Whonix Workstations: My idea of how to get all files DL, bad ?

Sorry for my english, it’s my nigthmare!

If my post not put in here, feel free to move or delete.

Last nigth was wondering how to bring up the files, directorys and images collected from TOR just only suffering, you know.

Well I run both Whonix Gateway and Whonix Workstations into KVM, libvirt to be exacly, and the virtual disk are in the format qcow2, so, this virtual disk can mount when the VM is off, ussing the qemu-nbd command to, I do that and the mount process is into read only, good point, then read all structure and can navigate from all directories like a live boot cd.

Doing that I think is than better using a USB stick drive or pendrive or HDD USB drive, instead.

The cons, you must be do that in a clear area.

What do you think about?

How do you get all of your downloads from TOR to use in real life, like pdf or movies, whatever?

Thanks.

didnt got what u mean regarding qcow2 but about downloading things with Tor here is my advise for u:-

for better anonymity , u shouldnt download anything using Tor.

pdf & most text files , u can read them inside Tor u dont need to download them. just save the link of the pdf/text to a .text file or so , then when u need to open the book/text again just open the link.

so as for the movies , online streaming much preferable (though in most cases u must turn-off the noscript and/or https-everywhere). but i think it is safer than downloading something in ur hard disk.

but if for any reason u want to download something , just dont open the downloadable file/movie…etc and u r connected to the internet. when the downloading is finished turn off the internet from whonix or manually by un-plugging the cable …etc as u prefer.

also dont add inside new adds-on rather than the default one which r come installed inside.because it may reduce or break ur anonymity.

u can download directly from Tor like inside firefox or any browser. or by using the terminal

wget -c (the downloadable link of the file)

Ok TNT_BOM_BOM, I never add new addons to browser, just update the system when the system alert advice me.

Download from TOR some pdf for example, and read it online, nothing wrong, Whonix run into isolate enviroment, thus I undertanding.

By the other hands, the acts of the users can to compromise anonimity, that it’s true, but Whonix is an operating system whole isolated, isn’t? Else, what risk exist to open a pdf file? or just only I must to open .txt files? The achive of Whonix is DNS no leak. I think so.

I do not use SSH, or USB devices, I like to mount the virtual disk for explore offline if necesary.

Regards.

Directly loading the virtual disk image on the host as a loopback device is dangerous because it exposes your host to untrusted code.

The (only) recommended way to move files out of a guest is by using KVM’s shared folders functionality documented here:

Thanks for reply HulaHoop, I will take in mind your advice.

yeah but that give the possibility of whonix workstation to get compromise.

pdf and/or any downloadable thing may contain malicious program inside it, so if u r connected to the internet and double click on the pdf which contain also a malicious program inside it = things going to be worse…

so if u want to download that pdf or any file , after the download finished turn/cut OFF the internet THEN open the that downloadable thing. because without the internet connection there is no functionality to any malicious program.

there will be no direct de-anonymization even if u open the malicious program inside whonix WS but at least ur anonymity going to be Pseudomonas , in worst cases maybe much less. so avoid all that by using the right method on how to read/open pdf/text file with Tor.

I don’t see how removing internet does a lot good. Because once
compromised, it’s permanent. If a malicious PDF succeeds to infect the
VM, it can just wait until internet was restored. The better option
would be to open the PDF in another VM that does never get networking.
Ideally inside a DisposableVM. (This is not Qubes, yes, but in terms
DisposableVM makes sense.)