Fully Featured with Advanced Security Components
Impossible to leak IP address
Connections are forced through Tor. DNS leaks are impossible, and even malware with root privileges cannot discover the user's real IP address. Leak tested through corridor (Tor ® traffic whitelisting gateway) and other leak tests.
Booting into VM Live Mode is as simple as choosing Live Mode in the boot menu. Alternatively Debian, Kicksecure and perhaps other Debian-based hosts can boot their existing host operating system into Host Live Mode.
Based on Tor ®
Whonix utilizes Tor ®, which provides an open and distributed relay network to defend against network surveillance. Unlike Virtual Private Networks (VPN), Tor provides anonymity by design and removes trust from the equation.
Based on Kicksecure ™
Kernel Self Protection Settings
Whonix uses Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).
Our Firewall is configured for anonymous Tor ® use.
21 more amazing features →
Whonix provides additional security hardening measures and user education to provide better protection from viruses.
Brute force attack protection
Protect Linux user accounts against brute force attacks By using pam tally2 .
AppArmor profiles restrict the capabilities of commonly used, high-risk applications such as Tor Browser.
Distinct applications are routed through different paths in the Tor® network.
Time Attack Defenses
Discovery and traffic analysis attacks
Protect against guard discovery and related traffic analysis attacks vanguards .
Strong Linux User Account Separation
Learn more about our Linux User Account Separation security-misc .
Strong Anonymity, privacy and security settings
Learn more about our anonymity, privacy and security settings pre-configuration anon-apps-config .
The more you know, the safer you can be: Extensive Whonix Documentation
Console Lockdown disables legacy login methods for improved security hardening.
Tor ® Browser
Running low on RAM isn't a security problem. swap-file-creator will create an encrypted swap file.
Better encryption thanks to preinstalled random number generators.
TCP ISN CPU Information Leak Protection
Hosting Location Hidden Servers
Tor Connection Destination Viewer (tor-ctrl-observer)
tor-ctrl-observer shows connection information of applications using Tor.
A canary confirms that no warrants have ever been served on the Whonix project.
Based on Debian
In oversimplified terms, Whonix is just a collection of configuration files and scripts. Whonix is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Whonix. About Whonix
10 Years of Success
Research and Implementation Project
Whonix makes modest claims and is wary of overconfidence. Whonix is an actively maintained research project making constant improvements; no shortcomings are ever hidden from users.
Whonix is independently verifiable by security experts and software developers around the world; you don’t have to trust developer claims. This improves security and privacy for everyone.
Complete respect for privacy and user freedom
Whonix respects data privacy principles. We don’t make advertising deals or collect sensitive personal data. There are no artificial restrictions imposed on possible system configurations.
Upcoming Security Enhancements
Interested in becoming an investor? See Project Metrics and contact details.