Whonix ®

Download

Windows Linux Mac VirtualBox KVM Qubes USB ISO (coming soon) More options Source Code

About

Overview Features Whonix vs VPNs Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Contribute

Support

Free Plus Premium Contact

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Whonix in the cloud - Development Considerations

Virtualization Technology[edit]

• docker based or KVM based?

Build Script TODO[edit]

• If docker based:
  • create a docker filesystem tar.xz
  • dockerfile Whonix-Gateway
  • dockerfile Whonix-Workstation
  • docker virtual internal networking
• If kubernetes based:
  • kubernetes pod yaml
  • internal networking?

Misc TODO[edit]

• preseed Anon Connection Wizard for non-interactive mode
• systemcheck fixes to support new virtualizer
• leak testing
• static networking vs DHCP
• DHCP
  • needed?
  • outside?
  • find a security review contractor
• create a cloud-support package which contains cloud specific configuration tweaks

Cloud TODO[edit]

• cloud interface switch network button
• cloud interface different speed / anonymity choices
• kubernetes switch network

Anonymizer[edit]

• Working codenames:
  • Default Tor (just "normal" Tor)
  • Fast Tor (
  • Own Tor (self-hosted Tor network)
    • How to stop freeloaders?
• Why Tor?
  • Tor supports transparent proxying
  • supports nodes config

legal documents[edit]

• Existing documents can be re-used.

Sponsorship[edit]

• honest documentation in the usual style what if xyz how secure, less secure, more secure, etc.
• homepage, Download page gets a cloud button
• main sponsor
• reputation instead of hand waving
• continuous support for future version support
• cooperation agreement
• oversight
• access to developers
• access to tickets
• advisory
• monitor and confirmation of progress

Secure Cloud Hardware TODO Research List[edit]

RAM Encryption[edit]

• PrivateCore
  • https://en.wikipedia.org/wiki/PrivateCore
  • https://privatecore.com/vcage/index.html
• Microsoft
  • https://learn.microsoft.com/en-us/windows/security/information-protection/pluton/microsoft-pluton-security-processor
  • https://azure.microsoft.com/en-us/products/key-vault/
  • https://azure.microsoft.com/en-us/solutions/confidential-compute/#solution-architectures
  • https://www.microsoft.com/en-us/research/project/microsoft-seal/
• Google
  • https://cloud.google.com/security-key-management
  • https://cloud.google.com/confidential-computing
• raptorengineering
  • https://www.raptorengineering.com/TALOS/documentation/integrimon_intro.pdf
  • https://www.raptorengineering.com/TALOS/security_features.php
  • https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-1
  • https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation/updates/talos-fpga-functions-and-responsibilities-part-2
  • https://www.integricloud.com/
• HashiCorp
  • https://www.vaultproject.io/
• thales
  • https://cpl.thalesgroup.com/cloud-security
• AWS
  • https://aws.amazon.com/security/cryptographic-computing/
  • https://aws.amazon.com/clean-rooms/features/
• https://en.wikipedia.org/wiki/Key_Management_Interoperability_Protocol
• KVM
• pKVM - protected KVM
  • https://lwn.net/Articles/890224/

Homomorphic Encryption[edit]

• https://en.wikipedia.org/wiki/Homomorphic_encryption
• Microsoft
  • https://learn.microsoft.com/en-us/azure/architecture/solution-ideas/articles/homomorphic-encryption-seal
• AWS
  • https://aws.amazon.com/security/cryptographic-computing/

Whonix The most watertight privacy operating system in the world.

Dark mode

Follow us on social media

FREE  ·  PLUS  ·  PREMIUM Support

At Whonix we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012-2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!