Tor Browser "Safest" as default setting
28 views
Skip to first unread message
st0rmth3g8s
Feb 5, 2021, 1:18:34 AM2/5/21
to qubes...@googlegroups.com
Hi everyone,
When I first opened a tor browser in dispvm I didn't click change to "Safest" mode on the prompt that comes up. Now I have to manually do it everytime I open a new tor browser session. How do I change the default to "Safest", as when I try to change the settings in the whonix-ws-15-dvm and whonix-ws-15 templatevm it says I should run tor browser in them (which is totally understandable)?
Cheers
st0rm
Sven Semmler
Feb 5, 2021, 11:47:34 AM2/5/21
to qubes...@googlegroups.com
On 2/5/21 12:18 AM, 'st0rmth3g8s' via qubes-users wrote:
> How do I change the default to "Safest", as when I try to change the
> settings in the whonix-ws-15-dvm and whonix-ws-15 templatevm it says
> I should run tor browser in them (which is totally understandable)?
In case of dispVMs the tor-browser is copied out of the template's
> How do I change the default to "Safest", as when I try to change the
> settings in the whonix-ws-15-dvm and whonix-ws-15 templatevm it says
> I should run tor browser in them (which is totally understandable)?
/var/cache/tb-binary/.tb/tor-browser each and every time an dispVM
instance is started.
This is to make sure there is nothing unique about the profile. Also
there was a time when you could choose on first run (which is what you
remember), but that functionality came from the whonix team and not the
torbrowser team. After it was pointed out that it doesn't always work
(it would say safest, but actually not use that setting) the script was
retired.
So the way you are using it now: change to safest every time a dispVM
starts is they way it is designed to be.
There is a way for you to change that and have your own settings take
effect, but that makes your profile different from all the other
torbrowser instances out there and might be used for fingerprinting. If
you only change the default security level however the risk should be
minimal IMHO.
To do that you'd create a normal AppVM instance of whonix-ws-15 and
configure the torbrowser in it the way you want. Then you close the
torbrowser and qvm-copy ~/.tb/tor-browser to whonix-ws-15. In
whonix-ws-15 you will then remove /var/cache/tb-binary/.tb/tor-browser
and replace it with the one that is in your ~/QubesIncoming.
Now it will also take effect in your dispVM. When there is a torbrowser
update triggered through 'apt upgrade' in the template all your
modifications will be lost and you have to repeat the above.
/Sven
--
public key: https://www.svensemmler.org/0x8F541FB6.asc
fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6
Reply all
Reply to author
Forward
0 new messages