Download Security

From Whonix

Ambox warning pn.svg.png This page is out of date. Ignore it for now.


The Simple chapter tries to keep it as short and easy as possible while the More difficult chapter goes more into detail, reasoning and theory.


There is no digital security like 0 or 1 or insecure or secure. The message of this page is, the more inconvenience one is willing to take and the more time one invests, the more security one can gain.

Just downloading the images in the clear without any verification is the least safe method. On the other hand, how insecure is it? There is for example gpg4win, Firefox Portable and so on. There is no SSL available when downloading those software projects. If you compare how often software gets downloaded and how few times the accompanying signatures are downloaded, very few people do care. Yet, reports of downloads which got compromised by a man-in-the-middle attack (for any project) happen seldom. does not support SSL for downloads.

Viewing the sourceforge download page while logged into you can see the MD5 and SHA1 hash (provided by, not Whonix ™ developers) after clicking the i button (View details).

Comparing the hash sums from the SSL protected page and verifying (comparing them) with what was downloaded is safer than no verification at all.

OpenPGP verification (as noted on the Download page) is much more safe and highly recommended.

Building Whonix ™ from source code is the most secure option to obtain Whonix ™. (Many bonus points for auditing the source code before using it.)

Related Wiki Pages[edit]

More difficult[edit]

Of course, providing downloadable images over SSL and/or an onion service hosted by Whonix ™ developers in a physically owned and protected place would be safer. Practically it is difficult to provide SSL protected downloads at all. Many important software projects can only be downloaded in the clear, such as Ubuntu, Debian, Tails, Qubes OS, etc. This is because someone has to pay the bill and SSL (encryption) makes it more expensive. At the moment we don't have any mirror supporting SSL. We're looking for SSL supported mirrors to share the load.

The SSL CA system being flawed in the first place is another story (see SSL).

Having SSL supported mirrors may seem like an oxymoron. The common practice is to say, that mirrors are not to be trusted. Even if the mirror owners were trusted persons, it is still an open question how good their server security is. And even if their server security is good, mirrors are generally also hosted in hosting companies and we can't trust those. However, not all adversaries have all available capabilities. Not all adversaries capable of mounting a man-in-the-middle attack are capable of breaking server security or forcing the hosting company to turn over the keys etc. Users not caring to use verification are still better off downloading from a SSL supported mirror, that works against less sophisticated adversaries. In numbers, this results in fewer users potentially ending up with maliciously altered downloads, so we think this is worth going for.

It would also be safer if the download server would be under full control of the developers and not under control of a big company (hosting provider). But that's not how things work today. Self-hosting is very expensive. (Requires fast internet connection, home user contracts won't be fast enough, many servers, electricity power and physical security (officers).) Even the servers of The Tor Project are not hosted in some developer's home.

Building from source code is also safer, because the developer itself does not have to be trusted. However, note that since Whonix ™ 8, the downloadable images are now verifiable. See also, Trust.


Onion Mirror[edit]

v2 Onion[edit]



v3 Onion[edit]







Thomas White

Activist, anarchist and a bit of a dreamer.
Mirror & Keys: http://bbbbbb6qtmqg65g6.onion

PGP Keys:
Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
Key-ID: 0CCA4983
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
Key-ID: EF1009F0

Twitter: @CthulhuSec
XMPP: thecthulhu at
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966

No comments for now due to spam. Use Whonix forums instead.

Random News:

Want to get involved with Whonix ™? Check out our Contribute page.

https | (forcing) onion

Follow: Twitter | Facebook | | Stay Tuned | Whonix News

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.