Whonix - Overview

From Whonix
(Redirected from Main Page/de)
Jump to navigation Jump to search

Whonix is an anonymous operating system that runs like an app and routes all Internet traffic through the Tor anonymity network. It offers privacy protection and anonymity online and is available for all major operating systems.

Videos general icon What is Whonix? - Your Internet Privacy Super Tool YouTube icon Invidious icon Onion icon (more videos).

Technical readers can refer to the Whonix technical introduction instead.

Whonix homepage image

Superior Internet Privacy

Whonix is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacyarchive.org. It's based on the Torarchive.org anonymity network, security-focused Linux Distribution Kicksecure The Web Archive Onion Version , GNU/Linux and the principle of security by isolation. Whonix defeats common attacks while maintaining usability.

Kicksecure promo image

Security hardened

Whonix uses an extensively security reconfigured of the Debian base (Kicksecure Hardened) which is run inside multiple virtual machines (VMs) on top of the host OS. This architecture provides a substantial layer of protection from malware and IP leaks. Applications are pre-installed and configured with safe defaults to make them ready for use with minimal user input. Learn more.

Download Whonix (FREE)

Preview user groups

Privacy First Users

The increasing threat of mass surveillance and repression all over the world means our freedoms and privacy are rapidly being eroded. Whonix is a powerful solution to this problem. Anyone who values privacy, has business secrets, needs private communication or does sensitive work on their desktop or online can greatly benefit from using Whonix. Learn more.

Whonix detailed concept

Innovative Architecture

Whonix consists of two VMs: the Whonix-Gateway and the Whonix-Workstation. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network. This innovative architecture allows for maximum privacy, keeps applications in check and makes DNS leaks impossible. Learn more.

Download Whonix (FREE)


Now we're diving deep into what makes Whonix great. We'll provide a more detailed look and lots of links for you to even more thoroughly study Whonix.

Introduction[edit]

Whonix rectangular logo
Whonix rectangular logo
Kicksecure seal
Kicksecure Hardened
Debian logo
Debian logo
Tor logo
Tor logo

Whonix is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacyarchive.org. It's based on the Torarchive.org anonymity network, security-focused Linux Distribution Kicksecure The Web Archive Onion Version , GNU/Linux and the principle of security by isolation.

Whonix defeats common attacks while maintaining usability. Online anonymity and censorship circumvention is attainable via fail-safe, automatic and desktop-wide use of the Tor network. This helps to protect from traffic analysis by bouncing communications around a distributed network of relays run by global volunteers. Without advanced, end-to-end, netflow correlation attacks, an adversary watching an Internet connection cannot easily determine the sites visited, and those sites cannot discover the user's physical location. [1]

Whonix uses an extensively security reconfigured of the Debian base (Kicksecure Hardened). It consists of two virtual machines -- Whonix-Gateway and Whonix-Workstation -- which are designed to be used on a supported host OS (Host Operating System Selection). The host OS supporting Whonix is usually the one installed on the user's computer, but OSes installed on external drives will also work (USB Installation). Users choose the preferred Whonix configuration and may use either a Type I hypervisor (Qubes-Whonix), or a Type II hypervisor like KVM and VirtualBox.

This architecture provides a substantial layer of protection from malware and IP leaks. Applications are pre-installed and configured with safe defaults to make them ready for use with minimal user input. The user may install custom applications or personalize their desktop without fear of information leaks that could lead to de-anonymization. Whonix is the only actively developed OS designed to be run inside a VM and paired with Tor. Though technically a "desktop" operating system, the security and anonymity tools Whonix provides also make it ideally suited for hosting secure and anonymous onion services.

By helping users run applications anonymously Whonix aims to preserve privacy and anonymity. A web browser, office suite, and other relevant applications come pre-configured with security in mind. Internet traffic by Whonix is all routed through the Tor anonymity network.

