Jump to: navigation, search

Comparison with Others

Introduction[edit]

This page contains a detailed comparison of Whonix, Tails, Tor Browser, Qubes OS TorVM and corridor. Although Qubes' TorVM -- a dedicated ProxyVM providing torified networking to all clients -- is now deprecated, it has been kept for comparison purposes since it acted like Whonix-Gateway (sys-whonix). [1]

If any incorrect or outdated information is noted, the reader can either directly edit this page, or contact us and we will correct it as soon as possible. Also see the statement about the neutrality of this page.

Last update[edit]

Table: Comparison Information Currency

Whonix Tails Tor Browser Qubes OS TorVM corridor (tor-talk)
Compared Version [2] 13 2.4 6.0 0.1.3  ?
Latest Version [3] 13.0.0.1.4 3.7 7.5.5 0.1.3  ?
Status This wiki page is up to date This wiki page is up to date This wiki page is up to date This wiki page is up to date This wiki page is up to date

General[edit]

Table: General Factors

Whonix Tails Tor Browser Qubes OS TorVM corridor
Focus on anonymity, privacy and security Yes Yes Yes Yes Yes
Type General purpose OS available as VM images and physical isolation Live DVD / Live USB / Live SDCard Portable browser General purpose OS, VM plugin for Qubes OS Tor traffic whitelisting gateway
Supported hardware x86 compatible and/or Virtual Machines + [4] x86 compatible and/or Virtual Machines Windows, Linux, Mac and Virtual Machines Any capable of running Qubes OS, see: System Requirements and HCL Any Linux (?)
Based on Tor, Debian [5] and a Virtualizer [6] when not using Physical Isolation Tor, Debian Tor, Firefox Tor, Qubes OS, Fedora iptables, sh
Gateway and torify any operating system [7] Yes [8] Not a torifying Gateway Not a torifying Gateway Yes [9] Not a torifying Gateway
Live DVD No Yes No No No
Live USB No Yes No No No
USB bootable Yes [10] Yes Yes [10] Yes [10] Yes [10]
USB installer feature No [11] Yes [12]  ? Yes No
Requires VirtualBox [13] No No No No No
Requires VMware [13] No No No No No
Requires Qubes OS [13] No No No Yes No
System requirements Higher Lower Lowest Highest Lowest
Can run in VirtualBox Yes Yes, but not recommended. [14] Well documented [15] Yes, but (?) No [16] No
Can run in VMware Yes, but not recommended and unsupported [17] Yes, but not recommended [14] Yes, but (?) No [18] No
Can run in Qubes OS Yes [19] Yes [20] Probably yes, but without security features provided by an Isolating Proxy Yes Yes
Persistence [21] Full Optional for Live USB Yes [22] Full Full
Number of developers Multiple [23] Multiple Multiple Multiple One
Maturity Project since 2012 Project since 2009 [24] Project since 2002 [25] Project since 2012 (now deprecated) Project since 2014
Open source Yes Yes Yes Yes Yes
Non-anonymous developers [26] Yes No Yes Yes No (?)

Security[edit]

Network[edit]

Table: Network Security

Whonix Tails Tor Browser Qubes OS TorVM corridor
Responsibility for building Tor circuits Tor client running on Whonix-Gateway Tor client running on workstation Tor client running on workstation Tor client running on TorVM (Gateway) Tor client running behind corridor-Gateway
Protection against IP address / location discovery [27] on the Workstation [28] Yes [29] No [30] No [30] Yes No [31]
IP / DNS protocol leak protection Full [32] Depends [33] Depends [33] Full Depends
Workstation does not need to trust the Gateway No Not a gateway Not a gateway No Yes
Takes advantage of entry guards [34] Yes No [35] Yes Yes Not applicable [36]

Stream Isolation[edit]

Table: Stream Isolation

Whonix Tails Tor Browser Qubes OS TorVM corridor
Stream isolation [37] Yes [38] Yes [39] Yes [40] [41] Manually [42] Yes
Enforces stream isolation when one of X Workstations behind the same Gateway is compromised in the default configuration [43] Not a gateway Not a gateway Yes [46] Yes [36]
Stream isolation in Tor Browser Yes Yes Yes  ?  ?

Updates[edit]

Table: Updates

Whonix Tails Tor Browser Qubes OS TorVM corridor
Operating system updates Persist once updated Incremental upgrades [47] Persist once updated Persist once updated Persist once updated
Update notifications Yes [48] Yes Yes Yes  ?
Important news notifications Yes [49] Yes [50]  ? [51]  ?  ?
apt-get unreliable exit code security workaround [52] Yes [53]  ?  ?  ?  ?

Hardware Serials[edit]

Table: Hardware Serials

Whonix Tails Tor Browser Qubes OS TorVM corridor
Hides hardware serials from malicious software with default settings Yes [54] No [55] No [55] Yes No [55]
Hides hardware serials from malicious software when additional hardware is assigned No No No No No
No collection of hardware serials Yes Yes Yes Yes Yes
Hides the MAC address from websites Invalid [56] Invalid [56] Invalid [56] Invalid [56] Invalid [56]
Hides the MAC address from the local LAN [57] No, see footnote [58] Yes [59] No Yes, but not enabled by default [60] Not applicable
Hides the MAC address from applications Yes [61] No No Yes, by default, unless...[62] Not applicable
Defeats advanced Wi-Fi device tracking [63] [64] No [65] [66] No No No [67] Not applicable

Forensics[edit]

Table: Forensic Issues

Whonix Tails Tor Browser Qubes OS TorVM corridor
Amnesic Yes [70] No [71]  ? [72] Not applicable [73]
Local disk encryption Should be applied on the host Yes, for a persistent USB Should be applied on the host Should be applied on the host Should be applied on the host
Cold boot attack protection [74] No - should be applied on the host Yes No - should be applied on the host No, planned [75] No - should be applied on the host

Verifiable Builds[edit]

Table: Verifiable Builds Comparison

Whonix Tails Tor Browser Qubes OS TorVM corridor
Deterministic builds [76] No No (planned) [77] Yes [78] No Not applicable [79]
Based on a deterministically built [76] operating system No [80] No [80] Not applicable No [80] No [80]
Verifiably no backdoor in the project's own source code Invalid [81] Invalid [81] Invalid [81] Invalid [81] Invalid [81]
Verifiably vulnerability-free No [82] No [82] No [82] No [82] No [82]
Verifiably no hidden source code [83] in upstream distribution / binaries [84] No [85] No [85] No [85] No [85] No [85]
Project's binary builds are verifiably created from project's own source code (no hidden source code [83] in the project's own source code) No (deprecated) [86] No Yes No Not applicable [79]

