[Whonix-devel] Whonix Anonymous Operating System Version 7 Released!

adrelanos adrelanos at riseup.net
Sat Oct 12 06:58:02 CEST 2013

Hash: SHA512

Whonix is an operating system focused on anonymity, privacy and
security. It's based on the Tor anonymity network, Debian GNU/Linux
and security by isolation. DNS leaks are impossible, and not even
malware with root privileges can find out the user's real IP.

Whonix consists of two parts: One solely runs Tor and acts as a
gateway, which we call Whonix-Gateway. The other, which we call
Whonix-Workstation, is on a completely isolated network. Only
connections through Tor are possible.



Users of Whonix 0.5.6 and below:

There is no upgrade path from Whonix 0.5.6 to Whonix 7, sorry. You
have to manually download new Whonix images.

Call for Help:

If you know shell scripting (/bin/bash) and linux sysadmin, please
join us! There are plenty of ways to make Whonix safer. We are also
looking for a https direct download mirror.


* Tor 0.2.4

* obfs3 installed by default

* higher console resolution 1024x768 (without X)

* The current Tor Browser Bundle (TBB) Alpha, which will soon become
the new TBB stable, will work out of the box in Whonix, even if you
download and install it manually from torproject.org. The out of the
box user experience will include not accidentally running Tor over
Tor. This is useful for the case, that the Whonix Tor Browser updater
breaks again, because torproject.org changed something.

* Graphical Whonix-Gateway. Optional. If you reduce Whonix-Gateway RAM
below 500 MB (this and every other aspect of this feature can be
configured), lets say to 128 MB, you automagically end up with the
usual non-graphical Whonix-Gateway.

* Whonix has now an updater. It can not promised, that you never have
to download a new image, when next stable version of Whonix gets
released, but we are on that way. Interested testers may have to
download a new (test-)image from time to time, since we also need to
test the out of the box user experience.

* whonixsetup - Connection Wizard: Whonix now comes with Tor
networking disabled. This is useful for users who never want to
connect to the public Tor network, because they want to hide the fact,
that they are using Tor. This kind of users can now more easily set up
(private) (obfuscated) bridges before ever trying to connect to the
Tor network.

* Fixed uwt. To do certain tasks such as installing the Adobe Flash
plugin or running update-command-not-found you no longer need to
"chmod -x /usr/local/bin/curl".

* Manpages for scripts, which come with Whonix.

* /etc/whonix.d/, /etc/whonix_firewall.d/ /etc/controlportfilt.d
flexible modular .d style configuration folders.

* Deactivate the kgpg tray icon by default (#10), not perfect, but
less confusing, since it will now start in foreground by default and
no longer as tray icon (which was automatically and confusingly hidden
by default).

* Boot Clock Randomization

* Time Sanity Check

* Downloading Tor Browser and signature from
http://idnxcnkne4qt76tg.onion/dist/torbrowser/linux instead from
https://www.torproject.org/dist/torbrowser for better security when
run inside Whonix. (Not sure if we can keep this, due to general
scaling flaws in hidden services.)

* Tor Button's New Identity button now functional. (Thanks to Control
Port Filter Proxy.)

* optional Time Privacy wrapper

* enable "apparmor=1 security=apparmor" by default (but didn't enable
enforce mode or added any useful profiles)

* moved blog to wordpress.com, better than sourceforge, because
wordpress.com supports SSL, closed #23

* Tor Browser is now system default browser, when trying to open links
it will ask for confirmation to avoid accidental linking (configurable).

* too many other improvements under the hood in git log



More information about the Whonix-devel mailing list