Whonix ™ Variants
From Whonix
Comparison of Different Whonix ™ Variants[edit]
The security and usability of the Whonix ™ platform is significantly affected by the hardware and virtualization configuration, and whether a Whonix-Custom-Workstation ™ is created. Qubes-Whonix ™ is currently recommended as providing the best combination of security and usability, although it has strict hardware requirements [archive].
Virtualization and Hardware Configurations[edit]
Table: Whonix ™ Platform Comparison
| Variant | Systems | Number of systems | Security | Usability |
|---|---|---|---|---|
| Standard Binary Download | host + VM + VM | 2 | Basic | Easy to redistribute and install |
| Physical Isolation with Bare-metal Gateway | host + VM + host | 3 | Equivalent to the standard binary download | Difficult to install and for advanced users only |
| Physical Isolation with Virtualized Gateway | host + VM + host + VM | 4 | Higher attack surface | Easier to deploy. Four operating systems must be kept updated |
| Physical Isolation without any Virtualization | host + host | 4 | Nearly the same as standard Physical Isolation [1] Without virtual machines, there is no protection against hardware fingerprinting | Difficult to install and for advanced users only |
| Qubes | dom0 + VM + VM | 3 | Better compartmentalization. See: Why use Qubes over other Virtualizers? | Best |
| OneVM [archive] (ignore page title) | host + VM | 2 | Deprecated | - |
| UniStation | host | 1 | Proof of concept only | - |
Virtual machines can provide the following security-related features:
- Network isolation: Connections can easily be forced through Tor.
- Hardware isolation: Unique hardware serials can be hidden.
- Roll back feature: Users can revert to clean and/or working snapshots.
- Multi-level security: Multiple clones / VMs / DisposableVMs provide significant protection.
In comparison, live CDs provide:
- Non-persistence: This increases safety in the event of a software compromise. [2]
- Anti-forensics capability and plausible deniability: If the computer is powered down and RAM has faded or been wiped, remnants of critical information like encryption keys should be impossible to retrieve.
- Update issues: It is difficult to roll out security updates and maintain a fully up-to-date system.
Operating System Configurations[edit]
Whonix ™ provides multiple operating system options:
- Debian bullseye GNU/Linux: The Default-Download-Version is recommended for most users.
- Other Operating Systems: Windows, FreeBSD, other GNU/Linux, and Android Whonix-Custom-Workstation ™ are possible.
Users should refer to Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™ before choosing this option. A number of anonymity protections must be manually configured in Whonix-Custom-Workstation ™.
Security Comparison: Whonix ™-Download-Workstation vs. Whonix ™-Custom-Workstation[edit]
See Security Comparison: Whonix ™-Download-Workstation vs. Whonix-Custom-Workstation ™. Unless otherwise stated, the documentation and design refers to the Default-Download-Version.
Old[edit]
Footnotes[edit]
- ↑ For further discussion of this issue, see: More or Less Protection inside a VM? [archive]
- ↑ Unless sophisticated and targeted malware manages to leverage the exploit, leading to a compromise of firmware or other persistent systems (like BIOS).
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
.svg.png&filetimestamp=20200623163525&.html){kind=small}
Want to help create awesome, up-to-date screenshots for the Whonix ™ wiki? Help is most welcome!
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.