Is it safe to open an encrypted partition on your computer and then share it with the Whonix Workstation virtual machine? Or is it safer to share the encrypted partition with VirtualBox and decrypt it on the Whonix Workstation system?
Hypothetically, if someone takes over the whonix workstation, is it possible that they will also infect my main operating system through the shared folder?
What is “safe” or not in this instance depends on your threat model, what data you consider “trusted”, and whether you consider the Whonix-Workstation VM “trusted” or not. However, in the likely most common scenario:
In this situation, you should not mount the encrypted partition in the Whonix-Workstation VM itself. Mount it on the host OS and use shared folders for file transfer. An even safer solution would be to use Qubes OS, mount the encrypted volume in a non-networked disposable VM based on Kicksecure, then use qvm-copy to move files into and out of the VM in a safe manner. That’s probably close to the safest way, but for many users that may be overkill.
It depends. In principle, it can be done safely, and if you use Kicksecure as your host OS, it’s a lot more likely that things will be done safely than if you’re using another Linux distro or Windows. However, if your host OS automatically parses files that appear in the shared folder, that can be used to allow a VM escape. The most common type of automatic parsing is image thumbnail loading and file indexing, but there may be other attack vectors as well. if there is a vulnerability in VirtualBox’s shared folder implementation, that could potentially be used for a VM escape.
I’m aware that my workstation system may become infected. But protecting my Windows computer is paramount. I’m afraid that if I share a folder to whonix workstation from my windows system, it might somehow infect windows itself.
So I’m wondering where it would be safer to use the encrypted container: on a Windows system, sharing it after decryption to the Whonix workstation, or decrypting it on the workstation itself.
If you have a motivated, skilled attacker to fear, I would refrain from using shared folders because of the risks posed by Windows Explorer’s thumbnailer. If you aren’t concerned about the attacker stealing all of the data on the encrypted partition, then mounting the partition in Whonix-Workstation would probably make sense.
If both shared folders and the risk of data theft are unacceptable, you’re going to need to resort to a more complicated solution such as transferring files through the virtual network. It may also be possible to use VirtualBox’s file manager to copy files back and forth (though I don’t think this works out of the box on Whonix, and it doesn’t look like this is documented on our wiki yet).
new wiki chapter:
Untrusted Input and Attack Surface
However, for my workstation to access the encrypted container, I also need to share the folder. Does it matter whether it’s on the system or on a flash drive?
The same applies to the first scenario, i.e., mounting the encrypted partition on my main Windows system and then sharing it with the workstation without even checking the contents on the main system. Is it less secure? I assume then an attack based on image thumbnail loading wouldn’t be possible, right?
Then you’re going to have to use folder sharing, unless you provide the encrypted container as a whole-disk device to the VM itself (which could result in damage to the container depending on how you use it and with what software, I think you’re using VeraCrypt and I do not know how it will deal with an encrypted volume file being treated as a whole disk device). The dangers of the Windows thumbnailer apply.
If you use a shared folder, Windows’ thumbnailer is going to be a danger unless you find a robust way to turn it off (it can be turned off but I do not know if Windows will actually refrain from parsing image files if you do so). Other automatic file parsing programs may also be a danger, the thumbnailer is just a particularly notable one. It doesn’t matter whether you share the whole contents of the VeraCrypt drive, or the folder containing the container itself, or a folder completely unrelated to the container that you move files into and out of as needed. All of those options will come with the same risks because the thumbnailer will treat the folders involved in the same way.
Even if I don’t check the contents of the encrypted container in Windows, is there a risk of attack?
There are two options for mounting the encrypted container via VeraCrypt.
Decrypt the file on my main Windows system (without accessing the contents for security reasons), and then share the decrypted content with my whonix workstation.
Sharing the folder containing the encrypted container on my workstation and decrypting it there.
That depends on your threat model.
Both of these options come with similar attack surface concerns. There is a third option I mentioned above:
Like @FranklyFlawless mentioned, that depends on your threat model. Assuming a highly-motivated, highly-skilled attacker, yes.
Unfortunately the third option is too complicated. So you think it makes no difference whether I decrypt the file on my Windows system or on my Whonix workstation if I use folder sharing?
Close to no difference, yes. If you have to use folder sharing anyway though, I’d decrypt the volume on the Windows system and then share the decrypted folder with Whonix-Workstation. If you expose the whole container to the workstation, then malware in the workstation could theoretically maliciously modify the container and the filesystem in it so as to infect the host if you ever mount the container on the host again. That shouldn’t be possible if you decrypt on the host and then share the decrypted folder with the workstation.
And what do you think about the flash drive option? So I could fully encrypt the flash drive, add it to the machine, and then decrypt it there? I’d still have to install the Extension Pack in VirtualBox.
I was also thinking about giving up sharing folders and creating a .vdi virtual disk on which I would place the encrypted container and add it to the workstation so that I could decrypt it there.
USB passthrough comes with its own set of risks and attack surface. I don’t know enough about how VirtualBox’s USB passthrough works to give much advice regarding it, but personally I would be afraid of malware in the VM being able to overwrite the USB device’s firmware and make it persistently malicious. I don’t know if VirtualBox’s USB passthrough prevents that.
That would work if you don’t intend to move files between the host and the VM, and just need to get files into the VM itself. (If you have to move files back to the host, you’ll need to mount the VDI on your host system, at which point many of the same risks of shared folders and some worse risks become applicable (worse risks because now the host OS has to parse untrusted filesystem structures). Note that I don’t know if Windows can mount a VDI at all, this is just talking about what would be possibly an issue if Windows could mount VDIs.
I was thinking about using folder sharing once to transfer the encrypted container to a .vdi drive already attached to the workstation, and then only using the .vdi drive without using folder sharing. This would probably isolate the Windows system from the workstation? What do you think? Is this a more secure method than sharing the folder from Windows?
I do want to keep offering advice, but I think you would benefit from understanding the concepts behind the tools you’re using rather than trying to ask the question “is X safer than Y?” with multiple X and Y methods. Some of these concepts are documented here:
It becomes a lot easier to reason about what methods are safer than other methods in each situation if you do that. It’s also a lot safer for you if you can answer questions like this yourself, since it means you don’t have to listen to the advice of random strangers who may be malicious, or well-intentioned strangers that may not fully understand what your risks and requirements are.
All that being said:
Assuming the following conditions hold:
then what you’re suggesting is likely to be reasonably secure. The reason all of those conditions have to hold is: