VM Fingerprinting

From Whonix


Threat Model[edit]

In computing terms, the threat model [archive] concerns potential threats or structural vulnerabilities that can be exploited by adversaries; in the case of Whonix ™ this means possible identifiers leading to full or partial deanonymization.

VM fingerprinting threats arise when two VMs are compromised, for instance:

  • VMs infected with malware.
  • VMs that have software locally installed which includes anti-features such as privacy-intrusive, tracking elements.

In this case, the goal of the adversary is to link two or more VMs to the same pseudonym.

Related: Tor Browser and Whonix ™ goals and non-goals


Local Non-Deterministic Artifacts[edit]

Automatically Generated Local Non-Deterministic Artifacts[edit]

A number of non-deterministic artifacts are present in the various Whonix ™ variants - consider the examples below:

  • In Qubes-Whonix ™, the contents of many log files like /var/log/apt/history.log usually contain text such as Start-Date: 2020-04-11 07:20:20. This is visible in both the Qubes TemplateVM and in AppVMs/DispVMs based on that TemplateVM due to the usual Qubes root file system sharing [archive]. [1]
  • The file creation timestamps of numerous files will be unique in a TemplateVM, but also shared with multiple Qubes TemplateBased AppVMs/DispVMs that are based on that TemplateVM. [2]
  • Hardware details can potentially be used for identification, including /proc/cpuinfo, /proc/bus, /proc/scsi and /sys. For this reason, Whonix ™ includes an opt-in (currently being tested) hide-hardware-info.service systemd unit to limit this information to the root user only; see Restrict Hardware Information to Root.
  • The Protocol Leak Protection and Fingerprinting Protection chapter outlines a host of other possible fingerprinting identifiers.
  • These variables are related to the reproducible builds [archive] movement which is working on preventing non-deterministic artifacts in packages and ultimately also iso, template, raw, and other images. It is also related to most operating systems not being stateless.

Please note this is not an exhaustive list.

User-generated Local Non-Deterministic Artifacts[edit]

Non-deterministic artifacts are also caused by any user modifications inside the VM, such as editing ~/.bashrc or changing the default editor.


Non-Deterministic Artifacts[edit]

As noted in the Threat Model introduction, non-deterministic local artifacts matter in:

  • VMs infected with malware.
  • VMs that have software locally installed which includes anti-features such as privacy-intrusive, tracking features.

In that case, the impact on Non-Qubes-Whonix ™ and Qubes-Whonix ™ users is noted below.

Non-Qubes-Whonix ™[edit]

All VMs are "StandaloneVMs". [3] Automatically generated, non-deterministic, local artifacts are "somewhat" unique in every VM. At a minimum, an adversary could use these local artifacts to determine the build version of Whonix ™ because these artifacts are shared among all[4] Whonix ™ images of that specific version.

Further identifiers then depend on individual behavior as to what kind of user-generated, local, non-deterministic artifacts exist. For example, if users change the keyboard layout to German, set their shell to python, and install an adblocker in every Tor Browser instance inside of a VM, this will very likely create enough uniqueness to permit an adversary that has compromised multiple VMs to link all of these to the same pseudonym.

Qubes-Whonix ™[edit]

  • TemplateBased AppVMs / DispVMs: There are a lot of automatically generated, non-deterministic, local artifacts in the root file system which will be shared by all TemplateBased AppVMs based on that TemplateVM, as well as in the root file system of every DispVM which is spawned from the TemplateVM upon which it is based. These local artifacts are unique to each TemplateVM but shared among all AppVMs / DispVMs that are based on that TemplateVM. Therefore an adversary with access -- which can be via malware of locally installed applications which include anti-features -- that compromised two VMs based on that TemplateVM can link these VMs to the same pseudonym.
  • PVH StandaloneVMs: The impact depends on when the StandaloneVM was cloned from a TemplateVM.
    • Right after creation download: Theoretically, this case could be better and might be similar to Non-Qubes-Whonix ™. However, in practice local artifacts are still created since Qubes automatically boots VMs right after download due to Qubes' qvm-features-request [archive] mechanism.
    • Later cloned after starting the TemplateVM: A lot of automatically generated, non-deterministic, local artifacts will already exist.
  • HVM StandaloneVMs: Probably very few users are utilizing these. Even if they are in use, these would probably not be based on whonix-ws, which would be even worse. If a whonix-ws based HVM StandaloneVM is utilized, this might be a similar situation to Non-Qubes-Whonix ™.


An adversary could benchmark the CPU, GPU, HDD, RAM, other hardware (such as the microphone, keyboard, and camera) and/or network connection to create a unique profile which is similar enough to link two compromised VMs to the same pseudonym.



Non-Deterministic Artifacts[edit]


Where possible, limits could be enforced for the CPU, GPU (theoretically), HDD, RAM and network connection.

Related ticket: virtualizer: enforce maximum system resources a virtual machine may use [archive].

Such a feature could potentially be implemented in sandbox-app-launcher [archive] (development discussion [archive]). This would be useful in the case of buggy / misbehaving applications not accidentally DDOS'ing the host as well as compromised applications trying to benchmark the VM.

Forum Discussion[edit]

VM Fingerprinting - linking two or more locally compromised VMs to the same pseudonym [archive]

See Also[edit]


  1. Qubes debian-10 TemplateVM
    cat /var/log/apt/history.log
    Start-Date: 2020-04-11  07:20:20
  2. ls -la /etc/apt/trusted.gpg

    Qubes whonix-ws based DispVMs:

    -rw-r--r-- 1 root root 1138 Mar  7 09:39 /etc/apt/trusted.gpg

    Qubes debian-10 based VM:

    -rw-r--r-- 1 root root 1138 Mar 26  2018 /etc/apt/trusted.gpg
  3. Qubes [archive]:

    In general terms, a VM is described as standalone if and only if it does not depend on any other VM for its root filesystem. (In other words, a VM is standalone if and only if it is not a TemplateBasedVM.)

  4. Or most.

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Please help us to improve the Whonix ™ Wikipedia Page. Also see the feedback thread.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.