Whonix ®

Download

Windows Linux Mac VirtualBox KVM Qubes Intel / AMD64 ARM64 PPC64 USB ISO Raspberry Pi More options Source Code

About

Overview Features Whonix vs VPNs Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Deanonymization based on a user's linguistic style.

No operating system does obfuscate a user's writing style. Consequently, unless precautions are taken (see below), users are at risk from stylometric analysis based on their linguistic style. Research suggests only a few thousand words (or less) may be enough to positively identify an author and there are a host of software tools available to conduct this analysis.

This technique is used by advanced adversaries to attribute authorship to anonymous documents, online texts (web pages, blogs etc.), electronic messages (emails, tweets, posts etc.) and more.

The field is dominated by A.I. techniques like neural networks and statistical pattern recognition, and is critical to privacy and security. Current anonymity and circumvention systems are focused on location-based privacy, but ignore leakage of identification via the content of data which has a high accuracy in authorship recognition (90%+ probability). ^[1]

There are multiple ways to conduct statistical analysis on "anonymous" texts, including: ^{[1] [2]}

• Keystroke fingerprinting, for example in conjunction with Javascript.
• Stylistic flourishes.
• Abbreviations.
• Spelling preferences and misspellings.
• Language preferences.
• Word frequency.
• Number of unique words.
• Regional linguistic preferences in slang, idioms and so on.
• Sentence/phrasing patterns.
• Word co-location (pairs).
• Use of formal/informal language.
• Function words.
• Vocabulary usage and lexical density.
• Character count with white space.
• Average sentence length.
• Average syllables per word.
• Synonym choice.
• Expressive elements like colors, layout, fonts, graphics, emoticons and so on.
• Analysis of grammatical structure and syntax.

Fortunately research suggests that if users purposefully obfuscate their linguistic style or imitate the style of other known authors, this is largely successful in defeating all stylometric analysis methods so they are no better than randomly guessing the correct author of a document. However, using automated methods like machine translation services do not appear to be a viable method of circumvention. ^[1]

In the future, Artificial Intelligence (AI) might help with rephrasing and thereby eliminating a writer's writing style. No specific AI recommendation is available yet. Some general criteria:

• Local, Offline AI: The AI should be running on the user's local computer and not in the cloud. It should not be based on a web interface unless it is running locally. This is because a cloud based AI provider such as ChatGPT should be assumed to log all conversations and there is also a keystroke fingerprinting risk as for any website.
• Sandboxed AI: Maybe the AI cannot be run inside a virtual machine (VM) because it requires access to a real graphics card for performance reasons. Ideally the AI would be used on an offline computer. Since that might be too impractical, it should at least be sandboxed so it cannot have internet access.
• Text auto correct AI: Optional. An AI specifically trained for text auto correction without other skills (such as conversion, programming or mathematics) might feature lower system requirements.

The Whonix project hasn't identified any Open Source AI yet. None is available from packages.debian.org at the time of writing. This will take time. In fact, many companies are playing games abusing the term open source for things which clearly are not Open Source. The term Open Source AI is also not well defined yet. Some stakeholders such as Debian are working on it. For an elaboration and further references, see Real Open Source Artificial Intelligence (AI).

llama.cpp is an interface, a tool that facilitates the use of AI models. I have tested ollama, which is similar.

I have tested local freeware ^[3] models such as DeepSeek R1, Facebook’s LLaMA, and various distilled models on fast consumer hardware with the latest gaming GPU. In my testing, the quality and performance were not sufficient for practical use. The better models, for which the quality might be usable, were too slow. A reply to “hi” took 30 minutes. Distilled (“simplified, faster”) models did not produce acceptable output quality for my use cases, including typo / grammar review and code review.

It might be feasible with an NVIDIA H100 for an approximately $38K USD purchase, or at $2.40/hr when rented in a data center. Renting in a data center raises privacy and security concerns. The data center could log / tamper with all inputs and outputs. I have not tried that yet.forum post by a Whonix developer

Mitigation strategies for stylometric analysis threats are further documented on this page: Surfing Posting Blogging.

See also:

• Keystroke and Mouse Deanonymization

Areas of interest for further research and development include:

• Add user documentation for Remote Administration, Keystroke Fingerprinting, Stylometry
• A4NT - Translating writing styles for anonymity ^[4]
• Java Graphical Authorship Attribution Program ^[5]

Whonix The most watertight privacy operating system in the world.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Whonix is proudly supported until 2026 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Whonix we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2026 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 14 year success story and maybe DONATE!