Hardware Threat Minimization
|Advanced adversaries already have specialized implant plug-ins which can take over the computer's microphone and record nearby conversations.  |
The user should check whether the computer or notebook has a microphone. Microphones are often built-in and go unnoticed. In most cases it is recommended to disable the microphone for security reasons. If Whonix-Workstation (
anon-whonix) is ever compromised by malware, an adversary could eavesdrop through the microphone.  Similarly, keyboard acoustic side channel attacks can use the audio leakage from keyboard typing to infer the words up to a certain degree of accuracy.  
It is safe to assume that everyone has had an unencrypted phone call during their lifetime and that one of them has been recorded. Voiceprints allow a person to be identified from the specific characteristics (acoustics) of their voice and it is a useful biometric marker.  This means personal and unique voiceprints can be used to link non-anonymous and "anonymous" voice samples; a process called voice recognition and documented on the VoIP wiki page in the introduction chapter. 
Disabling or Removing Microphones
By default, microphones that are connected to the host are made available to virtual machines like Whonix-Workstation (except for Qubes-Whonix, see further below).
For best security, external microphones should be unplugged. If the microphone is built-in and the user decides to disable it, there might be a BIOS option available. Suitably skilled users can also attempt to remove built-in microphones, although this is more difficult.
Select Use of Microphones
Multiple Whonix-Workstations should be used for:
- Making Internet calls.
- Conducting Voice over IP (VoIP).
- Any other microphone use inside Whonix-Workstation (
In this way, the microphone is used in select Whonix-Workstations and not all. The microphone should be unplugged after use.
Expand for more information:
KVM by default emulates a line-in/line-out in the virtual sound device, meaning microphone passthrough to guests is enabled if it is turned on for the host.
VirtualBox has access to the host's microphone by default. Users can disable access by muting it on the host. Alternatively, from VirtualBox 5.2 there is an option to enable/disable VM guest access to the host's microphone. 
When the VM is stopped, run.
VBoxManage modifyvm <uuid|vmname> audioin off
Or when the VM is up and running, use.
VBoxManage controlvm <uuid|vmname> audioin off
Qubes VM Manager is used to attach or detach microphones to select VMs.
Qubes VM Manger ->
Right-click on VM ->
Attach/deattach audio input device to the VM 
|Webcams pose a serious spying risk!|
Webcams on infected machines can be used to take snapshots, record video or eavesdrop using the built-in microphone. Recent research reveals that even remote screen views can be accurately determined via webcams, due to "content-dependent acoustic leakage from LCD screens." 
Always check if the computer or notebook has a webcam; one might be built-in, but have gone unnoticed. Check the computer's datasheet and operating system hardware manager to be sure. It is recommended that (external) webcams are disabled or removed, unless there are immediate plans to use it inside Whonix-Workstation (
anon-whonix). Once a webcam session has finished, it should be disabled and preferably unplugged straight away.
If the webcam is built-in, check whether it can be disabled with a BIOS setting. Suitably skilled users can attempt to remove built-in webcams, although this may be difficult. As a stop-gap measure, the webcam can always be covered with thick adhesive tape or a cap, so long as it is opaque.
Wireless Input Devices
Avoid using wireless keyboards and mice because most send data unencrypted. Even if this was not the case, the robustness of the cryptography involved in proprietary products cannot be verified. A local adversary up to 100 meters away can sniff keystrokes and inject their own, allowing them to take over the machine. 
- The implant is called CAPTIVATEAUDIENCE, while the webcam equivalent is called GUMFISH.
- One attack vector is the use of spam emails which contain malware.
- Researchers continue to improve the accuracy of various techniques and attack vectors like feature extraction and classification, keyboard geometry and triangulation.
- Writing styles are also personal and unique. Individuals can be identified with a similar method called stylometry, which is documented on the Surfing Posting Blogging wiki page.
- Or left-click the microphone button on the Qubes VM Manager toolbar for the specific VM.
- This is a novel acoustic side-channel attack variant that relies on neural networks and the "coil whine" audio emissions from electronic components that power the LCD display.
Whonix Hardware Threat Minimization wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix Hardware Threat Minimization wiki page Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <firstname.lastname@example.org>
This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.