Software That Can Anonymize Everything You Do Online

Learn What Is Whonix?
Whonix Desktop

Download, Install, Run FREE

Whonix isn't a program like most of your applications. It's a full operating system that runs inside your current one. Select which operating system your computer is running.

Download for Windows 10

Windows
Download for Linux

Linux

Run it with VirtualBox
Download for Mac

macOS

Run it with VirtualBox
Download for Qubes

Qubes
Download for KVM

KVM

For those who prefer KVM over VirtualBox
Wired ”For the even more paranoid, there is a lesser-known Tor-enabled OS called Whonix”
The Guardian ”Whonix is about as anonymous as an OS can get before it all becomes too inconvenient for normal use.”
The Intercept ”Whonix, an operating system you can run in a virtual machine to maximize your online anonymity; it’s ideal for maintaining a secret identity.”
TechRepublic ”Whonix adds a layer of anonymity to your business tasks.”
Edward Snowden ”I use Qubes and a Whonix gateway literally everyday”

Edward Snowden, whistleblower, privacy advocate, president of the Freedom of the Press Foundation board [1] [2] [3]

LinuxSecurity.com Logo ”This split design allows the user to remain completely anonymous and mitigates the risk of DNS leaks, which reveal private information such as your web browsing history.”

LinuxSecurity.com

HostingAdvice.com Logo ”Whonix protects user anonymity by routing internet connections through Tor’s network of volunteer-run servers while deploying advanced security mechanisms. The Linux-based OS, which runs on top of existing systems via virtual machines, can be installed on Windows, macOS, and Linux.”

HostingAdvice.com

Chip Logo "Das linux-basierte Betriebssystem Whonix setzt von Anfang an auf Sicherheit."

Chip

Heise Online Logo "Viele Webseiten verfolgen ihre Besucher mit ausgeklügelten Trackingmechanismen. Whonix macht Schluss damit, ohne dass man Browser-Einstellungen ändern muss."

Heise Online

Ct Logo ”Tarnkappe - Mit Whonix anonym im Internet surfen”

c't

AT&T Logo ”The Internet was not designed with anonymity in mind, but things have changed. Anonymity has become a necessary and legitimate objective in many applications.”

Featured at AT&T Cybersecurity blog.

All activity in a virtual machine, all internet traffic through the Tor® network

Whonix is the best way to use Tor® and provides the strongest protection of your IP address.

Tor Browser with duckduckgo

Applications are reviewed and pre-configured.

Fully Featured and Advanced Security Features

Leak IP Address

Impossible to leak IP address

Connections are forced through Tor®. DNS leaks are impossible, and even malware with root privileges cannot discover the user's real IP address. Leak tested through corridor (Tor® traffic whitelisting gateway) and other leak tests.

Live Mode

Live Mode

Booting into VM Live Mode is a simple as choosing Live Mode in the boot menu. Alternativly Debian, Kicksecure and perhaps other Debian based hosts can boot their existing host operating system into Host Live Mode.

Kicksecure

Based on Kicksecure ™

Whonix is based on Kicksecure ™ which is a a security-hardened Linux distribution.

Tor

Based on Tor®

Whonix utilizes Tor®, which provides an open and distributed relay network to defend against network surveillance.

kloak

Keystroke Anonymization

Keystrokes can be used to track users. To prevent this, Whonix comes with kloak installed by default.

time

Time Attack Defenses

Time attacks are defeated by Boot Clock Randomization and secure network time synchronization through sdwdate (Secure Distributed Web Date).

vanguards

Protect against guard discovery and related traffic analysis attacks

vanguards

tirdad

TCP ISN CPU Information Leak Protection

Prevent de-anonymization of Tor onion services through Tirdad kernel module for random ISN generation.

entropy

Entropy Enhancements

Better encryption thanks to preinstalled random number generators.

Stream Isolation

Stream Isolation

Distinct applications are routed through different paths in the Tor® network.

AppArmor

AppArmor

AppArmor profiles restrict the capabilities of commonly used, high-risk applications.

security-misc

Kernel Self Protection Settings

Whonix uses Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).

Protect Linux user accounts against brute force attacks

By using pam tally2.

security-misc

Strong Linux User Account Separation

security-misc

anon-apps-config

Anonymity, privacy and security settings pre-configuration

anon-apps-config

Documentation

Extensive Documentation

The more you know, the safer you can be.

anbox

Android Support

Run Android applications using Anbox (outdated) or Whonix-Custom-Workstation using Android x86.

Virus Protection

Virus Protection

Additional security hardening measures and user education through Whonix provide better protection from viruses.

Console Lockdown

Console Lockdown

Console Lockdown disables legacy login methods for improved security hardening.

Advanced Firewall

Advanced Firewall

Configured for anonymous Tor® use.

YouTube

Tor® Browser

Visit any destination including modern websites such as YouTube.

YouTube

swap-file-creator

Running low on RAM isn't a security problem. swap-file-creator will create an encrypted swap file.

server

Hosting Location Hidden Servers

Whonix is the safest way to Host Location Hidden Services / Onion Services.

Forums and more

Vibrant Community

Forums
Newsletter
Contributors
RSS

History

History

An eight year history of protecting our users against Real World Attacks.

Fully Auditable

Fully auditable

You don’t have to trust our word that it respects and protects you. It is independently verifiable by security experts and software developers around the world. This improves security and privacy for everyone.

privacy

Complete respect for privacy

Your data always belongs to you, and only you. We don’t make advertising deals or collect sensitive personal data. We’re funded directly by our users paying what they want. And that’s how it should be.

Canary

Warrant Canary

A canary confirms that no warrants have been served on the Whonix project.

Debian

Based on Debian

In oversimplified terms, Whonix is just a collection of configuration files and scripts. Whonix is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Whonix. About Whonix

Freedom

Complete user freedom

There are no artificial restrictions on how users can reconfigure the system.

signed

Digitally signed releases

Downloads are signed so you can verify they are genuine Whonix releases.

GNU

Freedom Software

Whonix is Freedom Software and contains software developed by the Free Software Foundation and the GNU Project.

OpenSource

Open Source

All of Whonix source code is licensed under OSI Approved Licenses. We respect the rights of our users. All of Whonix is available for review, scrutiny, modification, and redistribution by anyone. This improves security and privacy for everyone.

research

Research and Implementation Project

Be wary of those confidently calling themselves all-knowing, all-perfect. Whonix is an actively maintained research project making constant improvements -- no shortcomings are ever hidden from users.

Upcoming Security Enhancements

LKRG Linux Kernel Runtime Guard (LKRG)

Hardened Malloc Hardened Malloc is a hardened memory allocator which can be used with many applications to increase security. A fork by Kicksecure will be enabled by default.

Sandboxed Application Launcher sandbox-app-launcher is an application launcher that can start each app inside its own restrictive sandbox. It runs each app as its own user, in a bubblewrap sandbox and confined by AppArmor.

Full system Mandatory Access Control (MAC) policy - "AppArmor for everything"

Untrusted Root User

enforce kernel module software signature verification

deactivate malware after reboot from non-root compromise

Hardened Linux Kernel

post-quantum cryptography resistant signing of releases

Mount Options Hardening

Disable SUID Binaries

multiple boot modes for better security (user, live, secureadmin, superadmin)

Help welcome!

Compatibility

Investors

Investors

Interested in becoming an investor? See Project Metrics.