Why does Whonix use Tor

From Whonix

Tor logo

Why Whonix ™ Uses Tor[edit]

Whonix ™ uses Tor ® because it is the best anonymity network available today.

Anonymity Enforcement[edit]

The Whonix ™ Project wants to enforce good security by default for our users. That is why a fundamental Whonix ™ design is to force all outgoing traffic through the Tor anonymity network.

After around 20 years of development, Tor has become a large network with good throughput (.onion) and a lot of capacity (.onion).

Virtual Private Networks (VPNs) are usually faster than Tor, but they are not anonymity networks. VPN administrators can log both where a user is connecting from and the destination website, breaking anonymity in the process. [1] Tor provides anonymity by design rather than policy, making it impossible for a single point in the network to know both the origin and the destination of a connection. Anonymity by design provides a higher standard, since trust is removed from the equation.

When using a VPN, an adversary can break anonymity by monitoring the incoming and outgoing connections of the limited set of servers. On the other hand, the Tor network is formed by over 6000 relays and nearly 2000 bridges (.onion) run worldwide by volunteers. [2] This makes it far more difficult to conduct successful, end-to-end correlation (confirmation) attacks, although not impossible.

Despite Tor's superiority to VPNs, poisoned Tor nodes pose a threat to anonymity. If an adversary runs a malicious Tor entry guard and exit node in a network of 7,000 relays (2,000 entry guards and 1,000 exit nodes), the odds of the Tor circuit crossing both are around one in 2 million. If an adversary can increase their malicious entry and exit relays to comprise 10 percent of the bandwidth, they could deanonymize 1 percent of all Tor circuits. [3]

User Base[edit]

Tor has the largest user base of all available anonymity networks. More than 2 million users (.onion) connect to Tor daily. Tor's adoption by a substantial audience proves its maturity, stability and usability. It has also led to rapid development and significant community contributions.

Tor is equally used by journalists, law enforcement, governments, human rights activists, business leaders, militaries, abuse victims and average citizens concerned about online privacy. [4] This diversity actually provides stronger anonymity because it makes it more difficult to identify or target a specific profile of Tor user. Anonymity loves company. [5]

Technical Merits and Recognition[edit]

Tor has partnered with leading research institutions and been subject to intensive academic research. It is the anonymity network which benefits from the most auditing and peer review.

Tor has received awards from institutions like the Electronic Frontier Foundation and the Free Software Foundation, to name a few.

An extract of a Top Secret appraisal by the NSA characterized Tor as "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting".

Relationship between the Tor Project and Whonix ™[edit]

  • The Tor ® software is made by The Tor Project.
  • The Tor ® network is run by a worldwide community of volunteers.
  • Whonix ™ is a completely separate project developed by a different team.
  • Whonix ™ is a complete operating system which uses Tor ® as its default networking application.

Many people use Tor outside of Whonix ™. Similarly, a significant number use Whonix ™ for activities other than accessing the Internet through Tor, for example hosting onion services, tunnelling I2P through Tor, tunnelling VPNs or other anonymity networks through Tor, and more.

Further Reading[edit]



Whonix ™ Why does Whonix use Tor wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix ™ Why does Whonix use Tor wiki page Copyright (C) 2012 - 2022 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>

This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.