Whonix is Freedom Software and is based on Kicksecure The Web Archive Onion Version (security-focused Linux Distribution), Tor [2], Debian GNU/Linux [3], and the principle of security by isolation.

Whonix User Groups[edit]

users of Whonix
Users of Whonix

Privacy is a human right. The increasing threat of mass surveillance and repression all over the world means our freedoms and privacy are rapidly being eroded. Whonix is a powerful solution to this problem. Anyone who values privacy, has business secrets, needs private communication or does sensitive work on their desktop or online can greatly benefit from using Whonix. This includes the following. Also see Users of Whonix.

  1. Investigators and whistleblowers whose work threatens the powerful. Within our isolated environment, research and evidence can be gathered without accidental exposure.
  2. Researchers, government officials or business-people who may be targets of espionage. Anti-malware and anti-exploit modifications lower the threat of trojans and backdoors.
  3. Journalists who endanger themselves and their families by reporting on organized crime. Compartmentalized, anonymous Internet use prevents identity correlation between social media and other logins.
  4. Political activists under targeted surveillance and attack. The usefulness of threatening the ISP in order to analyze a target's Internet use is severely limited. The cost of targeting a Whonix user is greatly increased.
  5. Average computer users in a repressive or censored environment. Easy Tor setup and options for advanced configurations means users in repressive countries can fully access the Internet desktop-wide, not just in their browser.
  6. Average computer users who simply don’t want all or some aspect of their private lives uploaded, saved and analyzed. Whonix does not silently upload identifying information in the background.

Whonix Architecture[edit]

Whonix Architecture

Whonix consists of two VMs: the Whonix-Gateway and the Whonix-Workstation. [4] The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network. The Whonix architecture affords several benefits:

  • Only connections through Tor are permitted.
  • Servers can be run, and applications used, anonymously over the Internet.
  • DNS leaks are impossible.
  • Malware with root privileges cannot discover the user's real IP address.
  • Threats posed by misbehaving applications and user error are minimized.
  • The platform has extensive security hardeningarchive.org.

Features[edit]

Full Spectrum Anti-Tracking Protection[edit]

Hiding your identity is harder than just hiding your IP. Internet tracking companies don't even need to know your IP address to be able to identify you. They have multiple alternative tracking technologies in their arsenal. Whonix provides full spectrum anti-tracking protection.

Table: Surveillance Technology, Impact and Whonix Defenses

Surveillance Technology Impact on your Privacy Whonix Tracking Protection Technology
IP address tracking IP is tied to user identity and physical location. Reliable IP Hiding; IP cloaking using Tor
Browser fingerprinting Tracking, creating a profile of the user even if the user is already cloaking its IP. Tor Browser
Website Traffic Fingerprinting Your internet service provider (ISP) knows which websites and when you visited but does not know the exact details. And that even if the website is using https and you are using VPN. [5]

For example, if you are posting to a discussion forum, your ISP or a man-in-the-middle could know the time and that you used that discussion forum but not the exact contents of your post. However, due to the specific timing specifically over time an attacker could figure out who you are.

IP cloaking using Tor
Personal keyboard typing fingerprinting Re-identification once you are typing on a website because of your personal typing style. kloak (keystroke anonymizer)
Time attacks Individual computer time can give away your identity. Boot Clock Randomization and secure network time synchronization through sdwdate (Secure Distributed Web Date)
Other threats. Techniques like Stylometry (analysis of writing style) and various other tracking technologies can be employed to track users without the need for IP addresses. Whonix is a technological means to anonymity, but staying safe necessitates complete behavioral change; it is a complex problem without an easy solution. The more you know, the safer you can be. See Documentation.

Based on Debian[edit]

Debian logo

Info Tip: Since Ubuntu is a Debian derivative, online help for Ubuntu most often works for Whonix.

