occur ?

Crash, maybe. Leak, probably not.