Last update: March 17, 2019. This website uses cookies. By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. More information

 Actions

Design and Goals


Introduction[edit]

Whonix ™ aims to preserve privacy and anonymity by helping users run applications anonymously. A web browser, IRC client, office suite, and more come pre-configured with security in mind.

Whonix ™ is a complete operating system. It consists of two virtual machines -- Whonix-Gateway ™ and Whonix-Workstation ™ -- which are designed to be used on a host operating system (OS). The host OS supporting Whonix ™ is usually the one installed on the user's computer, but OSes installed on external drives will also work. Users choose the preferred Whonix ™ configuration and may use either a Type I hypervisor (Qubes-Whonix ™), or a Type II hypervisor like KVM and Virtualbox.

Whonix ™ is Free Software and is based on Tor [1], Debian GNU/Linux [2], and the principle of security by isolation.

Security by Isolation[edit]

Whonix ™ is divided into two VMs: Whonix-Workstation ™ for work activities and Whonix-Gateway ™ to enforce all Internet traffic through the Tor network. [3] This security by isolation configuration averts many threats posed by malware, misbehaving applications, and user error.

Figure: Whonix ™ Operating System Design

Whonix concept refined.jpg

Online Anonymity via Tor[edit]

Whonix ™ relies on the Tor network to protect a user's anonymity online; all connections are forced through Tor or otherwise blocked. Tor helps to protect users by bouncing communications around a distributed network of relays run by volunteers all around the world. Without advanced, end-to-end, netflow correlation attacks, anybody watching a user's Internet connection cannot easily determine the sites visited, and those sites cannot learn the user's physical location. [4]

To learn more about Tor, read the official documentation on the Tor website:

Based on Debian[edit]


In simple terms, Whonix ™ is just a collection of configuration files and scripts. Whonix ™ is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Whonix ™. Likewise, most problems and questions can be solved in the same way. For example: "How do I install xrandr on Whonix ™?" -- "The same way as in Debian apt-get install xrandr". Whonix ™ does not break anything, limit functionality, or prevent installation of compatible software.

Whonix Version[edit]

Each Whonix ™ release is based on a particular version of Debian:

Whonix ™ version Debian Version Debian Codename
Whonix ™ 14.0.1.4.4 9 stretch

Users can manually check the Whonix ™ version at any time by following this step.

Release Schedule[edit]

Note that Whonix ™ does not have a fixed release schedule. A new stable release only becomes available when it is deemed ready. Interested users can query the Whonix ™ phabricator manifest [5] and release notes to track developer progress. Stay Tuned.

Support Schedule[edit]

Debian Hosts[edit]

New Debian Release

One month after a new stable version of Debian is released, Whonix ™ VMs may no longer be supported on any older version of Debian. All users need to upgrade the Debian platform promptly after the deprecation notice in order to use Whonix ™ safely.

New Whonix ™ Release

One month after a new stable version of Whonix is released, older versions will no longer be supported. All users need to upgrade the Whonix ™ platform promptly in order to remain safe.

Deprecation Notices

The deprecation notice is provided at least one month in advance and posted in the Whonix ™ News forum. Stay Tuned! All users need to upgrade the respective platform promptly in order to remain safe. [6]

Debian-based and Other Hosts[edit]

As per Debian Hosts.

Windows Hosts[edit]

The support schedule is mostly undefined at present, but likely to mirror Debian Hosts.

Qubes Hosts[edit]

Quote Qubes-Whonix ™ version support policy:

Whonix ™ is an advanced feature in Qubes OS. Those who wish to use it must stay reasonably close to the cutting edge by upgrading to new stable versions of Qubes OS and Whonix ™ TemplateVMs within a month of their respective releases. To be precise:

  • One month after a new stable version of Qubes OS is released, Whonix ™ TemplateVMs will no longer be supported on any older version of Qubes OS. This means that users who wish to continue using Whonix ™ TemplateVMs on Qubes must always upgrade to the latest stable Qubes OS version within one month of its release.
  • One month after new stable versions of Whonix ™ TemplateVMs are released, older versions of Whonix ™ TemplateVMs will no longer be supported. This means that users who wish to continue using Whonix ™ TemplateVMs on Qubes must always upgrade to the latest stable Whonix ™ TemplateVM versions within one month of their release.

We aim to announce both types of events one month in advance in order to remind users to upgrade.

Summary[edit]

Table: Whonix ™ Goals, Design and Limitations

Category Description
Whonix ™ is
  • A free and open operating system.
  • An anti-censorship tool.
  • The first step among many in hiding a user's identity.
Whonix ™ Helps to
  • Disguise a user's IP address.
  • Prevent ISP spying.
  • Prevent websites from identifying the user.
  • Prevent malware from identifying the user.
  • Circumvent censorship.
Whonix ™ is not * A one-click anonymization solution.

Next Steps[edit]

Learning more about Whonix ™ is the best way to determine whether it is a suitable solution in your personal circumstances. The following chapters are recommended:

  • The Warning page to understand the security limitations of Whonix ™ and Tor.
  • Further information about Whonix ™ Features.
  • The implied Trust placed in Whonix ™ when it is used.
  • The Security Guide, Advanced Security Guide and Design chapters detailing the Whonix ™ specifications, threat model and implementation.
  • Other relevant Documentation explaining how to use Whonix ™ safely.

Footnotes[edit]

  1. https://www.torproject.org/about/overview.html.en
  2. https://en.wikipedia.org/wiki/Debian
  3. In Qubes-Whonix ™, these VMs are named sys-whonix and anon-whonix, respectively.
  4. Current practical, low-latency, anonymity designs like Tor fail when the attacker can see both ends of the communication channel (traffic going into and out of the Tor network). If both flows are visible, simple statistics can determine whether they match up.
  5. For example, for the next release use the tag "Whonix ™ 15" and status "Open".
  6. This also relieves Whonix ™ developers from needing to diagnose and support old-stable versions of Qubes/Debian/Whonix ™, which duplicates the maintenance burden.

License[edit]

Whonix ™ About wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix ™ About wiki page Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.

Gratitude is expressed to JonDos for permission to use material from their website. (w) (w) [1] The "Summary of what Whonix ™ is" chapter of the Whonix ™ About wiki page contains content from the JonDonym documentation Features page.


No user support in comments. See Support.

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.


Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.


Random News:

Want to make Whonix safer and more usable? We're looking for helping hands. Check out the Open Issues and development forum.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.