Frequently Asked Questions - Whonix ™ FAQ
(Redirected from FAQ2)
- 1 What is Whonix?
- 2 How does Whonix work?
- 3 What is Tor?
- 4 What are the advantages of Whonix?
- 5 How is Whonix different from Tor Browser?
- 6 How is Whonix different from Tails?
- 7 How is Whonix different from a VPN?
- 8 What is a Virtual Machine?
- 9 Who develops Whonix?
- 10 How secure is Whonix?
- 11 Should I Set Up a VPN with Whonix?
- 12 Isn't it Dangerous to use a Platform based on Tor?
- 13 Where are the Separate Gateway and Workstation Download Files?
- 14 Footnotes
What is Whonix?
Whonix ™ is software. It aims to preserve privacy and anonymity by helping users run applications anonymously. Whonix ™ can be installed on Windows, MacOS and Linux. You can learn more about this on the wiki main page, overview.
How does Whonix work?
What is Tor?
Tor is software. Thousands of volunteers are running computer servers that keep users anonymous on the Internet. It works by moving data across many Tor servers, called Tor relays. The role of each server is to move that data to another server. With the final hop moving data to the end site. As a result, information transmitted in this way is hard to trace. See also why Whonix uses Tor.
What are the advantages of Whonix?
Whonix ™ realistically addresses common attack vectors.
An IP address is a label which is used to identify one a computer on the internet. Similar to a car license plate.
Hiding IP addresses is technically difficult for software. There is a risk of so called IP leaks. And IP leak happens when a user thinks that the IP will be hidden while it is actually not hidden.
Whonix ™ is the best solution to prevent IP leaks because it uses a more solid technical design. IP leaks issues that previously applied to other software weren't applicable to Whonix ™. For a list of such cases see Security in Real World.
IP leaks are not the only issue that can break user's anonymity. There are also time attacks, keystroke deanonymization and data collection techniques. Whonix ™ deploys numerous security mechanisms [archive] to mitigate such attacks.
How is Whonix different from Tor Browser?
Whonix ™ is a complete operating system (OS) that can be installed on top of your existing OS. A web browser, IRC client, office suite, and more come pre-configured with security in mind. See also Comparison of Whonix and Tor Browser.
How is Whonix different from Tails?
Tails is a Live Operating System with optional persistence that can be installed on external drives such as DVD or USB.
Whonix ™ can be installed inside your existing operating system which might be running on internal or external drives. It has an optional live mode. There is no Whonix live iso at time of writing but is likely to change in future.
See also Comparison of Whonix and Tails.
How is Whonix different from a VPN?
VPNs know who you are and what you do and can turn you over.
Virtual Private Networks (VPNs) are usually faster than Tor, but they are not anonymity networks. VPN administrators can log both where a user is connecting from and the destination website, breaking anonymity in the process. Promises made by VPN operators are meaningless, since they cannot be verified. Tor provides anonymity by design rather than policy, making it impossible for a single point in the network to know both the origin and the destination of a connection. Anonymity by design provides much more security, since trust is removed from the equation. See also advantages of Whonix, why Whonix uses Tor and Comparison of Tor and VPN services.
What is a Virtual Machine?
A software which can be installed on your computer which allows to run Whonix.
Virtual machines allow to run operating systems inside your current operating system. Whonix is an operaging system specialized to be run inside virtual machines.
Who develops Whonix?
Whonix is being developed by an independent development team.
How secure is Whonix?
Whonix has a history of providing Protection against Real World Attacks.
Should I Set Up a VPN with Whonix?
In a word, no. There are several reasons for this position: 
- It is impossible to verify a VPN provider is actually trustworthy and not logging data -- 'honeypot' providers might be ubiquitous.
- VPN traffic is sensitive to Deep Packet Inspection (DPI) [archive] and Website Traffic Fingerprinting [archive],  so it is ineffective in hiding use of Whonix ™ and Tor from the ISP or skilled adversaries.
- Depending on the configuration, VPN tunnels combined with Tor can worsen anonymity. For example it can lead to a permanent Tor exit relay in the network or remove Stream Isolation of different online activities.
- Complicated and lengthy instructions can lead to mistakes and insecure tunnel configurations.
- It is difficult to anonymously register and pay for VPN services.
- Certain variables make it likely Whonix ™ / Tor users can be identified. This includes: the hardened network configuration fingerprint, the list of installed packages and those fetched from repositories, the amount of traffic going to one IP address daily (guard nodes), and examination of dropped (invalid) versus non-dropped packets when the firewall is probed. 
- For a comprehensive list of additional reasons, see: VPN Tunnel Risks.
For documentation on how to set up a VPN with Whonix, see: Combining Tunnels with Tor.
Isn't it Dangerous to use a Platform based on Tor?
A number of myths and misconceptions concerning Tor are perpetuated by a lack of understanding, government propaganda, and a heavy media focus on the potential negative applications of Tor. Millions of people use Tor daily for wholly legitimate reasons, particularly to assert their privacy rights when faced with countless corporate / government network observers and censors. To learn more, see: Tor Myths and Misconceptions.
Where are the Separate Gateway and Workstation Download Files?
Whonix ™ has introduced unified ova / libvirt downloads.  Rather than separate Whonix-Gateway ™ and Whonix-Workstation ™ ova / libvirt downloads, there is now only a single Whonix ™ ova / libvirt which includes both Whonix virtual machines.   The Whonix split-VM design incorporating a separate Whonix-Gateway ™ and Whonix-Workstation ™ remains unchanged.
- https://forums.whonix.org/t/setting-up-vpn-with-whonix-is-it-a-good-idea/7568 [archive]
- https://www.computerweekly.com/news/252466203/Top-VPNs-secretly-owned-by-Chinese-firms [archive]
- The implication is that traffic might be routinely examined in a high percentage of cases, despite corporate promises to the contrary.
Website traffic fingerprinting is an attack where the adversary attempts to recognize the encrypted traffic patterns of specific web pages without using any other information. In the case of Tor, this attack would take place between the user and the Guard node, or at the Guard node itself.
- https://forums.whonix.org/t/hiding-tor-whonix-is-difficult-beyond-practicality/7408 [archive]
- From Whonix ™ 14 onward.
- https://forums.whonix.org/t/whonix-virtualbox-14-0-1-4-4-unified-ova-downloads-point-release/6996 [archive]
- https://forums.whonix.org/t/whonix-kvm-14-0-1-4-4-unified-tar-gz-download-point-release/7061 [archive]
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)