China changes everything, as 799 hinted at thinking about what threads you're concerned about.
For "they certainly won't be after me" as a foreigner in China I just used my home internet with a VPN and skipped Whonix. If I was going to get in trouble/deported, it wouldn't have anything to do with my computer's privacy/security. It would be because I posted something critical on Facebook, or some operational security mistake like a critical blog/forum post using the same pseudonym I registered someplace else with my real name and email. In China, using Whonix out of the box and accessing Tor is a bad idea and is dangerous for your personal security. Entry node IPs are public and they will know. Both Tor and VPNs are quasi-illegal, but there's a difference. Tor screams out that you're a dissident or criminal. VPNs instead suggest you're streaming Netflix or looking at pictures of cats on Facebook. A VPN might land a local Tibetan/muslim in prison, but nothing happens to foreigners using a VPN (which is everyone, and they're not going to deport everyone). For "most secure" in China, I would put a VPN VM behind sys-net, and then use Qubes settings to attach whonix-gw behind the VPN and use whonix-ws for browsing (https://www.qubes-os.org/doc/vpn/). For China, NordVPN supposedly works best, but I've never had issues there using ExpressVPN. For the paranoid, consider for a moment that China blocks other VPNs but not these two... So, you just connect the whonix-gw through the VPN and now you have reasonable Qubes security and reasonable privacy from the whonix-ws. Whonix uses Tor and prevents identification of your true IP/Mac/host DNS/hardware is the purpose of Whonix using a gateway (GW) and a workstation (WS). Using Whonix on Qubes alleviates some of the pitfalls of your hardware concerns, identified here: https://www.whonix.org/wiki/Host_Security For public Wi-Fi, your card's MAC accessing a VPN would still be seen. Scrambling your Wi-Fi card's MAC address using macchanger is easy to screw up and some cards don't play nice. Pretty useless anyway, a cafe in China is going to have at least two cameras on you inside and the streets are covered in cities so a directional antenna only brings attention to yourself. Just be mindful of what's recording your screen. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7d86b6f1-1189-43d8-988e-71d3da29df69%40googlegroups.com.
