Whonix is an Anonymous Operating System. It hides your IP/location and uses Tor to anonymize your data traffic. This means that neither the contacted server, nor any eavesdropper on your connections, nor the operators of the Tor network themselves can realize which webservice you use.
To learn about its differences, check the Comparison with Others.
Basically any program can be used together with Whonix:
- For web browsing, Tor Browser is included.
- Messengers, like Tor Messenger and Ricochet IM.
- Privacy friendly e-mail client: Mozilla Thunderbird with TorBirdy
- scp for secure data transfer from and to a server.
- Unobserved administration of servers via SSH
- Web servers: Apache, ngnix, IRC servers, etc. via Hidden Services
- Other programs...
It is possible, with the help of Whonix, to use applications via Tor, which are not capable of proxy support by themselves.
Everything is explained in Documentation.
- Adobe Flash pseudononymously
- Browse The Web Anonymously
- Anonymous IRC
- Anonymous Publishing
- Anonymous E-Mail with Mozilla Thunderbird and TorBirdy
- Add a proxy behind Tor (user -> Tor -> proxy)
- Based on Debian GNU/Linux.
- Based on the Tor anonymity network.
- Based on VirtualBox.
- Can torify almost any application.
- Can torify any operating system
- Can torify Windows.
- Chat anonymously.
- Circumvent Censorship.
- DNSSEC over Tor 
- Encrypted DNS 
- Encrypted Communication
- Free Software, Libre Software, Open Source
- Full IP/DNS protocol leak protection.
- Hide the fact that you are using Tor 
- Hide the fact you are using Whonix
- Hide installed software from ISP
- Isolating Proxy
- Java anonymously
- Location/IP hidden servers
- Mixmaster over Tor
- Prevents anyone from learning your IP.
- Prevents anyone from learning your physical location.
- Private obfuscated bridges support
- Protects your privacy.
- Protocol-Leak-Protection and Fingerprinting-Protection
- Secure And Distributed Time Synchronization Mechanism
- Security by Isolation
- Send Anonymous E-mails without registration
- Stream Isolation to prevent identity correlation through circuit sharing
- Transparent Proxy
- Tunnel Freenet through Tor
- Tunnel I2P through Tor
- Tunnel JonDonym through Tor
- Tunnel Proxy through Tor
- Tunnel Retroshare through Tor
- Tunnel SSH through Tor
- Tunnel UDP over Tor 
- Tunnel VPN through Tor
- Tor enforcement
- Ricochet IM 
- Virtual Machine Images
- VPN/Tunnel Support
Advantages of Whonix
- All applications, including those, which do not support proxy settings, will automatically be routed through Tor.  
- Installation of any software package possible.    
- Safe hosting of Hidden Services possible.  
- Protection against side channel attacks, no IP or DNS leaks possible. 
- Advantage over Live CD's: Tor's data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save its Entry Guards .
- Protection against IP/location discovery through root exploits (Malware  with root rights) inside Whonix-Workstation. But you should really not test it 
- Uses only Free Software .
- Building Whonix from source is easy, see Dev/Build Documentation.
- Tor  + Vidalia  and Tor Browser  are not running inside the same machine. That means that for example an exploit in the browser can't affect the integrity of the Tor process. 
- It is possible to use Whonix in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
- Loads of Features.
- Loads of Optional Configurations (additional features / Add-Ons) available.
- Best possible Protocol-Leak-Protection and Fingerprinting-Protection.
- Private obfuscated Bridges can be added to /etc/tor/torrc.
- Whonix-Gateway can also torify Windows, see Other Operating Systems.
Disadvantages of Whonix
- More difficult to set up compared to the regular Tor Browser.
- Needs virtual machines or spare hardware.
- Updating OS and applications behind the Tor proxy is slow.
- Higher maintenance required. 
Various tunneling permutations are possible and functional in Whonix. Connections can be routed through a VPN, SSH, or proxy before Tor, after Tor, or both.
- Tunnel Support
- Tunnel Tor Through a Proxy, VPN or SSH
- Tunnel Proxy / Proxychains / SSH / VPN Through Tor
- Pre and Post Tor Tunnels can be Combined
Proxy / SSH / VPN->
Proxy / SSH / VPN->
- Comparison Of Tor with CGI Proxies, Proxy Chains, and VPN Services
- Functional Whonix VPN Examples for Testing Purposes (Free)
- Chaining Anonymizing Gateways (Experts Only!)
Tor can also be replaced with another protocol, although only some combinations and networks will work (such as I2P and JonDonym). This work is partially complete, but features will remain unfinished for the foreseeable future (see Other Anonymizing Networks).
Comparison of Whonix, Tails, Tor Browser, TorVM and corridor
Gratitude is expressed to JonDos for permission to use material from their website. (w) (w)  The "Whonix Features" chapter of the Whonix Features wiki page contains content from the JonDonym documentation Features page.
- Via optional configuration
- Note: For application warnings, see Documentation.
- Note: UDP is not supported by Tor, thus will not work in Whonix as well.
- UDP is not supported by Tor
- Note: Services that need to listen on publicly reachable ports (open/forwarded ports) are also not supported. However you may run Hidden Services which are reachable via Tor or tor2web (be careful).
- Note: Must be able to run on Debian GNU/Linux or you can use Other Operating Systems. See also Software installation on Whonix-Workstation for details.
- Note: ICMP, ping, VOIP calls over UDP, etc...
- Note: Skype over TCP does work, but it is not recommended, because it is proprietary, closed source and there is no control over the encryption keys. Skype authority can compromise you out any moment. A secure encryption/authentication design looks different. For example GPG and OTR are secure, because the user has control over the keys, not the server. See Voip Skype section for details.
- Note: Tunnel UDP over Tor
- Note: Even if someone hacks your hidden server software (lighttpd, thttpd, apache, etc.), he can not steal your hidden service key. The key is stored on the Whonix-Gateway. Once you cleaned your Whonix-Workstation, no one can impersonate your hidden service anymore.
- Note: The Workstation is the place where the browser, IRC client and so on is running. The Gateway is the place where Tor and the firewall is running.
- Note: Whonix protects against IP and DNS leaks. Other possible leaks (such as username; time zone; etc.) and how to mitigate them see Documentation. Additionally Whonix's Protocol-Leak-Protection and Fingerprinting-Protection mitigates many possible fingerprinting attacks by using common, non-identifying defaults. (username set to user; timezone set to UTC; etc.)
- Note: This is still not recommended as they may decrease anonymity (e.g. flash cookies) and often have security vulnerabilities. Most popular plugins are closed source. See Browser Plugins for more information.
- Note: In case Whonix-Workstation gets rooted, the adversary can not find out the users real IP/location. This is because Whonix-Workstation can only connect through the Whonix-Gateway. How difficult is it to compromise Whonix? See Attack Comparison Matrix and Design. More skill is required.
- Note: Vidalia is optional; arm is installed as alternative.
- Note: You need to maintain three instead of one OS. You need to remember several passwords and update at least three systems.
- Broken link: https://anonymous-proxy-servers.net/forum/viewtopic.php?p=31220#p31220
Impressum | Datenschutz | Haftungsausschluss
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.