Actions

Privacy protection. Anonymity online. Anonymous Operating System.

From Whonix




Whonix Portal.jpg

Whonix ™ Overview[edit]

Whonix ™ is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacy [archive]. Based on Tor, Debian GNU/Linux and the principle of security by isolation, Whonix ™ realistically addresses common attack vectors while maintaining usability. Online anonymity and censorship circumvention is attainable via fail-safe, automatic and desktop-wide use of the Tor network, meaning all connections are forced through Tor or blocked. The Tor network helps to protect from traffic analysis by bouncing communications around a distributed network of relays run by global volunteers. Without advanced, end-to-end, netflow correlation attacks, an adversary watching an Internet connection cannot easily determine the sites visited, and those sites cannot discover the user's physical location. [1]

Whonix ™ uses an extensively reconfigured Debian base (Kicksecure ™ Security Hardened) which is run inside multiple virtual machines (VMs) on top of the host OS. This architecture provides a substantial layer of protection from malware and IP leaks. Applications are pre-installed and configured with safe defaults to make them ready for use with minimal user input. The user may install custom applications or personalize their desktop without fear of information leaks that could lead to de-anonymization. Whonix ™ is the only actively developed OS designed to be run inside a VM and paired with Tor. Though technically a "desktop" operating system, the security and anonymity tools Whonix ™ provides also make it ideally suited for hosting secure and anonymous onion services.

FREE

Download Whonix ™
Windows logo - 2012.svg.png Macos by ego.png Tux.png Virtualbox logo.png Qubes-logo-blue.png Whonix onUSB.jpg

Whonix ™ Design[edit]

Whonix ™ consists of two VMs: the Whonix-Gateway ™ and the Whonix-Workstation ™. [2] The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network. The Whonix ™ design affords several benefits:

  • Only connections through Tor are permitted.
  • Servers can be run, and applications used, anonymously over the Internet.
  • DNS leaks are impossible.
  • Malware with root privileges cannot discover the user's real IP address.
  • Threats posed by misbehaving applications and user error are minimized.
  • The platform has extensive security hardening [archive].

Figure: Whonix ™ Operating System Design

Whonix concept refined.jpg

Whonix ™ provides stream isolation for many pre-installed or custom-installed applications when they are used simultaneously. For example, Tor Browser, Hexchat, Thunderbird and several other applications use a dedicated Tor SocksPort, preventing identity (pseudonym) correlation that may otherwise occur when the same Tor circuit and exit relay are used. Applications using Tor's DNS and/or Transport can be optionally disabled.

Figure: Whonix ™ Stream Isolation
Stream isolation.1.0.jpg

To learn more about Whonix ™ see About and Features.

Whonix ™ User Groups[edit]

The increasing threat of mass surveillance and repression all over the world means our freedoms and privacy are rapidly being eroded. Without precautions, the Internet service provider (ISP) and global surveillance systems can record everything done online, as IP addresses associated with network activity are easily linked with the physical location of a user's computer(s). Whonix ™ is one solution to this problem.

Anyone who values privacy or does sensitive work on their desktop or online can benefit from using Whonix ™. This includes, but is not limited to:

  • Investigators and whistleblowers whose work threatens the powerful.
    • Within an isolated environment, research and evidence can be gathered without accidental exposure.
  • Researchers, government officials or business-people who may be targets of espionage.
    • Anti-malware and anti-exploit modifications lower the threat of trojans and backdoors.
  • Journalists who endanger themselves and their families by reporting on organized crime.
    • Compartmentalized, anonymous Internet use prevents identity correlation between social media and other logins.
  • Political activists under targeted surveillance and attack.
    • The usefulness of threatening the ISP in order to analyze a target's Internet use is severely limited. The cost of targeting a Whonix ™ user is greatly increased.
  • Average computer users in a repressive or censored environment.
    • Easy Tor setup and options for advanced configurations means users in repressive countries can fully access the Internet desktop-wide, not just in their browser.
  • Average computer users who simply don’t want all or some aspect of their private lives uploaded, saved and analyzed.
    • Whonix ™ does not silently upload identifying information in the background.

About



Fosshost is sponsors Kicksecure ™ stage server Whonix old logo.png
Fosshost About Advertisements

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: Discourse logo.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Main Page&body=https://www.whonix.org/wiki/Main_Page link=https://reddit.com/submit?url=https://www.whonix.org/wiki/Main_Page&title=Main Page link=https://news.ycombinator.com/submitlink?u=https://www.whonix.org/wiki/Main_Page&t=Main Page link=https://mastodon.technology/share?message=Main Page%20https://www.whonix.org/wiki/Main_Page&t=Main Page

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Main Page&body=https://www.whonix.org/wiki/Main_Page link=https://reddit.com/submit?url=https://www.whonix.org/wiki/Main_Page&title=Main Page link=https://news.ycombinator.com/submitlink?u=https://www.whonix.org/wiki/Main_Page&t=Main Page link=https://mastodon.technology/share?message=Main Page%20https://www.whonix.org/wiki/Main_Page&t=Main Page

https link onion link Priority Support | Investors | Professional Support

Whonix | © ENCRYPTED SUPPORT LP | Heckert gnu.big.png Freedom Software / Osi standard logo 0.png Open Source (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

  1. Current practical, low-latency, anonymity designs like Tor fail when the attacker can see both ends of the communication channel (traffic going into and out of the Tor network). If you can see both flows [archive], simple statistics based on data volume and timing can determine whether they match up.
  2. In Qubes-Whonix ™, these VMs are named sys-whonix and anon-whonix, respectively.
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.