Fingerprint[edit]

Table: Fingerprinting Issues

Whonix Tails Tor Browser Qubes OS TorVM corridor
Network / web fingerprint Whonix fingerprint page Tails fingerprint page TBB traffic is tunneled through Tor. Host traffic passes over clearnet  ?  ?
Network fingerprint: ISP cannot trivially guess the project type [87] Yes Yes Yes No [88] Yes
Network fingerprint: ISP cannot guess that a non-persistent Tor directory is in use Yes No [89] Yes Yes Yes
Clearnet traffic All Whonix-Gateway and Whonix-Workstation traffic is tunneled through Tor. Host traffic [90] uses clearnet None, unless other users sharing the same internet connection are not using Tails TBB traffic is tunneled through Tor. Host traffic [91] uses clearnet The gateway is not torified, therefore emitting clearnet traffic [92] The gateway is not torified, therefore emitting clearnet traffic
Network fingerprint: ISP cannot guess which anonymity software is in use due to the ratio of Tor and clearnet traffic Unknown [93] The ISP can guess a Tor live system is in use, unless... [94]  ? Not applicable [95]  ?
Network fingerprint: ISP cannot guess which anonymity software is in use because of tordate [96] Yes, does not include tordate No, if the clock is grossly inaccurate when booting [96] No, not an operating system Yes, does not include tordate Yes, does not include tordate
Web fingerprint [97] Same as TBB [98] Not the same as TBB [99] TBB [100] Does not include Tor Browser [101] [102] Not applicable
Unsafe browser fingerprint [103] [104] [105]  ?  ?  ?
Network time synchronization runs at randomized times during the session Yes [106] [107] Does not continuously run network time synchronization Not an operating system, does not include network time synchronization Does not include network time synchronization Does not include network time synchronization
Connection wizard prevents unwanted / accidental connections to the public Tor network [108] Yes Yes  ?  ?  ?
Includes Tor Browser from The Tor Project Yes Yes + patches Yes No No
Privacy-enhanced browser [109] Yes, Tor Browser Yes, Tor Browser + patches [110] [99] Yes, Tor Browser No Not applicable
Secure distributed network time synchronization Yes [111] Yes [112] No No No
Hides the time zone (set to UTC) Yes Yes Yes No Not applicable
Hides the operating system account name [27] [28] [113] Yes, set to user Yes, set to amnesia No Yes, set to User Not applicable
Secure gpg.conf [114] [115] Yes Yes Not an operating system Not an operating system Not an operating system
Privacy-enhanced IRC client configuration Yes Yes Not an IRC client Not an operating system Not an IRC client

Miscellaneous[edit]

Table: Miscellaneous Issues

Whonix Tails Tor Browser Qubes OS TorVM corridor
A warning appears when run in an unsupported / unrecommended virtualizer Yes Yes Unnecessary (?) Invalid (?) [116] Not applicable
Security and anonymity check Yes [117]  ?  ?  ?  ?
AppArmor [118] is enabled by default Yes [119]  ?  ?  ?  ?
AppArmor profiles are enabled by default Partial [120] Yes (?)  ?  ?  ?

Flash / Browser Plugin Security[edit]


Table: Flash and Browser Plugins Security

Flash Tracking Technique Whonix-Workstation Tor on the Host
Proxy bypass IP leak Protected Insecure, leads to deanonymization
Protocol IP leak Protected Insecure, leads to deanonymization
Flash cookies Reduces anonymity to pseudonymity. It is recommended to delete Flash cookies Flash activity over clearnet and Tor can be linked, which leads to deanonymization (or a significant reduction in the anonymity set) if the skew is large and rare. Flash is also useful for additional fingerprinting, which has an adverse impact [122]
Number of installed fonts The number of fonts inside Whonix-Workstation (anon-whonix) and the host (clearnet) operating system will differ, which is good for anonymity The same fonts are reported for both clearnet and Tor Flash activity, which is harmful to anonymity [122]
Exact flash player version The Flash version is shared among many users, [123] which is good for anonymity, since it reduces the impact of fingerprinting. The version is also probably different from the host (clearnet) operating system, which is beneficial The same version is reported for Flash activity over both clearnet and Tor, which is harmful to anonymity [122]
GNU/Linux kernel version This version is shared among many people, [123] which is good for anonymity, since it reduces the impact of fingerprinting The same version is reported for Flash activity over both clearnet and Tor [122]
Language Set to en_US for all Whonix users Set to the user's local language setting. This is useful for fingerprinting, since it leads to anonymity set reduction [122]
Exact date and time This differs from the host (clearnet) operating system, which is beneficial (see TimeSync for details) The same time / clockskew is reported for both clearnet and Tor Flash activity, which is harmful to anonymity [122]
Exact screen resolution and DPI  ? The same screen resolution and DPI is reported for both clearnet and Tor use, which is harmful to anonymity [122]
Full path to the Flash plugin This is shared among many people, [123] which is good for anonymity Depends on the host (clearnet) operating system. In the worst case it could contain the operating system user name, which is fatal if it is the user's actual name. The same path to the Flash plugin is reported for both clearnet and Tor use, which is harmful to anonymity [122]
Other factors [124] Assume reduction from anonymity to pseudonymity Greater possibilities for fingerprinting and linkage of activities, which is harmful to anonymity [122]
Conclusion A user's IP address / location / identity will remain hidden inside Whonix-Workstation (anon-whonix), but it is assumed to be pseudonymous rather than anonymous Flash over Tor -- on the host, without software like Whonix -- is completely unsafe. If Flash is ever used over clearnet, linkage of activities is possible. In the worst case scenario, assume the strong Flash fingerprint can lead to full deanonymization

For further information about using Flash and other browser plugins in Whonix, see here.

Attacks[edit]

Circumventing Proxy Obedience Design[edit]

Introduction[edit]

This section presupposes the user is familiar with:

  • The security comparison of different Whonix variants.
  • Unsafe Browser: Tails and Liberte Linux package a so-called "Unsafe Browser". The Unsafe Browser does not use Tor, but instead connects in the clear. It is useful for hotspot registration or for viewing clearnet content without Tor.
  • Feasible exploits against a physically isolated Whonix-Gateway: this is difficult when the Whonix-Gateway is running in a bare metal configuration. The reason is that only Whonix-Workstation has access to Tor running on Whonix-Gateway. [125]


Whonix protects against discovery of a user's IP address / location via a successful root exploit (Malware with root rights) on the Whonix-Workstation (anon-whonix). [28] Users should not deliberately test this feature and risk becoming infected with malware, since all the data inside Whonix-Workstation (anon-whonix) would become available to the attacker.

