Dev/Torified Wi-Fi Hotspot

From Whonix
< Dev


Reputational Considerations[edit]

  • For now Whonix ™ has a simple design and great reputation. At time of writing, no clearnet IP leak found ever. See Whonix ™ Protection against Real World Attacks.
  • If that gets mixed with android-anyting, the quality if leak protection could be lower due to issues causes on the Android, not Whonix ™ side.

Torified WiFi Hotspot[edit]

Even if a WiFi USB stick was added to Whonix-Workstation ™... Possible causes for clearnet leaks on the Android side:

  • The WiFi could go off / out of range. Then the device might jump to an untorified open WiFi.
  • Users might turn off WiFi off while forgetting to keep mobile network (clearnet) turned off.
  • madaidan:

    The mobile device wouldn't be isolated from local networks though. Nothing stops it from bruteforcing your neighbour's WiFi and deanonymizing you that way. Unlike in a Whonix ™ workstation VM, where it can't access those.

  • Adding all the security challenges of WiFi.
    • A 1) insecure WiFi + TLS is less of a problem than 2) insecure WiFi connection to Whonix-Gateway which would be even more of an issue. 1) could still be OK because TLS secures the contents of the connection. But 2) could be used to de-anonymize the user.
  • Using a stock android device once non-anonymously, then routing all traffic over Tor would not be as anonymous as expected due to TransparentProxyLeaks.

forum discussion: https://forums.whonix.org/t/whonix-gateway-whonix-workstation-torified-wi-fi-hotspot/4751

Using VPN[edit]

A VPN tunnel from Android to Whonix-Gateway or Whonix-Workstation ™.

Many Android phones do not have a fail closed mechanism. When the VPN connection gets interrupted, device continues to connect without VPN.

Related[edit]