About OpenHuizeBox
A privacy-audit research sandbox built by taking Oracle VirtualBox 7.2 OSE, adding a disclosed patch set, and shipping it with the hardware- identity surface made explicit.
What it is
OpenHuizeBox is a GPL v3 derivative of VirtualBox 7.2 OSE focused on a single coherent use case: privacy-audit research on software that profiles its host. It surfaces the hardware-identity signals that commercial software and malware read from the host — CPUID brand, SMBIOS/ACPI tables, disk model and serial, NIC OUI — as visible, per-VM Settings you can toggle, document and reproduce.
What the platform makes easy is usually what the platform is for. By putting identity knobs on the same dialog as RAM and disk size, the product's intent is legible to the operator: this is a knob you are turning, not a trick being played.
Technical stack
- Base
- VirtualBox 7.2.x OSE (Oracle upstream) with a disclosed patch set in
vbox-patches/plus a long-lived branch fork for GUI integration work that doesn't reduce to a single-file patch. - Build system
- kBuild (extracted from the Oracle source tarball), bundled MSYS,
MSVC 2022. Reproducible from a clean
git clone --recursiveon a reference Windows host in about 45 minutes. - GUI
- Qt 6.8, with a Realistic Hardware Identity groupbox injected across five VM Settings tabs (Motherboard, Processor, Display, Storage, Network) via a header-only C++ template reused per tab.
- Installer
- Inno Setup 6, produces a single signed
.exefor Windows x64. Self-signs the kernel driver on install, enables Windows test-signing, registers the service. - Hardware-identity profiles
- JSON definitions in
modules/01_hardware_fingerprint/profiles/, covering Dell OptiPlex, Lenovo ThinkPad, a generic OEM workstation and a blank template. Each profile declaresextradata,modifyvm_args, amac_oui_pool, disk identifiers and adisk_extradata_template. - Audit toolchain
modules/contains standalone scripts forpktmoncapture and TLS root CA generation. Tracker-blocklist injection and before/after snapshot diff are drafted but not yet wired end-to-end — see TESTING.md §4.11 and §7.5.
What the fork changes — and what it leaves alone
The fork is deliberately shallow. Decisions in both columns are
documented in PATCHES.md
and docs/DETECTOR_COVERAGE.md.
| Changed | Branding strings, installer metadata, About dialog, Windows file properties, help URLs. Settings-tab integration. Kernel driver signed with a project CA. |
|---|---|
| Unchanged | VMM core. No CPUID/RDTSC/SIDT/SGDT/MSR shaping at the hypervisor level. SUPDRV device names untouched. Oracle copyright headers in individual source files preserved verbatim. |
Versioning
Releases follow MAJOR.MINOR.PATCH-channel with the
upstream VirtualBox tag recorded separately in
UPSTREAM_TRACKING.md.
The current alpha tracks 0.1.0-alpha on base VBox 7.2.7.
Breaking changes expected up to 0.9.0-beta.
Changelog
See CHANGELOG.md
on GitHub or subscribe to the Atom feed.
Contact
Project mail: zhihuiyuze@gmail.com.
Security-sensitive reports: GitHub Security Advisories at
/security.