Whonix is not a perfect or unbreakable system, nor can it ever be. However, Whonix does raise the bar for attackers, meaning greater effort and skill is needed to discover the user's real IP address and successfully deanonymize them. The following table summarizes the defense-in-depth provided by the Whonix design.

Terms that are used in the following table are defined below:

  • TBB: Tor Browser Bundle.
  • Fail: the IP address / location of the user is compromised.
  • Safe: the IP address / location of the user is hidden behind Tor.

Overview[edit]

Table: Proxy Circumvention Threats

Attack Whonix Default Whonix Physical Isolation Tails Tails in a VM TBB TBB in a VM Qubes OS TorVM corridor
1. Proxy bypass IP leak [126] Safe [127] Safe [127] Safe [127] Safe [127] Fail Fail Safe Safe
2. Protocol IP leak [128] Safe [129] Safe [129] Fail Safe [130] Fail Safe [130] Safe Safe [130]
3. Exploit + Unsafe Browser [131] Safe Safe Fail Fail Fail Fail Safe Fail
4. Exploit + root exploit + Unsafe Browser [132] Safe Safe Fail Fail Fail Fail Safe Fail
5. Root exploit + Unsafe Browser [133] Safe Safe Fail Fail Fail Fail Safe Fail
6. Exploit + VM exploit + Unsafe Browser [134] Fail Safe Fail Fail Fail Fail Fail Fail
7. Exploit + VM exploit + exploit against physically isolated Whonix-Gateway [135] Fail Fail Fail Fail Fail Fail Fail Fail
8. VM exploit [136] Fail Safe Safe Fail Safe Fail Fail, see [137] Fail
9. VM exploit + exploit against physically isolated Whonix-Gateway [138] Fail Fail Safe Fail [139] [140] Safe Fail [139] [140] Fail, see [137] [139] [140] Fail
10. Exploit against Tor process [141] Fail [142] Fail [142] Fail Fail Fail Fail Fail Fail
11. Attack against the Tor network [143] Fail Fail Fail Fail Fail Fail Fail Fail
12. Backdoor [144] [76] Fail Fail Fail Fail Fail Fail Fail Fail
13. Hidden service domain name security after server software exploit Safe [145] Safe [145] Fail [146] Fail [147] Not an operating system Not an operating system  ? [148] Fail

Network Time-related[edit]

Introduction[edit]

This section presupposes the user is familiar with:


Terms that are used in the following table are defined below:

  • (VM host) update/crypto block: prevention of (VM host) operating system updates and cryptographic verification such as TLS / SSL in the (VM host) browser.
  • u/c-block: update/crypto block.
  • Tor blocked: prevention of connections to the Tor network until the clock is manually fixed.
  • Big clock skew: more than 1 hour in the past or more than 3 hours in the future. [149]
  • Small clock skew: less than 1 hour in the past or less than 3 hours in the future. [149]

Overview[edit]

Table: Network Time-related Issues

Whonix Default Whonix Physical Isolation Tails Tails in a VM TBB TBB in a VM Qubes OS TorVM
VM host time synchronization mechanism NTP Gateway: there is no VM host. Workstation host: NTP There is no VM host. Same as the operating system synchronization mechanism NTP There is no VM host NTP NTP
Operating system synchronization mechanism sdwdate sdwdate tordate and tails_htp tordate and tails_htp NTP NTP  ?
Effect of a grossly inaccurate clock Tor blocked Tor blocked tordate fixes the clock tordate fixes the clock Tor blocked Tor blocked Tor blocked
VM host time differs from operating system time Yes [150] Yes [150] There is no VM host Yes [151] No [152] Possibly [153] No
Unsafe browser time differs from torified browser time [154] Yes [150] Yes [155] No [156] No [156] No [152] Possibly [153] No
Large clock skew attack against NTP [157]: VM host effects u/c-block VM host u/c-block There is no VM host VM host u/c-block There is no VM host VM host u/c-block u/c-block
Large clock skew attack against NTP [157]: operating system effects Tor blocked Tor blocked [158]; tordate fixes the clock skew [158]; tordate fixes the clock skew Tor blocked; u/c block Tor blocked; u/c block Tor blocked
Fingerprintable reaction [159] when a large clock skew attack is used No, fails identically to TBB No, fails identically to TBB Probably yes, see the fingerprint section above Probably yes, see the fingerprint section above TBB TBB No
Small clock skew attack against NTP [157], VM host effects: VM host u/c block (?) VM host u/c block (?) There is no VM host VM host u/c block (?) VM host u/c block (?) VM host u/c block (?) VM host u/c block (?)
Small clock skew attack against NTP [157], operating system effects: Whonix VMs: sdwdate fixes the clock skew sdwdate fixes the clock skew VM: tails_htp fixes the clock skew tails_htp fixes the clock skew If the user visits a page monitored by an adversary, they will know who is connecting [160] If the user visits a page monitored by an adversary, the will know who is connecting [160] If the user visits a page monitored by an adversary, they will know who is connecting [160]

Usability[edit]

Table: Overall Usability

Whonix Tails Tor on the Host Qubes OS TorVM corridor
Difficulty: installing additional software while the IP address remains hidden [161] Easy [162] Moderate [163] Difficult [164] Easy Moderate
Difficulty: installation of the base anonymity software Easy Easy Easy Difficult [166]
Required knowledge to prevent serious user error [167] Difficult Difficult Difficult Difficult Difficult
Pre-installed applications Wide selection Wide selection None Not applicable Not applicable
Grossly inaccurate host clock No connection to the Tor network until the clock is manually fixed Uses tordate to fix the clock No connection to the Tor network until the clock is manually fixed No connection to the Tor network until the clock is manually fixed  ?
Comprehensive documentation Yes [168] Yes [169]  ?  ?  ?
Disable power savings in VMs Yes [170] No, but there is no sleep mode  ?  ?  ?