In oversimplified terms, Whonix is just a collection of configuration files and scripts. Whonix is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Whonix. Likewise, most problems and questions can be solved in the same way. For example: "How do I install VLC Media Player on Whonix?" -- "The same way as in Debian apt install vlc. Whonix does not break anything, limit functionality, or prevent installation of compatible software.

Based on Kicksecure[edit]

Kicksecure seal
Kicksecure Hardened

Kicksecure: Perform these steps inside Kicksecure.

Instead the user should apply the instructions inside Whonix-Workstation.

Kicksecure for Qubes: Perform these steps inside Qubes kicksecure-17 Template.

Instead the user should apply the instructions inside whonix-workstation-17 Template.

Whonix Version[edit]

Whonix rectangular logo
Whonix rectangular logo

Each Whonix release is based on a particular version of Debian:

Whonix version Debian Version Debian Codename
Whonix 17.2.8.1 12 bookwormarchive.org

Users can manually check the Whonix version at any time by following this step.

Security by Isolation[edit]

Whonix is the best way to use Tor and provides the strongest protection for your privacy online by hiding your real IP address, because Whonix protects from leaks. In laymen's terms a leak occurs if a user expects to be wholly using Tor, but instead some application traffic bypasses Tor and is routed over the normal internet (clearnet). A solitary leak is all that is required to de-anonymize the user, for example via IP leaks, DNS leaks, UDP and other channels.

Even when Tor provides sufficient anonymity, it can be very complicated or impossiblearchive.org for users to configure applications so all traffic is routed through the Tor network. The reason is networking is very complex and most applications are not designed with anonymity or privacy in mind. Some applications like the Tor Browser Bundle are specifically designed for anonymity and attempt to eliminate all known leak vectors. Unfortunately, despite all best efforts leaks have occurred in the past due to Tor Browser Bundle software defects (bugs). In such cases, Whonix users were protected and unaffected by these leaks.

In Whonix, DNS and other related leaks (IP, DNS, UDP, ICMP) are impossible. Even malware with root privileges cannot discover the user's real IP address because Whonix's split-VM design ensures all internet traffic is routed through Tor.

Whonix is divided into two VMs:

  • Whonix-Gateway to enforce routing of all Internet traffic through the Tor network, and
  • Whonix-Workstation for work activities. Whonix-Workstation is unaware of its real external IP address, which means the user's real external IP address is always protected and leaks are impossible.

This security by isolation configuration averts many threats posed by malware, misbehaving applications, and user error.

Figure: Whonix Operating System Design

Whonix Operating System Design

(more technical illustrative images)

This is not an empty claim -- Whonix has been audited via the corridor (Tor traffic whitelisting gateway) and other leak tests. In over a decade, no leaks were ever discovered. Technical readers can refer to the Whonix technical introduction and security overview chapters for further details.

Online Anonymity via Tor[edit]

Tor logo

Whonix relies on the Tor network to protect a user's anonymity online; all connections are forced through Tor or otherwise blocked. Tor helps to protect users by bouncing communications around a distributed network of relays run by volunteers all around the world. Without advanced, end-to-end, netflow correlation attacks, anybody watching a user's Internet connection cannot easily determine the sites visited, and those sites cannot learn the user's physical location. [6]

To learn more about Tor, see Why does Whonix use Tor and read the official documentation on the Tor website The Web Archive Onion Version :

Summary[edit]

Table: Whonix Goals, Design and Limitations

Category Description
Whonix is
  • a free and open operating system
  • an anti-censorship tool
  • the first step among many in hiding a user's identity
Whonix helps to
  • disguise a user's IP address
  • prevent internet service provider (ISP) spying
  • prevent websites from identifying the user
  • prevent malware from identifying the user
  • circumvent censorship
Whonix is not
  • a one-click anonymization solution, since anonymity is a complex behavioral and technical problem in a highly surveilled world [7]

Release Schedule[edit]

Note that Whonix does not have a fixed release schedule. A new stable release only becomes available when it is deemed ready. Interested users can query the issue tracker [8] and changelog to track developer progress. Stay Tuned.

