Whonix ™ Variants

From Whonix


Comparison of Different Whonix ™ Variants[edit]

The security and usability of the Whonix ™ platform is significantly affected by the hardware and virtualization configuration, and whether a Whonix-Custom-Workstation ™ is created. Qubes-Whonix ™ is currently recommended as providing the best combination of security and usability, although it has strict hardware requirements [archive].

Virtualization and Hardware Configurations[edit]

Table: Whonix ™ Platform Comparison

Variant Systems Number of systems Security Usability
Standard Binary Download host + VM + VM 2 Basic Easy to redistribute and install
Physical Isolation with Bare-metal Gateway host + VM + host 3 Equivalent to the standard binary download Difficult to install and for advanced users only
Physical Isolation with Virtualized Gateway host + VM + host + VM 4 Higher attack surface Easier to deploy. Four operating systems must be kept updated
Physical Isolation without any Virtualization host + host 4 Nearly the same as standard Physical Isolation. [1] Without virtual machines, there is no protection against hardware fingerprinting Difficult to install and for advanced users only
Qubes dom0 + VM + VM 3 Better compartmentalization. See: Why use Qubes over other Virtualizers? Best
OneVM [archive] (ignore page title) host + VM 2 Deprecated. -
UniStation host 1 Proof of concept only. -

Virtual machines can provide the following security-related features:

  • Network isolation: Connections can easily be forced through Tor.
  • Hardware isolation: Unique hardware serials can be hidden.
  • Roll back feature: Users can revert to clean and/or working snapshots.
  • Multi-level security: Multiple clones / VMs / DisposableVMs provide significant protection.

In comparison, live CDs provide:

  • Non-persistence: This increases safety in the event of a software compromise. [2]
  • Anti-forensics capability and plausible deniability: If the computer is powered down and RAM has faded or been wiped, remnants of critical information like encryption keys should be impossible to retrieve.
  • Update issues: It is difficult to roll out security updates and maintain a fully up-to-date system.

Operating System Configurations[edit]

Whonix ™ provides multiple operating system options:

  • Debian buster GNU/Linux: The Default-Download-Version is recommended for most users.
  • Other Operating Systems: Windows, FreeBSD, other GNU/Linux, and Android Whonix-Custom-Workstation ™ are possible.

Info Users should refer to Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™ before choosing this option. A number of anonymity protections must be manually configured in Whonix-Custom-Workstation ™.

Security Comparison: Whonix ™-Download-Workstation vs. Whonix ™-Custom-Workstation[edit]

See Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™. Unless otherwise stated, the documentation and design refers to the Default-Download-Version.



  1. For further discussion of this issue, see: More or Less Protection inside a VM? [archive]
  2. Unless sophisticated and targeted malware manages to leverage the exploit, leading to a compromise of firmware or other persistent systems (like BIOS).

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Comparison of different Whonix variants&body= link= of different Whonix variants link= of different Whonix variants link= of different Whonix variants%20 of different Whonix variants

Please contribute by helping to answer Whonix ™ questions.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2021 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.