Features[edit]

Table: Features

Whonix Tails Tor Browser Qubes OS TorVM
Default desktop GNOME Whatever the user has installed. Not an operating system KDE or Xfce4
Multi language support No Yes Yes  ?
Fits on a DVD No Yes Not an operating system  ?
VPN support: user -> VPN -> Tor -> destination Manual configuration is required [172] No [173] Possibly can be manually installed (?) Yes
VPN support: user -> Tor -> VPN -> destination Manual configuration is required [172] No [173]  ? Yes [174]
VPN support: user -> VPN -> Tor -> VPN -> destination Manual configuration is required [172] No [173]  ? Yes
IRC client pre-configured for privacy Yes (HexChat) Yes (Pidgin) [175] Not an operating system No
Flash support Manual installation is required [176] No, but HTML5 videos are functional [177] Manual installation is required  ?
Mixmaster over Tor Yes [178] No Not an operating system No
Ricochet IM[179] [101] Manual installation is required [180] Unsupported, but can be manually installed [181] Not applicable  ?
FTP support Partial [182] No (?) [183] Not an operating system  ?
Download manager Manual installation is required [184] Manually installation is required [185]  ?  ?
Webmail can be used in the browser Yes Yes Yes Yes
Email client Mozilla Thunderbird with TorBirdy and Enigmail [186] Thunderbird  ?  ?
Hidden service support Manual configuration is required [187] Manual configuration is required [188]  ?  ?
Hidden server configuration GUI No No [189]  ?  ?
Support for free Wi-Fi hotspots Yes [190] Yes [191] Yes [192]  ?
Works on 32-bit PCs Yes Yes Yes No [193]
Works on 64-bit PCs Yes Yes Yes Yes
32-bit builds Yes Yes Yes No [193]
64-bit builds Can be manually created [194] [195] No Yes  ?
64-bit builds can be created from source code Yes [195]  ?  ? Yes [196]
Host kernel
  • Non-Qubes-Whonix: any kernel can be used that supports VirtualBox or KVM
  • Qubes-Whonix: n/a - the bare metal hypervisor uses Qubes' default kernel
  • Physical isolation: not applicable
  • When using VMs, any supported virtualizer
  • When not using VMs, not applicable
 ?  ?
i486 kernel for compatibility Yes Yes Not an operating system. Depends on the user's base platform No
686-pae Kernel Yes Yes Not an operating system. Depends on the user's base platform  ?
64-bit kernel Manual installation is required or a 64-bit build can be manually created [195] No Not an operating system. Depends on the user's base platform  ?
Kernel auto-detection during boot No Yes Not applicable - not a distribution  ?
Video / streaming software Manual installation is required Some applications are included, more can be manually installed Not an operating system Manual installation is required
Control port filter proxy Yes [197] No No No
TBB about:tor success message Yes  ?  ?  ?
Functional new identity option in Tor Button Yes [198] Yes [199] [198] Yes [198]  ?
Default browser set to Tor Browser Yes Yes (?) Not applicable  ?
File / link open confirmation Yes  ?  ?  ?
I2P over Tor Manual installation and configuration is required [200]  ? Not an operating system Manual installation is required (?)
JonDonym over Tor Manual installation is required [201]  ? Not an operating system Manual installation is required (?)
RetroShare over Tor Manual installation is required [202]  ? Not an operating system Manual installation is required (?)
Shared folder help Yes [203] [204] [205]  ?  ?  ?
Higher boot resolution Yes [206]  ?  ?  ?
Verbose boot output Yes [207]  ?  ?  ?
RAM-adjusted desktop starter Yes [208][209]  ?  ?  ?

Circumvention[edit]

Table: Censorship Circumvention Options

Whonix Tails Tor Browser Qubes OS TorVM corridor
obfs2 Yes [210] Yes Yes  ?  ?
obfs3 Yes [210] Yes Yes  ?  ?
obfs4 Yes [210] Yes Yes  ?  ?
Flash proxy bridges Untested [210] No Yes  ?  ?
meek No [211] No Yes  ?  ?
Snowflake No [212] No Yes  ?  ?
Other Censorship Circumvention Tools  ?  ?  ?  ?  ?

Conclusion[edit]

Each anonymity-focused software platform / application considered in this comparison has a different threat model, implementation, and use case. Further, the design and developer road map decisions are influenced by disparate philosophies and political views.

Objectively speaking, it is difficult to state that any one specific platform or tool is superior in all regards and circumstances. For instance, a simple analysis might conclude:

  • Whonix is better suited for high-security protection against passive surveillance methods and IP address / DNS leaks.
  • Tails is better suited for high-risk users who face aggressive, targeted surveillance.
  • Tor Browser on the host is sufficient for low-risk users unlikely to be tagged for targeted surveillance.
  • corridor is a useful addition, since a Tor traffic whitelisting (filtering) gateway provides an additional failsafe to prevent clearnet leaks.


Ultimately, the "best" anonymity software / distribution and configuration is informed by a realistic threat assessment of one's own personal circumstances, before any final decision is made.

Statement about Neutrality of this Page[edit]

General[edit]

An impartial comparison of anonymity platforms and tools is difficult, since contributors to this page are most likely Whonix users. Regardless, an imperfect comparison page is better than none at all. The reader should bear in mind that this wiki content might have been anonymously posted elsewhere, such as Wikipedia. The contributors to this page have decided to attach their pseudonyms.

Anonymous edits are allowed and are generally published within a short time frame. Readers who notice any mistakes can immediately edit the page. This entire article is published under a Free (as in speech) license (GPLv3+). [213]

Different Views[edit]

Opinions should always be expressed carefully, particularly when analyzing the merits and weaknesses of other software projects. A range of different opinions already exist on this exact issue. Interested readers can refer to the following resources or add their own:

Systems Omitted from the Comparison[edit]

The following software platforms were not considered in this comparison, but may be included in the future:

See Also[edit]

Footnotes[edit]

