here are some documentation links:
the 1st link is whonix’s guide on viewing youtube videos. the 2nd is a link to the github for Invidious-Instances. these sites host youtube and can be viewed via TOR. only use the .onion mirror links here.
- step 1: open up disposable whonix workstation vm
- step 2: visit one of the invidious-instances .onion links.
- step 3: search for desired video and download video.
- step 4: click on downloads on top right of tor browser
- step 5: open file location
- step 6: right click the video file and select ‘view in disposable vm’
- step 7: now an instance of VLC should open up in a disposable link with your downloaded video.
if the file is malicious, it will not affect the rest of your system* since you opened it in a disposable (akin to amnesiac) vm. since you downloaded it in a disposable too, when you close the downloader vm, it will not exist in any other vm on your system.
*this is a reasonable assumption. since you are downloading the file on an .onion file, traffic is tunneled (e2ee) between you and the server. so an adversary cannot target any specific client. this means the attack would have to be a broad attack on all clients in the network accessing the .onion server. qubes is a very reasonably secure os. using disposable vms is going to mitigate many threats, but software is not infallible. the adversary would have to have an exploit to break xen hypervisor or any of the other safeguards qubes provides in this setup, to ‘broadly’ affect any qubes user on the tor network accessing the videos. its more reasonable to assume an adversary breaks a users qubes security if they are targeted specifically, instead of the entire network
as with opening any malicious files, it could attempt to leak users IP. since this setup uses whonix os through qubes, all traffic is forced through TOR network, so users WAN IP address cannot be leaked unless qubes is compromised itself. perhaps it is safer to setup a disposable vm template that is not networked and to use that instead to open the file. in this case you would have to download the file in a non disposable vm that has network. up to you.