Support Schedule[edit]

Debian Hosts[edit]

New Debian Release

One month after a new stable version of Debian is released, Whonix VMs may no longer be supported on any older version of Debian. All users need to upgrade the Debian platform promptly after the deprecation notice in order to use Whonix safely.

New Whonix Release

One month after a new stable version of Whonix is released, older versions will no longer be supported. All users need to upgrade the Whonix platform promptly in order to remain safe.

Deprecation Notices

The deprecation notice is provided at least one month in advance and posted in the Whonix News forumarchive.org. Stay Tuned! All users need to upgrade the respective platform promptly in order to remain safe. [9]

Debian-based and Other Hosts[edit]

As per Debian Hosts.

Windows Hosts[edit]

The support schedule is mostly undefined at present, but likely to mirror Debian Hosts.

Qubes Hosts[edit]

Qubes-Whonix version support policy

Whonix templates are supported by the Whonix Project. The Whonix Project has set its own support policy for Whonix templates in Qubes.

This policy requires Whonix template users to stay reasonably close to the cutting edge by upgrading to new stable releases of Qubes OS and Whonix templates within a month of their respective releases. To be precise:

  • One month after a new stable version of Qubes OS is released, Whonix will no longer be supported on any older Qubes OS release. This means that users who wish to continue using Whonix on Qubes OS must always upgrade to the latest stable Qubes OS release within one month of its release.
  • One month after a new stable version of Whonix is released for a given Qubes OS release, older Whonix releases will no longer be supported on that Qubes OS release. This means that users who wish to continue using Whonix on Qubes OS must always upgrade to the latest stable Whonix version that is available for their Qubes OS release within one month of that Whonix version’s release.

We aim to announce both types of events one month in advance in order to remind users to upgrade. Stay Tuned.

Qubes-Whonix version support information

  • Old stable support: Qubes 4.1 Whonix 16 will continue to receive security support until Qubes R4.2 is released as stable + 1 month. Support will likely be extended. [10]
  • Recommended Qubes version: Qubes 4.2

Next Steps[edit]

Learning more about Whonix is the best way to determine whether it is a suitable solution in your personal circumstances. The following chapters are recommended:

  • The Warning page to understand the security limitations of Whonix and Tor.
  • Further information about Whonix Features.
  • The implied Trust placed in Whonix when it is used.
  • Other relevant Documentation explaining how to use Whonix safely.

See Also[edit]

Footnotes[edit]

  1. Current practical, low-latency, anonymity designs like Tor fail when the attacker can see both ends of the communication channel (traffic going into and out of the Tor network). If you can see both flowsarchive.org, simple statistics based on data volume and timing can determine whether they match up.
  2. https://www.torproject.org/about/overview.html.enarchive.org
  3. Debian Wikipediaarchive.org
  4. In Qubes-Whonix, these VMs are named sys-whonix and anon-whonix, respectively.
  5. VPNs do not even hide visited websites from your Internet Service Provider
  6. Current practical, low-latency, anonymity designs like Tor fail when the attacker can see both ends of the communication channel (traffic going into and out of the Tor network). If both flows are visible The Web Archive Onion Version simple statistics can determine whether they match up.
  7. Readers of the Whonix documentation will quickly learn that one-click anonymization solutions simply do not exist and will likely never be developed.
  8. For example, for the next release use the tag "Whonix 16" and status "Open".
  9. This also relieves Whonix developers from needing to diagnose and support old-stable versions of Qubes/Debian/Whonix, which duplicates the maintenance burden.
  10. See also Current Status Qubes 4.1 Whonix 16archive.org.

About

License[edit]

Whonix About wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix About wiki page Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.

Gratitude is expressed to JonDosarchive.org for permissionarchive.org to use material from their website. The "Summary" chapter of the Whonix Design and Goals wiki page contains content from the JonDonym documentation Featuresarchive.org page.

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!