  1. The Qubes website states: "If you are interested in TorVM, you will find the Whonix implementation in Qubes a more usable and robust solution for creating a torifying traffic proxy."
  2. At the time of last comparison.
  3. Most recent stable version.
  4. Custom-Workstation: self-made builds can run on any real or virtual hardware so long as they are behind a Whonix-Gateway (sys-whonix). Tor Browser binaries are limited to a handful of platforms - Windows, Linux, BSD and Mac.
  5. Whonix-Workstation (whonix-ws): Other Operating Systems are also supported. With respect to Whonix-Gateway (whonix-gw), developers are agnostic about supporting any other secure distributions. Of course another operating system could be used as the base, but it requires significant effort.
  6. The default downloads are for VirtualBox, but this is subject to change in the future. Physical Isolation is an optional security feature for advanced users. Experimental, optional support is available for VMware. Images can be built for other virtualizers, but it requires some work, see: Other Virtualization Platforms.
  7. For advanced users.
  8. See Other Operating Systems.
  9. See also HVM.
  10. 10.0 10.1 10.2 10.3 Users can install the host operating system on a USB.
  11. Whonix does not have a fully-featured USB installer. Installing the operating system on a USB is recommended, but the decision is left to the user.
  12. Tails has a professional USB installer.
  13. 13.0 13.1 13.2 This has a neutral blue color, because the project dictates whether or not a specific virtualizer is required.
  14. 14.0 14.1 https://tails.boum.org/contribute/design/virtualization_support/
  15. https://tails.boum.org/doc/advanced_topics/virtualization/
  16. This has a red color because it raises the bar for new users, who must expend significant effort to try it.
  17. This is only available as an experimental proof of concept, see: VMware. It is not recommended because VMware is closed source software. Whonix developers do not support or test this configuration.
  18. This has a neutral color because Qubes OS is open source, while VMware is closed source and should therefore be discouraged.
  19. Qubes-Whonix.
  20. https://www.qubes-os.org/doc/tails/
  21. Custom installed applications and user data can be stored and survive reboot.
  22. Depending on a user's settings, bookmarks and passwords can be saved, and downloaded files retained.
  23. Authorship.
  24. https://en.wikipedia.org/wiki/Tails_%28operating_system%29
  25. https://en.wikipedia.org/wiki/Tor_browser
  26. This matters because until Deterministic Builds become standard, (non-)anonymous developers might imply trust. A project's reputation, formal education and expertise are other relevant factors.
  27. 27.0 27.1 Protection from root exploits, specifically malware with root rights.
  28. 28.0 28.1 28.2 The Workstation is where the browser, IRC client and other user applications are run. The Gateway is where Tor and the firewall are running.
  29. Whonix protects against IP address / location discovery through root exploits (malware with root rights) inside Whonix-Workstation (anon-whonix), although this feature should not be unnecessarily tested. Successful attacks by adversaries cannot yield the user's real IP address / location, because Whonix-Workstation (anon-whonix) can only connect through the Whonix-Gateway (sys-whonix). More skill is required to compromise Whonix due to its design; also see attacks on Whonix.
  30. 30.0 30.1 If Tails is compromised by a root exploit, the adversary can simply bypass the firewall to discover the user's real IP address.
  31. corridor is not designed for that purpose. A compromised application could contact a colluding Tor relay.
  32. IP / DNS leaks are impossible in Whonix, since Whonix-Workstation (anon-whonix) is unaware of its external IP address.
  33. 33.0 33.1 Please read how Whonix protects against realistic threats first. IP leaks are possible in Tails if applications are configured incorrectly or have a critical bug - this similarly applies to the Tails platform itself. The Tails Security Page notes: "Until an audit of the bundled network applications is done, information leakages at the protocol level should be considered as - at the very least - possible."
  34. https://www.torproject.org/docs/faq.html.en#EntryGuards
  35. https://tails.boum.org/blueprint/persistent_Tor_state/
  36. 36.0 36.1 Since the responsibility for building Tor circuits falls on clients running behind corridor-Gateway.
  37. Stream isolation provides protection against identity correlation through circuit sharing.
  38. For further details, see stream isolation.
  39. Separate Tor streams in Tails.
  40. Ever since the following ticket was implemented: Tor Browser should set SOCKS username for a request based on referer.
  41. Tor Browser comes with its own Tor instance. It is just a browser, not a live system or an operating system.
  42. The user must configure applications manually to use stream isolation. In Whonix, all applications that are installed by default (like curl, wget, ssh, tbb, torbirdy, and others) are configured to use their own SocksPort. Tails also has this feature, but it is not as extensive as Whonix. When QubesOS TorVM was last checked, it did not provide stream isolation.
  43. This is relevant when workstations x1, x2, ..., xn are all running behind the same gateway y.
  44. See: IP spoofing protection.
  45. A user can either run multiple Whonix-Gateways or configure an encrypted and/or authenticated connection between the Whonix-Gateway and Whonix-Workstation.
  46. See: https://groups.google.com/d/msg/qubes-devel/le7-Rrq6yxY/k_fQdSTzvLAJ
  47. See https://tails.boum.org/contribute/design/incremental_upgrades/
  48. See whonixcheck, Whonix news.
  49. See Whonix news.
  50. A GNOME libnotify notification pops up with a link and offers the user an opportunity to subscribe to news by email.
  51. This might be possible via the browser's https://check.torproject.org function. This was never implemented, even after old Tor Browser bundles became a popular exploit.
  52. See security issues when using apt-get update in scripts.
  53. The whonixcheck function check_operating_system uses /usr/lib/apt-get-wrapper.
  54. See Protocol-Leak-Protection and Fingerprinting-Protection for details.
  55. 55.0 55.1 55.2 By default this information is not sent to anyone. It is only at risk when the machine is compromised by malware.
  56. 56.0 56.1 56.2 56.3 56.4 The design of assigned MAC addresses means that destination servers cannot see them. Therefore yes, they are always hidden from destination servers.
  57. This is a realistic threat considering some ISPs are based on LANs, which means they can see the MAC addresses of their clients. Hotspots can also see the MAC addresses of connected devices.
  58. Please read Whonix in public networks / MAC Address.
  59. Tails spoofs the MAC address. This feature can be easily disabled.
  60. https://www.qubes-os.org/doc/anonymizing-your-mac-address/
  61. The virtual MAC address for Whonix-Gateway's internal network interface (eth1) is shared among all Whonix users, because Whonix-Workstation can see it. However, Whonix-Workstation cannot see the MAC address of Whonix-Gateway's external network cards (eth0).
  62. Unless a physical network card is assigned to the virtual machine.
  63. Why MAC Address Randomization is not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms
  64. A Passive Technique for Fingerprinting Wireless Devices with Wired-side Observation
