Dev/Torified Wi-Fi Hotspot
- For now Whonix has a simple design and great reputation. At time of writing, no clearnet IP leak found ever. See Whonix Protection against Real World Attacks.
- If that gets mixed with android-anyting, the quality if leak protection could be lower due to issues causes on the Android, not Whonix side.
Torified WiFi Hotspot
Even if a WiFi USB stick was added to Whonix-Workstation™... Possible causes for clearnet leaks on the Android side:
- The WiFi could go off / out of range. Then the device might jump to an untorified open WiFi.
- Users might turn off WiFi off while forgetting to keep mobile network (clearnet) turned off.
The mobile device wouldn't be isolated from local networks though. Nothing stops it from bruteforcing your neighbour's WiFi and deanonymizing you that way. Unlike in a Whonix workstation VM, where it can't access those.
- Adding all the security challenges of WiFi.
- A 1) insecure WiFi + TLS is less of a problem than 2) insecure WiFi connection to Whonix-Gateway which would be even more of an issue. 1) could still be OK because TLS secures the contents of the connection. But 2) could be used to de-anonymize the user.
- Using a stock android device once non-anonymously, then routing all traffic over Tor would not be as anonymous as expected due to TransparentProxyLeaks.
- TransparentProxyLeaks are not an issue in the usual Whonix, Whonix-Gateway™ + Whonix-Workstation design. Mixing Whonix-Gateway™ with stock android gives the developers of Whonix a lot less design abilities. Similar to using Whonix with other operating systems, Whonix-Custom-Workstation™, see security comparison.
A VPN tunnel from Android to Whonix-Gateway or Whonix-Workstation.
Many Android phones do not have a fail closed mechanism. When the VPN connection gets interrupted, device continues to connect without VPN.