Whonix ™ can be downloaded over SSL and/or an onion service. The SSL CA system being flawed in the first place is another story (see SSL).
OpenPGP verification (as noted on the Verify the Whonix images page) is much more safe and highly recommended.
Building Whonix ™ from source code is the most secure option to obtain Whonix ™. It is also because the developer itself does not have to be trusted to create binaries which match the source code. Auditing the source code before using it is the utmost secure option.
See also, Comparison with Others, Download Security.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)