  65. https://forums.whonix.org/t/your-mac-address-randomization-attempts-are-futile
  66. https://www.whonix.org/wiki/Computer_Security_Education#Introduction_2
  67. https://github.com/QubesOS/qubes-issues/issues/2361
  68. DisposableVMs are not amnesic in their current form, as traces of activity may be left on storage media or in RAM.
  69. There are no special measures to limit what is written to disk because Whonix acts like an ordinary operating system. A non-exhaustive list of user activity includes: user created files, backup files, temporary files, swap, chat history, browser history and so on. Whonix is also unable to prevent host memory swaps to the host disk (see also: virtual memory). Mitigating this threat requires following the recommendation to use multiple VM snapshots and applying full disk encryption on the host. There is a security-usability trade off here: greater persistence allows Whonix to remain fully-featured and enables users to easily install additional software.
  70. Tails is amnesic by design.
  71. Although Tor Browser is designed to prevent browser activity leaking to disk, the implementation could be faulty, or swap might still leak. Also see The Tor Project blog post Forensic Analysis of Tor on Linux and the full pdf results.
  72. A DisposableVM could be used with a TorVM. For a discussion of TorVM anti-forensics features, see DisposableVM versus local forensics?.
  73. corridor-Gateway itself is not amnesic. The amnesic feature must be implemented by the workstations (and possibly gateways) behind corridor-Gateway.
  74. See Cold boot attack.
  75. https://github.com/QubesOS/qubes-issues/issues/716
  76. 76.0 76.1 76.2 Open Source software does not automatically prevent backdoors, unless the user creates their own binaries directly from the source code. People who compile, upload and distribute binaries (including the webhost) could add hidden code, without publishing the backdoor. Anybody can claim that a certain binary was built cleanly from source code, when it was in fact built using the source code with a hidden component. Those deciding to infect the build machine with a backdoor are in a privileged position; the distributor is unlikely to become aware of the subterfuge. Deterministic builds can help to detect backdoors, since it can reproduce identical binary packages (byte-for-byte) from a given source. For more information on deterministic builds and why this is important, see:
  77. See Tails Roadmap.
  78. See Deterministic Builds Part One: Cyberwar and Global Compromise and Deterministic Builds Part Two: Technical Details.
  79. 79.0 79.1 corridor only uses shell scripts.
  80. 80.0 80.1 80.2 80.3 To be fair, there are no deterministically built operating systems yet. It is a difficult process and takes a lot of effort to complete. While Debian has around 22,000 reproducible packages in mid-2018, this work has been ongoing since 2013 and is far from done.
  81. 81.0 81.1 81.2 81.3 81.4 The first form of backdoor is a vulnerability (bug) in the source code. Vulnerabilities are introduced either purposefully or accidentally due to human error. Following software deployment, an attacker may discover the vulnerability and use an exploit to gain unauthorized access. Such vulnerabilities can be cleverly planted in plain sight in open source code, while being very difficult to spot by code auditors. Examples of this type of backdoor include: The second form of backdoor is adding the full code (or binary) of a trojan horse (computer virus) to the binary build, while not publishing the extra source code and keeping it secret. This process can only be detected with deterministic builds.
    It is therefore impossible to claim that non-trivial source code is backdoor-free, because backdoors can be hidden as vulnerabilities. Auditors scrutinizing the source code can only state an opinion about the quality of the source code, and eventually report vulnerabilities if/when they are identified. Assertions that source code is free of computer viruses (like trojan horses) is the only reasonable assertion that can be made.
  82. 82.0 82.1 82.2 82.3 82.4 Although theoretically possible, there are no mathematically proven bug-free operating systems yet.
  83. 83.0 83.1 Hidden source code is defined as code which is added by an adversary. They may have: compromised a build machine, conducted compiling prior to the binary build process, or be responsible for building the actual binary. The secret source code will remain unpublished and it will appear (or be claimed) that the software was built from the published source code. Reliably detecting such hidden code - added on purpose or due to build machine compromise - requires comparison with deterministic builds, which are discussed above. Other methods like watching network traffic are less reliable, since a backdoor can only be spotted when it is used. Backdoors are even less likely to be found through reverse engineering, because very few people are using a disassembler.
  84. The upstream distribution is the distribution on which the project is based. Whonix and Tails are based on Debian, thus Debian is their upstream distribution. QubesOS TorVM is based on Qubes OS, which is itself based on Fedora and Xen.
  85. 85.0 85.1 85.2 85.3 85.4 No, since the upstream software is not deterministically built. See above to learn about deterministic builds
  86. See verifiable builds.
  87. To discover if Whonix, Tails or TBB is running.
  88. Because TorVM's own traffic is not torified.
  89. Tails does not support persistent entry guards yet.
  90. Operating system updates, use of a host browser and so on.
  91. Operating system updates, use of an untorified second browser and so on.
  92. Due to package selection, it will probably also reveal that it is an Qubes OS TorVM.
  93. Whonix users might tend to have more traffic than TBB users, as operating system updates of Whonix-Workstation (whonix-ws) and Whonix-Gateway (whonix-gw) take place over Tor. It is unknown if the data volume is specific enough to guess a transparent or isolating proxy is in use, or if a significant proportion of other Tor users route a large amount of traffic through Tor (to help disguise Whonix users). Research prior to the foundation of Whonix suggested that a large amount of file sharing occurred via Tor. Classical file-sharing is likely to have far greater upload than Whonix, but it is unclear how many people have disabled upload settings or moved to methods which have minimal upload, such as file hosters.
  94. The unsafe browser is in use, or other people are sharing the same Internet connection who are not using Tails.
  95. See above: Network fingerprint: ISP cannot trivially guess the project type.
  96. 96.0 96.1 The Tails Design about Time syncing states: "Our initial time guess based on the Tor consensus is probably easier to fingerprint, though: a fresh Tor is started, and restarted again right after the consensus has been downloaded."
  97. Fingerprint for the websites that are visited.
  98. Whonix uses the original Tor Browser from The Tor Project, with the only difference being Tor runs on Whonix-Gateway instead of using the locally shipped Tor.
  99. 99.0 99.1 Refer to the following Tails resources for the latest status update: (fingerprint) for the websites that you are visiting and evaluate web fingerprint.
  100. This is the original Tor Browser Bundle from torproject.org.
  101. 101.0 101.1 While preventing Tor over Tor, which is recommended.
