Basic Security Guide Introduction
Users need to understand that Whonix and all general software cannot guarantee absolute anonymity or security; 'perfect security' is a mirage. The reason is flaws in hardware and software are ever-present, as continual upgrades and patches inevitably introduce further coding  or design errors which attackers of varying skill can profit from. As a consequence, the best approach is to try and mitigate risk exposure and provide defense in depth.  
With this understanding, a material improvement in security and anonymity requires 'raising the bar' against potential attackers and eavesdroppers: 
Security is a process, not a product. It is also about economics. Briefly explained, each attacker has a set of capabilities, privileges, and a certain amount of budget, time and motivation. Given enough of these resources, security of any process will fail; the goal when securing a system is to add layers of security that make attacks too expensive. Nation-state actors have massive budgets, and no single system can be made secure enough against targeted attacks. However, if widely deployed, systems that cannot be compromised with automated attacks, increase the attacker's cost linearly and thus force the attacker to pick targets. Such systems are the only way to make mass surveillance infeasibly expensive.
In the case of Whonix, users can increase their relative security and anonymity by utilizing the Whonix split-VM design (particularly Qubes-Whonix), hardening the platform as much as possible, and adopting online behaviors which minimize the threat of deanonymization. If users are unfamiliar with Whonix / Linux or have limited knowledge of computer security and anonymity topics, then it is recommended to first read these resources:
- The Computer Security Education section
- Tips on Remaining Anonymous
- Post-installation Security Advice
- Surfing, Posting and Blogging
If users have more time available, it is recommended to read the Documentation widely.
If you need motivation to secure your computer, refer to these articles:
- The Scrap Value of a Hacked PC, Revisited (blog post).
- The Value of a Hacked Email Account (blog post).
US journalist and investigative reporter Brian Krebs notes there are a large number of malicious uses for hacked PCs, including ransomware, bot activity, stolen account credentials, webmail spam and much more.
Table: Value of a Hacked PC 
|Web Server||Phishing, malware download site |
Warez/privacy, child pornography server
|Email Attacks||Webmail spam
Stranded abroad advance scams
|Virtual Goods||Online gaming characters, goods/currency
OS and PC game license keys
|Reputation Hijacking||Facebook, Twitter, LinkedIn, Google|
|Bot Activity||Zombies: spam, DDoS extortion, click fraud and CAPTCHA-solving
|Account Credentials||eBay/Paypal fake auctions
Online gaming, website FTP, Skype/VOIP credentials
|Financial Credentials||Bank account and credit card data
Stock trading account
|Hostage Attacks||Fake anti-virus
Ransomware and email account ransom
Hacked Email Account
Krebs also notes the significant value of a hacked email account. Just one breach of an online email service permits the theft of valuable personal data, account/contact harvesting, re-sale of retail accounts, spam and much more. An email account is a particularly weak link, since once under the attacker's control they can reset the password, along with the passwords of many linked services and accounts.
Table: Value of a Hacked Email Account 
|Privacy||Your messages, calendar, photos, Google/Skype chats
Call records (+ mobile account)
|Retail Resale||Facebook, Twitter, Tumbler, Macys, Amazon, Walmart
i-Tunes, Skype, Bestbuy, Spotify, Hulu+, Netflix
Email account ransom
|Harvesting||Email, chat contacts
File hosting accounts
|Employment||Forwarded work documents and work email
Fedex, UPS, Pitney Bowes account
Advanced Security Guide
After reading this chapter, users are recommended to refer to the Advanced Security Guide section for even more security advice.
It is recommended that users read the latest Whonix news to stay in touch with ongoing developments, such as notifications about important security vulnerabilities, improved Whonix releases, other software updates and additional advice.
- Similarly, anonymity is a continual process -- not an end destination -- that is informed by new knowledge that is constantly gathered.
- Security bugs generally fall into two categories: those which pose a passive threat due to eventual erroneous behavior, and the introduction of accidental vulnerabilities that are exploitable with malicious inputs.
- Schneier also notes several other security principles: limit privilege, secure the weakest link, use choke points, fail securely, leverage unpredictability, enlist the users, embrace simplicity, detect attackers, respond to attackers, be vigilant, and watch the watchers.
- https://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/ Figure 1.
- https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/ Figure 1.
No user support in comments. See Support.
Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix is a trademark. Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix itself. (Why?)