Jump to: navigation, search


Whonix Features[edit]

Whonix is an operating system focused on anonymity and security. It hides the user's IP address / location and uses the Tor network to anonymize data traffic. This means the contacted server, network eavesdroppers, and operators of the Tor network cannot easily determine which sites are visited, or the user's physical location. [1]

For a comprehensive comparison of Whonix with other popular anonymity platforms, see Comparison with Others.

Primary Software Features

A number of applications are pre-installed and pre-configured with safe defaults to make them ready for use. Most commonly used applications are compatible with the Whonix design:

With the Whonix design, it is possible to "torify" applications which are not capable of proxy support by themselves. Further, the user is not jeopardized by installing custom applications or personalizing the desktop.

Detailed documentation has been created by the developers and the Whonix community. It explains the Whonix design, software, possible configurations, security / privacy aspects, and various advanced topics.

Feature List[edit]

Anonymous Browsing

Anonymous Communications, Hosting and Publishing

Platform Base

Tor Network / Toriffication

Security and Anonymity Protection

Tunnel and Chaining Support

Tunnel Other Anonymizing Networks

Whonix Advantages[edit]

  • All applications are automatically routed via Tor, including those which do not support proxy settings. [4] [5] [6] [7]
  • Installation of any software package is possible. [8] [9] [10] [11]
  • Safe hosting of Onion Services is possible. [12] [13]
  • Protection against side channel attacks; no IP address or DNS leaks are possible. [14]
  • Advantage over Live CDs: Tor's data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save its Entry Guards. [15].
  • Java, JavaScript, [16] [17] flash, Browser Plugins, [18] and mis-configured applications cannot leak the user's real external IP address. See Security in the Real World.
  • Protection against IP address / location discovery through root exploits (malware [19] with root rights inside Whonix-Workstation). However, users should avoid testing this protective feature. [20]
  • Only free software is used. [21]
  • Building Whonix from source is easy, see Build Documentation.
  • Tor [22] and Tor Browser [23] are not running inside the same virtual machine. For example, that means an exploit in the browser can't affect the integrity of the Tor process. [24]
  • It is possible to use Whonix in conjunction with VPNs, SSH and other proxies. However, read the Tor plus VPN/proxies Warning before proceeding. Every permutation is possible; VPNs / SSH / other proxies can be combined and used pre- and/or post-Tor tunnels.
  • Other anonymizing networks like Freenet, GNUnet, I2P, JonDonym and Retroshare can be used.
  • A host of Features are available.
  • Numerous optional configurations, additional features, and add-ons are available.
  • Best possible Protocol-Leak-Protection and Fingerprinting-Protection.
  • Private obfuscated Bridges can be added to /etc/tor/torrc (the Tor configuration file).
  • Whonix-Gateway can also torify Windows, see Other Operating Systems.

Whonix Disadvantages[edit]

  • More difficult to set up compared to the regular Tor Browser.
  • Needs virtual machines or spare hardware for operation.
  • Updating the OS and applications behind the Tor proxy is slow.
  • Higher maintenance is required. [25]

Tunnel Support[edit]

Various tunneling permutations are possible and functional in Whonix. Connections can be routed through a VPN, SSH, or proxy before Tor, after Tor, or both.

Using Tunnels in Whonix

Tor can also be replaced with another protocol, although only some combinations and networks will work (such as I2P and JonDonym). This work is partially complete, but features will remain unfinished for the foreseeable future (see Other Anonymizing Networks).

Comparison of Whonix with other Anonymity Platforms[edit]

See: Comparison of Whonix, Tails, Tor Browser, TorVM and corridor.


Gratitude is expressed to JonDos for permission to use material from their website. (w) (w) [26] The "Whonix Features" section of this wiki page contains content sourced from the JonDonym documentation Features page.


  1. Without advanced, end-to-end, netflow correlation attacks which rely on statistical analysis of data volume and timing.
  2. 2.0 2.1 2.2 2.3 2.4 Via optional configuration.
  3. Whonix 14 and above.
  4. Note Note: For application warnings, see Documentation.
  5. Note Note: UDP is not natively supported by Tor and will therefore also not work in Whonix (unless a VPN is used).
  6. Note Note: Services that need to listen on publicly reachable ports (open / forwarded ports) are also not supported. However, users may run Onion Services which are reachable via Tor or tor2web (care is required).
  7. UDP is not supported by Tor
  8. Note Note: The program must be able to run on Debian GNU/Linux or Other Operating Systems which are used. See also Software installation on Whonix-Workstation for further details.
  9. Note Note: ICMP, ping, VoIP calls over UDP and so on.
  10. Note Note: Skype works over TCP, but it is not recommended because it is proprietary, closed source software and there is no control over the encryption keys. Skype authorities can compromise a user at any moment. A secure encryption / authentication design looks different. For example GPG and OTR are secure, because the user has control over the keys, not the server. See VoIP Skype section for details.
  11. Note Note: Tunnel UDP over Tor
  12. Note Note: Even if someone hacks the user's hidden server software (lighttpd, thttpd, apache, etc.), they cannot steal the onion service key. The key is stored on the Whonix-Gateway. Once a clean Whonix-Workstation is used, no one can impersonate the onion service anymore.
  13. Note Note: The Whonix-Workstation is where the browser, IRC client and other user applications are run. The Whonix-Gateway is where Tor and the firewall are run.
  14. Note Note: Whonix does not automatically protect against other possible leaks like username, time zone, and so on. Users should read the Documentation to learn how to mitigate these threats. Additionally, Whonix's Protocol-Leak-Protection and Fingerprinting-Protection mitigates many possible fingerprinting attacks by using common, non-identifying defaults. For example, the username is set to user, the timezone is set to UTC, and so on.
  15. https://www.torproject.org/docs/faq.html.en#EntryGuards
  16. Note Note: There is no functional Javascript difference when it is enabled in Whonix's Tor Browser versus the standard Tor Browser Bundle (TBB).
  17. Of course, using JavaScript in the Whonix Tor Browser protects against IP address leaks, but browser fingerprinting risks still apply. For more information, see Web-browser!
  18. Note Note: Plugins are still not recommended, as they may decrease anonymity (for example, flash cookies) and they often have security vulnerabilities. Most popular plugins are closed source. See Browser Plugins for more information.
  19. https://en.wikipedia.org/wiki/Malware
  20. Note Note: If Whonix-Workstation gets rooted, the adversary cannot find out the user's real IP address / location. The reason is Whonix-Workstation can only connect through the Whonix-Gateway. More skill is required to compromise Whonix, see Attack Comparison Matrix and Design.
  21. https://en.wikipedia.org/wiki/Free_software
  22. https://www.torproject.org
  23. https://www.torproject.org/projects/torbrowser.html.en
  24. Note Note: Vidalia is now deprecated; arm is installed as the alternative.
  25. Note Note: Users need to maintain and update three OSs instead of one. Also, several passwords must be remembered, unless Qubes-Whonix is used.
  26. Broken link: https://anonymous-proxy-servers.net/forum/viewtopic.php?p=31220#p31220

Random News:

Love Whonix and want to help spread the word? You can start by telling your friends or posting news about Whonix on your website, blog or social media.

https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)