This page is archived.

https://anbox.io/ redirects to https://github.com/anbox which says it is deprecated.

Android OS Icon

Anbox allows Android applications and mobile games to run inside Whonix ™.

Introduction[edit]

Community Support Only!:
	`Community Support Only` means Whonix ™ developers are unlikely to provide free support for wiki chapters or pages with this tag. See Community Support for further information, including implications and possible alternatives.

Installation[edit]

To use Anbox with Whonix ™, apply the following steps.

1. Follow the general Kicksecure ™ specific instructions.

Since Whonix ™ is based on Kicksecure ™, the user can follow these instructions Anbox (links to the Kicksecure ™ website)

2. Follow Whonix ™ specific instructions.

3. Done.

Other Whonix ™ specific notices can be found below.

Anbox Configuration[edit]

Derivative Specific[edit]

Disabling Whonix-Workstation ™ Firewall is unfortunately required. Otherwise there would be no network access. ^[1]

Warning:

This reduces security! Especially when using multiple Whonix-Workstation ™ behind the same Whonix-Gateway ™.
- Still no risk of clearnet IP leaks. ^[2]

1. Inside Whonix-Workstation ™.

(Qubes-Whonix ™: inside StandaloneVM (better!) or Template).

sudo systemctl mask whonix-firewall

2. Disable systemcheck in Whonix-Workstation ™ Firewall.

Open file /etc/systemcheck.d/50_user.conf in an editor with root rights.

Non-Qubes-Whonix ™

This box uses sudoedit for better security.

Qubes-Whonix ™

NOTE: When using Qubes-Whonix ™, this needs to be done inside the Template.

Others and Alternatives

This is just an example. Other tools could achieve the same goal.
If this example does not work for you or if you are not using Whonix ™, please refer to this link.

sudoedit /etc/systemcheck.d/50_user.conf

Paste.

systemcheck_skip_functions+=" check_whonix_firewall_systemd_status "

Save.

3. Reboot.

This is required to unload Whonix-Workstation ™ firewall rules and to have Anbox load its firewall rules.

sudo reboot

Android x86 as a Workstation[edit]

There are both distinct advantages and disadvantages of running Android applications in Android x86 Workstation. ^[3]

Table: Android x86 Workstation Advantages and Disadvantages

Category	Notes
Bootloader / Ramdisk	It is possible to use Magisk to achieve root permissions and hide root from applications on Android x86. ^[4]
Flexibility	It is possible to use `adb` if Android x86 uses the same internal network as the Gateway and Workstation. ^[5] Root access - Android x86 has a pre-installed superuser binary and manager so root access works out of the box. Applications with root access will work without any additional setup.
Networking	Android x86 provides a virtual Wi-Fi interface (`wlan0`) so applications think that a real Wi-Fi connection is established (Anbox uses a bridge network interface).
Operating System	The full Android stack implemented as Android x86 is a full operating system which requires hardware virtualization.
Security	This configuration is less secure than utilizing a Whonix-Workstation ™. ^[6]
Software	Any version of Android from 4.x to 9.x can be installed.
Speed	This configuration is slower than anbox installation as Android x86 VM does not provide any type of Guest Additions meaning no graphic card drivers are supported.

To check running anbox within kicksecure (same applied for Whonix-Workstation ™) check Anbox inside Kicksecure ™ Advantages and Disadvantages

Forum Discussion[edit]

Footnotes[edit]

↑ This is because Anbox comes with its own bridged network. Whitelisting that interface in Whonix-Workstation ™ firewall is undocumented and might require source code modifications. Patches are Welcome.
↑
↑ https://forums.whonix.org/t/integrate-anbox-into-whonix-workstation/9642
↑ Some individuals have already achieved this.
↑ Also, it may be possible to run ssh-server on Whonix-Workstation ™ and connect the Android x86 through Termux or similar.
↑ Although it may have more flexibility, as static IP connections on the Android x86 Workstation have been accomplished.

Whonix ™ The most watertight privacy operating system in the world.

Donate

FREE · PLUS · PREMIUM Support

Dark mode

At Whonix we believe in freedom and trust. That's why we fully support Open Source and Freedom Software.

Whonix ™ is supported by Evolution Host DDoS Protected VPS.

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole. By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service , Privacy Policy , Cookie Policy , E-Sign Consent , DMCA , Imprint Whonix

ENCRYPTED SUPPORT LP, 2023

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!

[1] This is because Anbox comes with its own bridged network. Whitelisting that interface in Whonix-Workstation ™ firewall is undocumented and might require source code modifications. Patches are Welcome.

[2] 
Whonix ™ Security Overview

purpose of Whonix-Workstation firewall

technical details why firewall even without firewall Whonix ™ is still leak-proof

Forum discussion: When I turn off the Whonix-Workstation™ Firewall, am I still safe?

[3] Whonix ™ Security Overview

[4] urpose of Whonix-Workstation firewall

[5] technical details why firewall even without firewall Whonix ™ is still leak-proof

[6] Forum discussion: When I turn off the Whonix-Workstation™ Firewall, am I still safe?

[3] ttps://forums.whonix.org/t/integrate-anbox-into-whonix-workstation/9642

[4] Some individuals have already achieved this.

[5] Also, it may be possible to run ssh-server on Whonix-Workstation ™ and connect the Android x86 through Termux or similar.

[6] Although it may have more flexibility, as static IP connections on the Android x86 Workstation have been accomplished.

[1]

[2]

[3]

[4]

[5]

[6]

Anbox - Run Android Applications and Games

Contents

Introduction[edit]

Installation[edit]

Anbox Configuration[edit]