Actions

Whonix ™ Variants

From Whonix


Plate-526603640.jpg

Comparison of Different Whonix ™ Variants[edit]

The security and usability of the Whonix ™ platform is significantly affected by the hardware and virtualization configuration, and whether a Whonix-Custom-Workstation ™ is created. Qubes-Whonix ™ is currently recommended as providing the best combination of security and usability, although it has strict hardware requirements [archive].

Virtualization and Hardware Configurations[edit]

Table: Whonix ™ Platform Comparison

Variant Systems Number of systems Security Usability
Standard Binary Download host + VM + VM 2 Basic Easy to redistribute and install
Physical Isolation with Bare-metal Gateway host + VM + host 3 Equivalent to the standard binary download Difficult to install and for advanced users only
Physical Isolation with Virtualized Gateway host + VM + host + VM 4 Higher attack surface Easier to deploy. Four operating systems must be kept updated
Physical Isolation without any Virtualization host + host 4 Nearly the same as standard Physical Isolation [1] Without virtual machines, there is no protection against hardware fingerprinting Difficult to install and for advanced users only
Qubes dom0 + VM + VM 3 Better compartmentalization. See: Why use Qubes over other Virtualizers? Best
OneVM [archive] (ignore page title) host + VM 2 Deprecated -
UniStation host 1 Proof of concept only -

Virtual machines can provide the following security-related features:

  • Network isolation: Connections can easily be forced through Tor.
  • Hardware isolation: Unique hardware serials can be hidden.
  • Roll back feature: Users can revert to clean and/or working snapshots.
  • Multi-level security: Multiple clones / VMs / DisposableVMs provide significant protection.

In comparison, live CDs provide:

  • Non-persistence: This increases safety in the event of a software compromise. [2]
  • Anti-forensics capability and plausible deniability: If the computer is powered down and RAM has faded or been wiped, remnants of critical information like encryption keys should be impossible to retrieve.
  • Update issues: It is difficult to roll out security updates and maintain a fully up-to-date system.

Operating System Configurations[edit]

Whonix ™ provides multiple operating system options:

  • Debian buster GNU/Linux: The Default-Download-Version is recommended for most users.
  • Other Operating Systems: Windows, FreeBSD, other GNU/Linux, and Android Whonix-Custom-Workstation ™ are possible.

Info Users should refer to Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™ before choosing this option. A number of anonymity protections must be manually configured in Whonix-Custom-Workstation ™.

Security Comparison: Whonix ™-Download-Workstation vs. Whonix ™-Custom-Workstation[edit]

See Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™. Unless otherwise stated, the documentation and design refers to the Default-Download-Version.

Old[edit]

Footnotes[edit]

  1. For further discussion of this issue, see: More or Less Protection inside a VM? [archive]
  2. Unless sophisticated and targeted malware manages to leverage the exploit, leading to a compromise of firmware or other persistent systems (like BIOS).


Fosshost is sponsors Kicksecure stage server Whonix old logo.png
Fosshost About Advertisements

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Comparison of different Whonix variants&body=https://www.whonix.org/wiki/Comparison_of_different_Whonix_variants link=https://reddit.com/submit?url=https://www.whonix.org/wiki/Comparison_of_different_Whonix_variants&title=Comparison of different Whonix variants link=https://news.ycombinator.com/submitlink?u=https://www.whonix.org/wiki/Comparison_of_different_Whonix_variants&t=Comparison of different Whonix variants link=https://mastodon.technology/share?message=Comparison of different Whonix variants%20https://www.whonix.org/wiki/Comparison_of_different_Whonix_variants&t=Comparison of different Whonix variants

Want to help create awesome, up-to-date screenshots for the Whonix ™ wiki? Help is most welcome!

https link onion link Priority Support | Investors | Professional Support

Whonix | © ENCRYPTED SUPPORT LP | Heckert gnu.big.png Freedom Software / Osi standard logo 0.png Open Source (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.