Dev/Download Wizard

From Whonix

< Dev

User's Preferences[edit]

By Host Operating System[edit]

  • Windows users → Install VirtualBox from → recommend VirtualBox ova's
  • Linux users → Install VirtualBox by using distribution's package manager → recommend using KVM and .qcow2 images
  • Mac users → Install VirtualBox by ? → recommend VirtualBox ova's
  • Qubes users → Qubes

By Target Platform[edit]

By Security / Usability Compromise[edit]

  • Download Easy
  • Download More Secure
    • Torrent + note, that anonymous download is difficult[1]
    • http-only, direct http download link + hash check + note anonymous download
  • Download Most Secure
    • http(s [archive]) + gpg
    • onion + gpg
    • notes about anonymous download
  • Download Utmost Secure
    • Build from source code

By Download Method[edit]

By Download Anonymity[edit]

Low priority. Perhaps leaving this out.

  • preferred download anonymity → http(s) or onion, avoiding torrent
  • no preference about download anonymity → nevermind http(s) or torrent

By Release Life Cycle[edit]

  • Stable Releases
  • Testers-Only Releases
  • Experimental Releases

Threat Models[edit]

No attacks prevented[edit]

  • Http-only download without verification.
  • Good for new users who should be warned that this is only to try Whonix ™ and practice getting used to Linux.
  • Download Easy

MITM download[edit]

  • Man-in-the-middle attack between mirror and downloader.
  • Can be defeated by using hash check, SSL, onion or BitTorrent.
  • Download More Secure server compromise[edit]

  • Prevented by OpenPGP verification.
  • Download Most Secure

build server compromise[edit]

  • Prevented by building from source code.
  • Download Utmost Secure

Multiple Download Pages Considerations[edit]

If we consider multiple download pages, users are accustomed to share direct download links. One who decided to use VirtualBox is likely to share the VirtualBox download page link. So the VirtualBox download page should ideally briefly mention, that there are also options on the main download page. Just a consideration. IF we decide that route.

Windows Verification is hosed[edit]

To check the hash, windows users have to either:
1. Download a utility from a website and follow the instructions about how to check a hash <- Possible, but tedious.
2. Download via Bittorrent <- Requires prior knowledge of Bittorrent
3. All downloads via SSL <- Can't right now [archive]
4. Learn GPG <- an important skill; but now we're jumping directory to the "advanced verification" stage

Verifying file integrity is not something Windows encourages.

No one is providing a https enabled download link for a Windows hash verification tool. Maybe we should redistribute rapid-crc-unicode-portable [archive] (just 1 MB) over https on

Implementation Ideas[edit]

Using html fieldset tag[edit]

Compatibility, it looks like everyone supports it: [archive]

Example Draft[edit]

Dropdown menu examples

No javascript required.

Whonix ™ can run on top of many host operating systems (Windows, Linux, Mac, Qubes and more). Whonix ™ recommends Debian Wheezy. (More Options)

<form class="form-download gap-from-top" action="/download/" method="get">
		<input type="hidden" name="version" value="9.1" />
		<label for="input-operating-system">Choose your operating system</label>
		<select id="input-operating-system" name="architecture">
			<option value="Windows" selected="selected">Windows</option>
			<option value="Linux">Linux</option>
			<option value="Mac">Mac</option>
		<button type="submit">Next</button>

Whonix ™ can run on top of various target platforms such as VirtualBox, KVM, Qemu, Qubes, VMware or with no virtualizer.

<form class="form-download gap-from-top" action="/download/" method="get">
		<input type="hidden" name="version" value="9.1" />
		<label for="input-operating-system">Choose your target platform</label>
		<select id="input-operating-system" name="architecture">
			<option value="Windows" selected="selected">VirtualBox [status: stable] [usability: easiest]</option>
			<option value="Linux">KVM [status: testers-only] [usability: medium]</option>
			<option value="Mac">Qubes [status: testes-only] [usability: harder]</option>
			<option value="Mac">VMware [status: unmaintained] [usability: easy]</option>
			<option value="Mac">no virtualizer (physical isolation, bare metal) [status: stable] [usability: harder]</option>
		<button type="submit">Download</button>

Expand Button Examples[edit]


Interested in safer download options? Click on expand on the right side.

Unfortunately, safer download options are more complicated, but well worth the effort. [...]


More download options? Torrent, sha512 hash files, etc.? Click on expand on the right side. Without JavaScript those are expanded by default.

Torrent, sha512 hash files, etc. [...]

See Also[edit]


  1. or at least very hard without Whonix ™, which is what they want to download in the first place

text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Iconfinder news 18421.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg Reddit.jpg Diaspora.png Gnusocial.png Mewe.png 500px-Tumblr Wordmark.svg.png Iconfinder youtube 317714.png 200px-Minds logo.svg.png 200px-Mastodon Logotype (Simple).svg.png 200px-LinkedIn Logo 2013.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png United Federation of Planets 1000px.png

Share: Twitter | Facebook

Do you wonder why Whonix will always be free? Check out Why Whonix is Freedom Software [archive].

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2020 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.