Dev/Download Wizard

< Dev

User's Preferences[edit]

By Host Operating System[edit]

  • Windows users -> Install VirtualBox from -> recommend VirtualBox ova's
  • Linux users -> Install VirtualBox by using distribution's package manager -> recommend using KVM and .qcow2 images
  • Mac users -> Install VirtualBox by ? -> recommend VirtualBox ova's
  • Qubes users -> Qubes

By Target Platform[edit]

By Security / Usability Compromise[edit]

  • Download Easy
  • Download More Secure
    • Torrent + note, that anonymous download is difficult[1]
    • http-only, direct http download link + hash check + note anonymous download
  • Download Most Secure
    • http(s) + gpg
    • onion + gpg
    • notes about anonymous download
  • Download Utmost Secure
    • Build from source code

By Download Method[edit]

By Download Anonymity[edit]

Low priority. Perhaps leaving this out.

  • preferred download anonymity -> http(s) or onion, avoiding torrent
  • no preference about download anonymity -> nevermind http(s) or torrent

By Release Life Cycle[edit]

  • Stable Releases
  • Testers-Only Releases
  • Experimental Releases

Threat Models[edit]

No attacks prevented[edit]

  • Http-only download without verification.
  • Good for new users who should be warned that this is only to try Whonix and practice getting used to Linux.
  • -> Download Easy

MITM download[edit]

  • Man-in-the-middle attack between mirror and downloader.
  • Can be defeated by using hash check, SSL, onion or BitTorrent.
  • -> Download More Secure server compromise[edit]

  • Prevented by OpenPGP verification.
  • -> Download Most Secure

build server compromise[edit]

  • Prevented by building from source code.
  • -> Download Utmost Secure

Multiple Download Pages Considerations[edit]

If we consider multiple download pages, users are accustomed to share direct download links. One who decided to use VirtualBox is likely to share the VirtualBox download page link. So the VirtualBox download page should ideally briefly mention, that there are also options on the main download page. Just a consideration. IF we decide that route.

Windows Verification is hosed[edit]

To check the hash, windows users have to either:
1. Download a utility from a website and follow the instructions about how to check a hash <- Possible, but tedious.
2. Download via Bittorrent <- Requires prior knowledge of Bittorrent
3. All downloads via SSL <- Can't right now
4. Learn GPG <- an important skill; but now we're jumping directory to the "advanced verification" stage

Verifying file integrity is not something Windows encourages.

No one is providing a https enabled download link for a Windows hash verification tool. Maybe we should redistribute rapid-crc-unicode-portable (just 1 MB) over https on

Implementation Ideas[edit]

Using html fieldset tag[edit]

Compatibility, it looks like everyone supports it:

Example Draft[edit]

Dropdown menu examples

No javascript required.

Whonix can run on top of many host operating systems (Windows, Linux, Mac, Qubes and more). Whonix recommends Debian Wheezy. (More Options)

<form class="form-download gap-from-top" action="/download/" method="get">
		<input type="hidden" name="version" value="9.1" />
		<label for="input-operating-system">Choose your operating system</label>
		<select id="input-operating-system" name="architecture">
			<option value="Windows" selected="selected">Windows</option>
			<option value="Linux">Linux</option>
			<option value="Mac">Mac</option>
		<button type="submit">Next</button>

Whonix can run on top of various target platforms such as VirtualBox, KVM, Qemu, Qubes, VMware or with no virtualizer.

<form class="form-download gap-from-top" action="/download/" method="get">
		<input type="hidden" name="version" value="9.1" />
		<label for="input-operating-system">Choose your target platform</label>
		<select id="input-operating-system" name="architecture">
			<option value="Windows" selected="selected">VirtualBox [status: stable] [usability: easiest]</option>
			<option value="Linux">KVM [status: testers-only] [usability: medium]</option>
			<option value="Mac">Qubes [status: testes-only] [usability: harder]</option>
			<option value="Mac">VMware [status: unmaintained] [usability: easy]</option>
			<option value="Mac">no virtualizer (physical isolation, bare metal) [status: stable] [usability: harder]</option>
		<button type="submit">Download</button>

Expand Button Examples[edit]


Interested in safer download options? Click on expand on the right side.

Unfortunately, safer download options are more complicated, but well worth the effort. [...]


More download options? Torrent, sha512 hash files, etc.? Click on expand on the right side. Without JavaScript those are expanded by default.

Torrent, sha512 hash files, etc. [...]

See Also[edit]


  1. or at least very hard without Whonix, which is what they want to download in the first place

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.

Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.

Random News:

Have you read our Documentation, Technical Design and Developer Portal links yet?

https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)

Whonix is provided by ENCRYPTED SUPPORT LP. See Imprint.