Anonymize Everything You Do Online
Whonix ™ isn't a program like most of your applications. It's a full operating system that runs inside your current one. Select which operating system your computer is running.
”Whonix is a privacy ecosystem that utilizes compartmentalization to
provide a private, leak-resistant environment for many desktop
computing activities. Whonix helps users use their favorite desktop
applications anonymously.”
The Tor ® Project
”I use Qubes and a Whonix gateway literally everyday”
Edward Snowden, whistleblower, privacy advocate, president of the Freedom of the Press Foundation board [1] [2] [3]
“Whonix is great because you can be confident that everything you do
in the workstation VM is anonymously going through the Tor network.”
Micah Lee, journalist and security engineer
Connections are forced through Tor®. DNS leaks are impossible, and even malware with root privileges cannot discover the user's real IP address. Leak tested through corridor (Tor® traffic whitelisting gateway) and other leak tests.
Whonix ™ is based on Kicksecure ™ which is a a security-hardened Linux distribution.
Whonix utilizes Tor®, which provides an open and distributed relay network to defend against network surveillance.
Keystrokes can be used to track users. To prevent this, Whonix comes with kloak installed by default.
Time attacks are defeated by Boot Clock Randomization and secure network time synchronization through sdwdate (Secure Distributed Web Date).
Different applications are routed through different paths through the Tor® network.
Whonix uses Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).
Additional Security Hardening measures and user education through Whonix provide better protection from viruses.
Running low on RAM isn't a security problem. swap-file-creator will create an encrypted swap file.
You don’t have to trust our word that it respects and protects you. It is independently verifiable by security experts and software developers around the world. This improves security and privacy for everyone.
Your data always belongs to you, and only you. We don’t make advertising deals or collect sensitive personal data. We’re funded directly by our users paying what they want. And that’s how it should be.
In oversimplified terms, Whonix is just a collection of configuration files and scripts. Whonix is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Whonix. About Whonix
There are no artificial restrictions on how users can reconfigure the system.
Whonix is Freedom Software and contains software developed by the Free Software Foundation and the GNU Project .
All of Whonix source code is licensed under OSI Approved Licenses. We respect the rights of our users. All of Whonix is available for review, scrutiny, modification, and redistribution by anyone. Which improves security and privacy for everyone.
Be wary of those confidently calling themselves all-knowing, all-perfect. Whonix is an actively maintained research project making constant improvements -- no shortcomings are ever hidden from users.
vanguards - protect against guard discovery and related traffic analysis attacks.
Linux Kernel Runtime Guard (LKRG)
TCP ISN CPU Information Leak Protection - tirdad
Console Lockdown
Full system Mandatory Access Control (MAC) policy - "AppArmor for everything"
Untrusted Root User
enforce kernel module software signature verification
deactivate malware after reboot from non-root compromise
Hardened Linux Kernel
post-quantum cryptography resistant signing of releases
Mount Options Hardening
Disable SUID Binaries
multiple boot modes for better security: persistent user | live user | persistent admin
Help welcome!
Tor Browser
OnionShare
Thunderbird
KeePassXC
HexChat
VLC
Terminal
Electrum
Bitcoin
Monero
VirtualBox
Ubuntu®