  102. This could probably be installed manually, but users are generally not aware of fingerprinting issues. Further, they usually have trouble in using Tor Browser without the bundled Tor instance - which is of course recommended to prevent Tor over Tor scenarios.
  103. Tails and Liberte Linux contain a so called "Unsafe Browser". The Unsafe Browser does not use Tor and it connects in the clear. It is available on these platforms because it is useful for registering on hotspots or for general (non-anonymous) browsing purposes.
  104. When using VMs:
    • The unsafe browser on the host is untouched, so it is not affected by installing Whonix.
    When using Physical Isolation:
    • From Whonix 0.5.6 onwards, there is no unsafe browser. A separate third machine with clearnet access could be configured.
  105. Tails Todo: Improve fingerprint of the Unsafe Browser
  106. This is useful for keeping the clock synchronized for long running sessions.
  107. See also Dev/TimeSync.
  108. Users who want to hide Tor and Whonix from the ISP should not connect to the public Tor network when starting the platform for the first time.
  109. Settings, patches and add-ons.
  110. See Tor Browser
  111. See TimeSync.
  112. See Tails - Time syncing.
  113. It is best when account names are shared among anonymity-focused distributions.
  114. https://github.com/ioerror/torbirdy/blob/master/gpg.conf
  115. gpg.conf optimized for privacy
  116. As TorVM may not run inside other virtualizers in the first place, although this is untested.
  117. whonixcheck
  118. https://en.wikipedia.org/wiki/AppArmor
  119. https://github.com/Whonix/grub-enable-apparmor
  120. Additional profiles can be manually installed. Profiles are already enabled by default for Tor and obfsproxy.
  121. Due to anonymity, privacy and security problems associated with Adobe Flash
  122. 122.0 122.1 122.2 122.3 122.4 122.5 122.6 122.7 122.8 If the fingerprint is detailed enough, then linkage of activities and subsequent deanonymization becomes easier.
  123. 123.0 123.1 123.2 That is, it is shared among all up-to-date Whonix users, and some Debian users. In Debian's case that would be persons using the same platform that Whonix is based on (Debian jessie in Whonix 13.0.0.1.4 or Debian stretch in Whonix 14). In addition, some users of Debian derivatives (like Ubuntu) would share the same Flash version.
  124. Users can conduct their own checks on http://ip-check.info
  125. Whonix developers have also minimized the attack surface, added hardening features and so on. Refer to developer documentation on security and hardening for further details.
  126. An application not honoring proxy settings. Example: Tor Browser Bundle: Firefox security bug (proxy-bypass).
  127. 127.0 127.1 127.2 127.3 Prevented by the firewall.
  128. This occurs when applications leak the user's real IP address. See Whonix security in the real world for examples where Whonix prevented them. Leaks are often circumvented in Whonix because Whonix-Workstation (anon-whonix) is unaware of the real IP address.
  129. 129.0 129.1 The workstation does not know its own external IP address.
  130. 130.0 130.1 130.2 The VM replaces the IP address with an internal LAN IP, which is safe.
  131. Consider the following example. A user visits a website over Tor with a torified browser. The website uses a known or zero day vulnerability to gain remote code execution on the user's machine, and then installs malware. The vulnerability "only" allows the adversary to gain user rights, not root. The adversary could then remotely start the Unsafe Browser in order to discover the user's real IP address. This attack is circumvented by Whonix, because any applications running inside Whonix, including malware, can only connect through Tor.
  132. Consider the following example. A user visits a website over Tor with a torified Browser. The website uses a known or zero day vulnerability to gain remote code execution on the user's machine, and then installs malware. The vulnerability "only" allows the adversary to gain user rights, not root. The adversary gains root rights by escalating privileges with a second vulnerability. The adversary is then capable of tampering with iptables rules to make non-Tor connections and so on. This attack is circumvented by Whonix, because the firewall runs on another (virtual) machine. Further, any root applications inside Whonix, including malware with root rights, can only connect through Tor.
  133. Consider the following example. A user visits a website over Tor with a torified Browser. The website uses a known or zero day vulnerability to gain remote code execution on the user's machine, and then installs malware. The vulnerability used allows the adversary to gain root rights. The adversary is then capable of tampering with iptables rules to make non-Tor connections and so on. This attack is circumvented by Whonix, because the firewall runs on another (virtual) machine. Further, any root applications inside Whonix, including malware with root rights, can only connect through Tor.
  134. Consider the following example. A user visits a website over Tor with a torified Browser. The website uses a known or zero day vulnerability to gain remote code execution on the user's machine, and then installs malware. A second exploit is then used to break out of the virtual machine. The default Non-Qubes-Whonix and Qubes-Whonix platforms are vulnerable to this attack. Whonix with physical isolation defeats this attack, because the Whonix-Workstation host does not know its real IP address, only Whonix-Gateway does, which is running on another physical machine.
  135. This is the same as attack number six, except in this case the adversary uses an extra vulnerability to break into Whonix-Gateway. Whonix is vulnerable to this form of attack.
  136. Consider the following example. A user visits a website over Tor with a torified Browser. The website uses a known or zero day vulnerability to gain remote code execution on the user's machine. The default Non-Qubes-Whonix and Qubes-Whonix platforms will fall to this attack, the same as attack number six. Physical isolation defeats this attack in the same manner as per attack number six.
  137. 137.0 137.1 White is used as a more neutral color because according to this post by Joanna Rutkowska, exploiting a QubesOS virtual machine is more difficult than exploiting VirtualBox.
  138. Consider the following example. A user visits a website over Tor with a torified Browser. The website uses a known or zero day vulnerability to gain remote code execution on the host. The adversary then uses an extra vulnerability to break into Whonix-Gateway. Whonix is vulnerable to this kind of attack.
  139. 139.0 139.1 139.2 Fail, because it has already fallen victim to a VM exploit.
  140. 140.0 140.1 140.2 This is not usually run behind a physically isolated Whonix-Gateway.
  141. Consider the following example. A user visits a website over Tor with a torified Browser, with Tor controlling (processing) the traffic. The adversary uses a vulnerability to gain remote code execution on the user's machine. The machine where Tor is running knows the user's real IP address (Tor control protocol command: getinfo address), unless this machine is itself behind another Gateway which is difficult to configure; see chaining multiple gateways.
  142. 142.0 142.1 Unless a user is chaining multiple gateways, which is unfortunately only available to expert users. Whonix is vulnerable to this form of attack.
