Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop leaking dom0 timezone to Qubes-Whonix #8381

Open
adrelanos opened this issue Jul 31, 2023 · 10 comments · Fixed by QubesOS/qubes-core-admin#646
Open

Stop leaking dom0 timezone to Qubes-Whonix #8381

adrelanos opened this issue Jul 31, 2023 · 10 comments · Fixed by QubesOS/qubes-core-admin#646
Labels
C: Whonix This issue impacts Qubes-Whonix P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. privacy This issue pertains to data or information privacy through technological means. S: partial Status: partial. Work on this issue is partially complete, but it is not actively being worked on.

Comments

@adrelanos
Copy link
Member

Qubes OS release

R4.2

Brief summary

Qubes VMs leak timezone.

Reported by @chessjazz.

Steps to reproduce

qubesdb-read /qubes-timezone

Expected behavior

No command available to leak dom0 timezone.

Actual behavior

Dom0 timezone can be leaked in VM if malware is running inside the VM.

Additional information

For issue tracking.

  • issue caused by Qubes-Whonix: no
  • affects Qubes-Whonix: yes, because Whonix sets timezone to UTC as it should be hidden. (It doesn't leak to remote websites but malware with local code execution could read dom0 timezone.)
  • only relevant for Whonix: Dunno if there are also other users who would prefer not to leak this information to VMs.

Suggested solution

If qvm-features or similar mechanism has whonix-ws 1, whonix-gw 1, notimezone 1, then don't write /qubes-timezone to qubesdb.
@adrelanos adrelanos added P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. T: bug labels Jul 31, 2023
@andrewdavidwong andrewdavidwong added T: enhancement privacy This issue pertains to data or information privacy through technological means. C: Whonix This issue impacts Qubes-Whonix and removed T: bug labels Aug 1, 2023
@andrewdavidwong andrewdavidwong added this to the Release TBD milestone Aug 1, 2023
@andrewdavidwong andrewdavidwong changed the title stop leaking dom0 timezone to VMs Stop leaking dom0 timezone to Whonix qubes Aug 1, 2023
@adrelanos

This comment was marked as off-topic.

Sign in to view
@marmarek

This comment was marked as off-topic.

Sign in to view
@DemiMarie

This comment was marked as off-topic.

Sign in to view
@marmarek

This comment was marked as off-topic.

Sign in to view
@andrewdavidwong andrewdavidwong removed this from the Release TBD milestone Aug 13, 2023
@p1llule

This comment was marked as off-topic.

Sign in to view
@andrewdavidwong

This comment was marked as off-topic.

Sign in to view
@adrelanos adrelanos changed the title Stop leaking dom0 timezone to Whonix qubes Stop leaking dom0 timezone to Qubes-Whonix Feb 12, 2024
@adrelanos adrelanos mentioned this issue Mar 4, 2024
Open
strategictraveler added a commit to strategictraveler/qubes-core-admin that referenced this issue Nov 2, 2024
@strategictraveler
Hide local timezone from VMs with specific tag
a8ba9ab 
Set fake timezone for VMs with "anon-timezone" tag.
Fixes QubesOS/qubes-issues#8381
strategictraveler added a commit to strategictraveler/qubes-core-admin that referenced this issue Nov 2, 2024
@strategictraveler
Hide local timezone from VMs with specific tag
a5dd3ba 
Set fake timezone for VMs with the "anon-timezone" tag.
Fixes QubesOS/qubes-issues#8381
@strategictraveler strategictraveler mentioned this issue Nov 2, 2024
Closed
@marmarek marmarek moved this to Ready in Current team tasks Dec 13, 2024
@DemiMarie DemiMarie self-assigned this Dec 15, 2024
@DemiMarie DemiMarie moved this from Ready to In progress in Current team tasks Dec 15, 2024
@DemiMarie DemiMarie removed their assignment Dec 23, 2024
@DemiMarie
Copy link

Unassigning myself in light of QubesOS/qubes-core-admin#632

@DemiMarie DemiMarie moved this from In progress to Ready in Current team tasks Dec 23, 2024
@andrewdavidwong andrewdavidwong added the pr submitted A pull request has been submitted for this issue. label Dec 23, 2024
@DemiMarie DemiMarie mentioned this issue Jan 2, 2025
Merged
DemiMarie added a commit to DemiMarie/qubes-core-admin-client that referenced this issue Jan 8, 2025
@DemiMarie
Document the anon-timezone feature
01e26ed 
Part of QubesOS/qubes-issues#8381.  See also
QubesOS/qubes-core-admin#646.
@DemiMarie DemiMarie mentioned this issue Jan 8, 2025
Merged
DemiMarie added a commit to DemiMarie/qubes-core-admin that referenced this issue Jan 8, 2025
@DemiMarie
Do not set timezone for VMs with anon-timezone feature
2dbc1b8 
This is implemented as a feature so that the standard
check-with-template mechanism can be used.  VMs can request
the feature using the standard mechanism.

Fixes: QubesOS/qubes-issues#8381
@github-project-automation github-project-automation bot moved this from Ready to Done in Current team tasks Jan 8, 2025
This was referenced Jan 8, 2025
Closed
Open
Open
@adrelanos
Copy link
Member Author

Great progress, thank you!

What is missing, is actually enabling qvm-feature anon-timezone for Qubes-Whonix Templates?

A change in https://github.com/QubesOS/qubes-core-admin-addon-whonix is probably required.

Please re-open.

@h01ger
Copy link

h01ger commented Jan 9, 2025 via email

@marmarek
Copy link
Member

marmarek commented Jan 9, 2025

shouldn't anon-timezone just be the default?

No, that makes timezone in VM to be the default one (usually UTC), which affects more or less all applications (including calendar, email client etc). Most users prefer to see their local time.

@marmarek marmarek reopened this Jan 9, 2025
@DemiMarie DemiMarie added S: partial Status: partial. Work on this issue is partially complete, but it is not actively being worked on. and removed pr submitted A pull request has been submitted for this issue. labels Jan 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: Whonix This issue impacts Qubes-Whonix P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. privacy This issue pertains to data or information privacy through technological means. S: partial Status: partial. Work on this issue is partially complete, but it is not actively being worked on.
Projects
Current team tasks
Status: Done
Milestone
No milestone
6 participants
@marmarek @adrelanos @h01ger @DemiMarie @andrewdavidwong @p1llule