Last update: March 17, 2019. This website uses cookies. By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. More information

 Actions

Privacy Policy Technical Details

Imprint | Privacy Policy | Terms of Service | Disclaimer

Privacy Policy

The Whonix website takes an individual's privacy seriously and collects as little information as possible. IP logs are disabled. If events such as spamming or abuse become widespread, then it may be necessary to re-enable IP logging. In all years of Whonix website's operation this was never the case.

In any case, it is recommended to visit this website using either Tor Browser in Whonix or the Tor Browser Bundle.

Valid SSL Certificate Yes
HTTPS Everywhere [1] Inclusion Yes [2]
Passed Qualys SSL LABS [3] SSL Server Test [4]: Yes, A+ rating. [5]
HSTS [6] Yes [7]
HSTS Preloading List [8] [9] [10] [11] [12] Yes [13] [14] [15]
Certificate Authority (CA) Pinning obsolete [16]
HTTP Public Key Pinning[17] obsolete [18]
DNS Certification Authority Authorization (CAA) Policy[19] Yes[20]
Expect-CT header [21] Yes[22]
certspotter [23] Yes[24]
DNSSEC[25] Yes[26]
Flagged Revisions [27] Yes, admins must verify changes before they become the default version.
Secondary .onion Domain [28] Yes [29] [30]
Content Security Policy (CSP) Yes, A Rating. [31] [32] [33] [34]

If users have any further suggestions, please edit this entry or discuss possible changes in the Whonix forums.


Footnotes[edit]

  1. https://www.eff.org/https-everywhere
  2. https://trac.torproject.org/projects/tor/ticket/9143
  3. https://www.ssllabs.com/
  4. https://www.ssllabs.com/ssltest/index.html
  5. https://www.ssllabs.com/ssltest/analyze.html?d=whonix.org
  6. https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
  7. curl -i https://whonix.org
  8. http://blog.chromium.org/2011/06/new-chromium-security-features-june.html
  9. http://blog.stalkr.net/2011/08/hsts-preloading-public-key-pinning-and.html
  10. http://www.chromium.org/sts
  11. https://blog.mozilla.org/security/2012/11/01/preloading-hsts/
  12. https://bugzilla.mozilla.org/show_bug.cgi?id=861960
  13. Requested. Will propagate to Chrome, Firefox and Tor Browser.
  14. https://github.com/Whonix/Whonix/issues/34
  15. http://src.chromium.org/viewvc/chrome?revision=209444&view=revision
  16. https://phabricator.whonix.org/T66
  17. https://developer.mozilla.org/en-US/docs/Web/HTTP/Public_Key_Pinning
  18. https://phabricator.whonix.org/T84
  19. https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
  20. https://forums.whonix.org/t/dns-certification-authority-authorization-caa-policy-dnssec-for-whonix-org-ssllabs-com-test-results/5487
  21. https://scotthelme.co.uk/a-new-security-header-expect-ct/
  22. https://forums.whonix.org/t/dns-certification-authority-authorization-caa-policy-dnssec-for-whonix-org-ssllabs-com-test-results/5487/2?u=patrick
  23. https://github.com/SSLMate/certspotter
  24. https://forums.whonix.org/t/dns-certification-authority-authorization-caa-policy-dnssec-for-whonix-org-ssllabs-com-test-results/5487/2?u=patrick
  25. https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions
  26. https://forums.whonix.org/t/dns-certification-authority-authorization-caa-policy-dnssec-for-whonix-org-ssllabs-com-test-results/5487
  27. https://www.mediawiki.org/wiki/Extension:FlaggedRevs/
  28. Optional Tor onion service (.onion domain); alternative end-to-end encrypted/authenticated connection; in this use case, not for location privacy; backup in case DNS is not functional
  29. dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion
  30. See also Forcing .onion on Whonix.org.
  31. https://securityheaders.io/?followRedirects=on&hide=on&q=whonix.org
  32. https://phabricator.whonix.org/T70
  33. https://forums.whonix.org/t/whonix-website-security-rating-b-mozilla-observatory-content-security-policy-csp/3874
  34. https://forums.whonix.org/t/content-security-policy-now-deployed-on-whonix-websites/5494

No user support in comments. See Support.

Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.


Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.


Random News:

Want to help create awesome, up-to-date screenshots for the Whonix wiki? Help is most welcome!


https | (forcing) onion

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.