  143. For example, an end-to-end correlation attack. Research has established that Tor is vulnerable to numerous other attack vectors. Any successful attack against Tor, where an anonymity operating system is dependent on it, will naturally deanonymize the user. The exception is users who are chaining multiple gateways, which unfortunately is only available to expert users. Whonix is capable of defeating some attacks against Tor and associated components such as Tor Browser; for example, see the secure and distributed time synchronization mechanism and protocol and fingerprinting leak protection, along with the rest of the design page.
  144. Any backdoor in Tor would be fatal for operating systems which rely upon it, since it would open up an avenue for targeted attacks. Widespread attacks are more likely to be identified.
  145. 145.0 145.1 When server software on Whonix-Workstation (anon-whonix) is (root) exploited, the attacker cannot steal the key of the onion service because it is stored on Whonix-Gateway (sys-whonix).
  146. Tails is not yet meant to be used as a server.
  147. Tails is not yet meant to be used as a server.
  148. This is safe in theory, but it is unclear if TorVM supports onion services.
  149. 149.0 149.1 Source: https://lists.torproject.org/pipermail/tor-talk/2012-February/023264.html
  150. 150.0 150.1 150.2 Because the unsafe browser runs on the VM host which uses NTP, and the torified browser runs inside Whonix-Workstation (anon-whonix) which uses sdwdate.
  151. The VM host time is synchronized with NTP, and operating system time is synchronized with tails_htp.
  152. 152.0 152.1 An untorified host browser uses the same clock as TBB.
  153. 153.0 153.1 The host and VM clock are both synchronized with NTP, but there still might be a difference since they are synchronized independently.
  154. This is important because if the clock skew is too large and/or unique, non-anonymous and anonymous activity might be linked.
  155. The time differs because Whonix-Workstation (anon-whonix) and Whonix-Gateway (sys-whonix) use separate sdwdate instances.
  156. 156.0 156.1 The unsafe browser and torified browser share the same clock via tails_htp
  157. 157.0 157.1 157.2 157.3 An attack initiated by an ISP-level adversary.
  158. 158.0 158.1 This assumes installation of a regular operating system using NTP which was used earlier, and the introduction of a clock skew by an adversary.
  159. Such as running tordate.
  160. 160.0 160.1 160.2 Due to a unique clock skew introduced by an adversary.
  161. That is, installing new software safely.
  162. In Whonix, it is possible to install a (Tor-unsafe) BitTorrent client. In the worst case it would be pseudonymous rather than anonymous, as the IP address would still be hidden.
  163. Tails has a firewall to block non-Tor traffic, but an audit at the protocol level is still required. The Tails Security Page notes: "Until an audit of the bundled network applications is done, information leakages at the protocol level should be considered as ? at the very least ? possible."
  164. The user must manually prevent non-Tor traffic, DNS leaks and protocol level leaks.
  165. Text, screenshot and video instructions are available.
  166. The user must install and set up the Gateway from source code.
  167. For examples of what not to do, see DoNot.
  168. Documentation
  169. https://tails.boum.org/doc/index.en.html
  170. https://github.com/Whonix/power-savings-disable-in-vms
  171. This is the default desktop for Qubes R3.2 and later releases. Qubes R3.1 and earlier used KDE.
  172. 172.0 172.1 172.2 Necessary software is included, but there is no GUI to complete the process. For documentation on this optional configuration, see tunnel introduction.
  173. 173.0 173.1 173.2 Tails status for VPN support: https://labs.riseup.net/code/issues/5858
  174. By configuring the NetVM of the TorVM as a VpnVM.
  175. https://tails.boum.org/contribute/design/#index42h3
  176. See browser plugin security and browser plugins.
  177. Tails status for Flash support: https://labs.riseup.net/code/issues/5363
  178. Installed by default, see Mixmaster.
  179. https://en.wikipedia.org/wiki/Ricochet_%28software%29
  180. See Ricochet IM.
  181. Tails wishlist.
  182. Filezilla works out of the box, but is not pre-installed. For Tor Browser and/or wget, users can experiment with TrackHostExits. Further information on this feature can be found here and here.
  183. Tails status for FTP support: https://labs.riseup.net/code/issues/6096
  184. Users can install any download manager, preferably using SocksPort, although TransPort works as well. wget -c (pre-configured to use SocksPort) has also been tested to work.
  185. Users can manually install any download manager in Tails. It only needs configuration to use the proper SOCKS proxy.
  186. See Mozilla Thunderbird with TorBirdy and Enigmail.
  187. Hidden services can be used without IP address / DNS leaks, see onion service support. No GUI is available to setup an onion service, but it works well nonetheless.
  188. This is possible via ordinary torrc mechanisms; see Persistence preset: Tor state
  189. Tails server: Self-hosted services behind Tails-powered Tor onion services
  190. When using VMs, this can be easily achieved on the host. For users relying on physical isolation, from Whonix 0.5.6 onward there is no unsafe browser. A separate third machine with clearnet access could also be configured.
  191. Tails has a unsafe browser for such tasks.
  192. The host operating system mechanism can be used.
  193. 193.0 193.1 Qubes OS system requirements
  194. Whonix 14 has 64-bit guest builds. This offers more ALSR entropy, avoids memory duplication between running VMs, and provides greater performance.
  195. 195.0 195.1 195.2 This option is already supported, see build configuration.
  196. QubesBuilder
  197. See Dev/Control_Port_Filter_Proxy.
  198. 198.0 198.1 198.2 The option is just as effective as comparable platforms, like Debian.
  199. This option is fully functional in Tails, despite the quote below - see the additional footnote. As noted on the Tails' website, https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html#new_identity:

    This feature is not enough to strongly separate contextual identities in the context of Tails as the connections outside of Tor Browser are not restarted.

    Shutdown and restart Tails instead.

  200. See I2P.
  201. See JonDonym.
  202. See RetroShare.
  203. https://github.com/Whonix/shared-folder-help
  204. VirtualBox shared folders.
  205. KVM shared folders.
  206. https://github.com/Whonix/grub-screen-resolution
  207. https://github.com/Whonix/grub-output-verbose
  208. https://www.whonix.org/wiki/Desktop#RAM_Adjusted_Desktop_Starter
  209. https://github.com/Whonix/rads
  210. 210.0 210.1 210.2 210.3 See Bridges.
  211. meek is available in Whonix 14.
  212. Snowflake integration is currently under development.
  213. Permission is granted by adrelanos (Patrick Schleizer) for anyone editing this page to shift the content to a more neutral place, like Wikipedia. Should it be required, Schleizer would also agree to dual / multi / re-licensing of this page under a different Free (as in speech) license, such as GFDL. Note that moving the article to Wikipedia is difficult to achieve anonymously, since they do not allow Tor user edits (and most people interested in this article are Tor users).

Random News:

We are looking for maintainers and developers.


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)