Actions

Security Reviews and Feedback

From Whonix


New[edit]

https://corelight.blog/2019/07/18/profiling-whonix/ [archive]

Audits[edit]

Happy to report no leaks observed, ever.

Official expert review[edit]

None, but that doesn't mean anything. There is nothing of that kind about Tails or Liberté Linux as well. Is there even something of that kind about Debian, Ubuntu or Qubes OS?

We are not aware of any serious research about any of such distributions in anonbib [archive]. No one like Bruce Schneier [archive] for cryptography exists for distribution review.

More food for thought on the audit, users are sometimes asking for. Has GNU wget been audited? What is an audit? Is it an professional company, providing software security audits as a service? Some kind of certification? In the Open Source world, adrelanos hasn't found such a thing. If you know examples, please get in contact or edit this section. Do you expect to come someone reputable come up, say something like "I carefully audited GNU wget and haven't found any security vulnerabilities"? It looks like it works quite the other way around. When someone audits the code and finds nothing wrong, nothing will be reported. On the other hand, if a vulnerability has been found, that's worth some fame. The one who claimed beforehand to have found nothing, however, wouldn't get better reputation.

If you make an audit, please edit this section or get in contact so it will be linked here.

First public discussions[edit]

There are a few older threads [archive] on the Tor Talk Mailing List about the security of Whonix ™ / transparent proxy.

  • [tor-talk] Operating system updates / software installation behind Tor Transparent Proxy"
  • [tor-talk] Obtain real IP behind Tor transparent proxy; was: Operating system updates / software installation behind Tor Transparent Proxy
  • [tor-talk] Risk with transparent proxy mode [was Re:Operating system updates / software installation behind Tor Transparent Proxy] - Summary: coderman (developer of TorVM / JanusVM) had some concerns, which could be cleared. "Looks fine from a cursory check."

Older places of people talking about Whonix ™[edit]

A section to collect everyone discussing Whonix ™ anywere. It is nice to see what people think and say about Whonix ™. If they don't give feedback directly, we still have a secondary feedback source. Most links are found through googeling "TorBOX" or "https://trac.torproject.org/projects/tor/wiki/doc/TorBOX [archive]".

Old questions on torproject.org:

Unsorted:

October 2012 - Whonix ™ 0.4.5 release announcement[edit]

October 2012 - Discussion[edit]

Unsorted:

See Also[edit]



Want to help create awesome, up-to-date screenshots for the Whonix wiki? Help is most welcome!

https [archive] | (forcing) onion [archive]
Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.

Monero donate whonix.png