[Whonix-devel] Survey: How to make Whonix really user friendly? Looking for your suggestions!

Jean Elchinger jeanelchinger at riseup.net
Mon Apr 28 21:41:53 CEST 2014

Hi, I wanted to share my ideas. Would it be possible to have whonix as a docker instance? 
Check the docker.io website. It seems to become a de facto standard for light virtualization. 


On 26 March 2014 18:24:48 CET, Whonix | Privacy and Anonymity OS <newblogpost at whonix.org> wrote:
>Future Directions - Where Whonix wants to be in 2 or 5 years?
>Whonix is a useful tool for some already, got many fans. How can we
>make Whonix really user friendly to allow mass adaption by regular
>people who need anonymity most?
>It seems, Whonix limits itself by its two machines design. It's not
>exactly simple and user friendly to say "you first need to get
>VirtualBox, then import these two VMs, then start Whonix-Gateway, then
>start Whonix-Workstation or use physical isolation". How could that be
>improved while keeping Whonix's design?
>In the last days many had great ideas. One was to create a hardware
>appliance. Whonix running as physically isolated gateway running on
>devices such as Raspberry PI or OpenWRT or creating a Tor WiFi Hotspot
>(a WiFi hotspot once using it, torifying the whole connection). The
>issue is, having a "route everything through Tor" approach alone
>doesn't make it anymore nowadays. If someone would run their usual
>applications, such as their Firefox or Internet Explorer browser they
>used for non-anonymous stuff beforehand over Tor, they wouldn't be
>anonymous at all due to (flash) cookies, browser fingerpriting and so
>forth. Saying "plug this hardware appliance between your router and
>your computer AND install this client package" also doesn't sound
>exactly simple.
>Another idea was to create a Whonix Live DVD. But even if we managed to
>create one, it would still be clumsy to say "you have to burn this iso
>to DVD, then boot it, then start Whonix-Gateway, then start
>Jason Ayala suggested to create an Whonix USB installer. It would still
>be clumsy (as above), but installing Whonix would get simpler and more
>encouraging to use a non-Windows, separate operating system. We then
>would have to support lots of different hardware, but additional
>support by funding this would be possible. Users still would have to
>figure out how to boot from USB, which is not entirely trivial due to
>different BIOS implementations. Also "secure boot" won't make this
>Cerberus raised the idea to make Whonix fully managed. Perhaps he meant
>to enable automatic updates for the host, Whonix-Gateway and
>Whonix-Workstation. Whonix-Gateway could then be fully managed and
>hidden from non-advanced users. However, there are some settings that
>need to be set up on Whonix-Gateway, such as settings for Tor bridges.
>Maybe a Whonix-Host operating system could ssh into Whonix-Gateway to
>manage it.
>Or maybe while we're at discussing a Whonix-Host operating system, we
>should revive the OneVM concept? In essence, we're shipping
>Whonix-Gateway as VM package, because it is a simpler and more robust
>implementation to support a variety of different host operating systems
>and configurations. As long as Whonix doesn't provide a host operating
>system, the two VM solution is more robust. But if Whonix is enters the
>next stage of evolution, i.e. by shipping a host operating system, the
>OneVM concept may work better.
>Tim Schwartz raised the idea to add Whonix to the usual app stores,
>such as Windows / Mac app store as well as "sudo apt-get install
>whonix". This wouldn't make Whonix less clumsy (still two VMs), but it
>would make installation simpler and more secure.
>In summary, we're not sure yet where the journey should go to. We'd
>appreciate the input of the community. Please share ideas on how Whonix
>could become really usable while not sacrificing security.
>This post has been automatically cross-posted by whonix.org/blog To see
>the original (including links), go to
>You are receiving this e-mail because you subscribed Whonix-devel
>mailing list. To unsubscribe visit
>https://whonix.org/cgi-bin/mailman/listinfo/whonix-devel or mail
>"unsubscribe" to Whonix-devel-unsubscribe at whonix.org.
>Sie erhalten diese E-Mail, weil Sie die Whonix-devel Mailingliste
>aboniert haben. Zum abbestellen besuchen Sie
>https://whonix.org/cgi-bin/mailman/listinfo/whonix-devel oder mailen
>Sie "unsubscribe" an Whonix-devel-unsubscribe at whonix.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://whonix.org/pipermail/whonix-devel/attachments/20140428/22d91bf0/attachment.html>

More information about the Whonix-devel mailing list