Jump to: navigation, search

Browser Tests

Interpreting Test Results[edit]

Sites like whoer.net or ip-check.info are unable to really understand and show the way anonymity is accomplished when using the Tor Browser. What these sites do, is check whether things like cache, cookies, and perhaps others are enabled. If so, they give better results, as to when they are activated.

In the case of Tor Browser, it has the goal to separate cache, cookies, etc. by browser tab. And things are deleted after closing the browser. The thing is, that instead of making it impossible for sites to safe data temporarily, this is allowed, as to make using most sites possible in the first place. To still guarantee anonymity, it's the goal to make everyone using Tor Browser appear the same, thus rendering tracking based on the things these websites show you pointless.

Making Browsers Safer[edit]

Browser fingerprinting defenses are not perfect yet.[1] There are certainly too few volunteers working on seriously testing browsers and defeating browser fingerprinting. The key word is seriously.

When you are reading this page, it may be safe to make the assumption that you are interested to be more anonymous, i.e. to be less unique. If you are willing to seriously look into these issues - by all means - please help according to your skills. Testing, bug reporting or even bug fixing. If you are new to this stuff, you likely will require at least half an hour per message / identifier to learn if the result you found on let's say browser test website or some log file etc. is a:

  • false positive
  • regression
  • known issue or
  • unknown issue.

None of the Leak Testing Websites running inside Whonix-Workstation was ever able to find out the real external clearnet IP address, even if (recommended against for fingerprinting issues) plugins, flash and/or java are activated. Messages such as "Something Went Wrong! Tor is not working tin this browser." [2] (from about:tor) or "Sorry. You are not using Tor." (from check.torproject.org) are in most cases non-issues. If you could find out your real external IP address from inside Whonix-Workstation, then we really would have found or a real issue. Otherwise not.

What however is not helpful at all is asking questions in forums, issue trackers and on mailing lists all over the place with stuff that has already been discussed, that are either known issues or false positives. Please search first. Otherwise that would only worsen the noise to signal ratio and hinder actual improvement. You don't want this, otherwise this would violate the above assumption.

If you consider it a Whonix specific issue, please make sure you have understood Whonix Free Support Principle first.



  • Please don't post any "Sorry. You are not using Tor." questions unless you are really sure it is not a false positive.
  • Most likely a false positive.
    • When you see this when using Whonix, probably everything is okay. You can make sure everything is okay if you want.
    • https://check.torproject.org (check.tpo) fails in some cases to detect Tor exit relays. It's a bug in check.tpo, which The Tor Project should fix. Whonix can do nothing about it.
    • If it is not your real external clearnet IP address, then there is no need for concern. You can find out your real external clearnet IP address by visiting some IP check website from your host or a non-Tor virtual machine.
    • ExoneraTor is a website hosted by The Tor Project that tells you whether a given IP address was a Tor relay on a specified date. Use it. (using Tor Browser on the host)








EFF's panopticlick - to find out what this means (not) for Tor Browser, make sure to read the following blog post by The Tor Project, EFF's Panopticlick and Torbutton.


Fingerprint Central differs from Panopticlick in that its dedicated to testing discrepancies between Tor Browser instances only. The code[3][4] can also be run locally to help Tor Browser developers rapidly prototype defenses.

Other Services[edit]


See Also[edit]


  1. See tbb-linkability and tbb-fingerprinting.
  2. 2.0 2.1 https://forums.whonix.org/uploads/default/original/1X/c2c9bb5dc7efee7a933dd00d3bf0c30c29c99daa.png
  3. https://github.com/plaperdr/fp-central
  4. https://lists.torproject.org/pipermail/tor-dev/2016-July/011233.html
  5. https://github.com/plaperdr/fp-central

Random News:

Interested in becoming an author for the Whonix blog or writing about anonymity, privacy and security? Please get in touch!

Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, the content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.