Frequently Asked Questions

What is Whonix?[edit]

Whonix ™ is software designed to preserve privacy and anonymity by helping users run applications anonymously. Whonix ™ can be installed on Windows, macOS and Linux. Whonix ™ also comes pre-installed in Qubes (Qubes-Whonix ™).

To learn more about the design and intended user groups, refer to the wiki main page, overview.

How does Whonix work?[edit]

To protect a user's anonymity on the Internet all connections are forced through the Tor network and numerous security mechanisms ^[archive] are deployed. See also Main Page and About.

What is Tor?[edit]

Tor is free and open-source software for enabling anonymous communication. Thousands of volunteers are running computer servers that keep users anonymous on the Internet. It works by moving data across many Tor servers, called Tor relays. The role of each server is to move that data to another server, with the final hop moving data to the end site. As a result, information transmitted in this way is hard to trace. See also: Why does Whonix use Tor?

What are the Advantages of Whonix?[edit]

Whonix ™ realistically addresses common attack vectors.

An IP address is a label which is used to identify a computer on the Internet. A simple analogy is an IP address is similar to a car license plate.

Hiding IP addresses is technically difficult for software. There is always a risk of so-called IP leaks, whereby a user mistakenly thinks the IP address is hidden when it is actually not.

Whonix ™ is the best solution to prevent IP leaks because it uses a more solid technical design. IP leak issues that previously applied to other software were not applicable to Whonix ™ in a number of cases; see Whonix ™ Protection against Real World Attacks.

IP leaks are not the only issue that can break a user's anonymity. Other threats include time attacks, keystroke deanonymization and data collection techniques. Whonix ™ deploys numerous security mechanisms ^[archive] to mitigate such attacks.

How is Whonix different from Tor Browser?[edit]

Whonix ™ protects you in case viruses are able to bypass Tor Browser security.

Whonix ™ is a complete operating system (OS) that can be installed on top of your existing OS. A web browser, IRC client, office suite, and more come pre-configured with security in mind. See also Comparison of Whonix and Tor Browser.

How is Whonix different from Tails?[edit]

Tails is a live OS with optional persistence that can be installed on external drives such as a DVD or USB.

Whonix ™ can be installed inside your existing OS which might be running on internal or external drives. Whonix ™ has an optional VM live mode, but there is no Whonix live iso at the time of writing -- this situation is likely to change in the future.

How is Whonix different from a VPN?[edit]

Virtual Private Networks (VPNs) know your identity and online activity and can be compelled legally to share this information with authorities under various circumstances.

VPNs are usually faster than Tor, but they are not anonymity networks. VPN administrators can log both where a user is connecting from and the destination website, breaking anonymity in the process. Promises made by VPN operators are meaningless, since they cannot be verified. Tor provides anonymity by design rather than policy, making it impossible for a single point in the network to know both the origin and the destination of a connection. Anonymity by design provides much more security, since trust is removed from the equation. See also: advantages of Whonix, Why does Whonix use Tor? and Comparison of Tor and VPN services.

What is a Virtual Machine?[edit]

In computing terms, a virtual machine (VM) is software which emulates a computer system and provides the functionality of a physical computer. In essence, VMs allow you to run OSes inside your current (real) OS -- Whonix ™ is specifically designed for this purpose.

Who Develops Whonix?[edit]

Whonix is being developed by independent contributors.

How Secure is Whonix?[edit]

Whonix has a solid history of providing Protection against Real World Attacks.

Should I Set Up a VPN with Whonix?[edit]

In a word, no. There are several reasons for this position: ^[1]

It is impossible to verify a VPN provider is actually trustworthy and not logging data -- 'honeypot' providers might be ubiquitous.
- Recent research reveals that around one-third of all popular VPN providers are owned by Chinese companies, while others are based in countries like Pakistan, with non-existent or weak privacy laws. ^[2] ^[3]
- A 2020 leak of user logs revealed that seven "zero logging" VPN providers in Hong Kong were found to contain detailed information, including lists of websites visited, clear-text passwords, general personal information (like names, subscribers' emails, home addresses and account information), VPN session secrets and tokens, IP addresses of user devices and the VPN servers connected to, connection timestamps, location information, device characteristics and OS versions, and Bitcoin and Paypal payment information. ^[4]
VPN traffic is sensitive to website traffic fingerprinting ^[5], so it is ineffective in hiding use of Whonix ™ and Tor from the ISP or skilled adversaries. ^[6]
Depending on the configuration, VPN tunnels combined with Tor can worsen anonymity. For example it can lead to a permanent Tor exit relay in the network or remove Stream Isolation of different online activities.
Complicated and lengthy instructions can lead to mistakes and insecure tunnel configurations.
It is difficult to anonymously register and pay for VPN services.
Certain variables make it likely Whonix ™ / Tor users can be identified. This includes: the hardened network configuration fingerprint, the list of installed packages and those fetched from repositories, the amount of traffic going to one IP address daily (guard nodes), and examination of dropped (invalid) versus non-dropped packets when the firewall is probed. ^[7]
For a comprehensive list of additional reasons, see: VPN Tunnel Risks.

For documentation on how to set up a VPN with Whonix, see: Combining Tunnels with Tor.

Isn't it Dangerous to use a Platform based on Tor?[edit]

A number of myths and misconceptions concerning Tor are perpetuated by a lack of understanding, government propaganda, and a heavy media focus on the potential negative applications of Tor. Millions of people use Tor daily for wholly legitimate reasons, particularly to assert their privacy rights when faced with countless corporate / government network observers and censors. To learn more, see: Tor Myths and Misconceptions.

Where are the Separate Gateway and Workstation Download Files?[edit]

Whonix ™ has introduced unified ova / libvirt downloads. ^[8] Rather than separate Whonix-Gateway ™ and Whonix-Workstation ™ ova / libvirt downloads, there is now only a single Whonix ™ ova / libvirt which includes both Whonix VMs. ^[9] ^[10] The Whonix split-VM design incorporating a separate Whonix-Gateway ™ and Whonix-Workstation ™ remains unchanged.

Footnotes[edit]

↑ https://forums.whonix.org/t/setting-up-vpn-with-whonix-is-it-a-good-idea/7568 ^[archive]
↑ https://www.computerweekly.com/news/252466203/Top-VPNs-secretly-owned-by-Chinese-firms ^[archive]
↑ The implication is that traffic might be routinely examined in a high percentage of cases, despite corporate promises to the contrary.
↑ https://www.theregister.com/2020/07/17/ufo_vpn_database/ ^[archive]
↑ Quote https://blog.torproject.org/critique-website-traffic-fingerprinting-attacks ^[archive]
Website traffic fingerprinting is an attack where the adversary attempts to recognize the encrypted traffic patterns of specific web pages without using any other information. In the case of Tor, this attack would take place between the user and the Guard node, or at the Guard node itself.
↑
Quote https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN#VPNSSHFingerprinting ^[archive]
Using a VPN or SSH does not provide strong guarantees of hiding your the fact you are using Tor from your ISP. VPN's and SSH's are vulnerable to an attack called Website traffic fingerprinting 1. Very briefly, it's a passive eavesdropping attack, although the adversary only watches encrypted traffic from the VPN or SSH, the adversary can still guess what website is being visited, because all websites have specific traffic patterns. The content of the transmission is still hidden, but to which website one connects to isn't secret anymore. There are multiple research papers on that topic. 2 Once the premise is accepted, that VPN's and SSH's can leak which website one is visiting with a high accuracy, it's not difficult to imagine, that also encrypted Tor traffic hidden by a VPN's or SSH's could be classified. There are no research papers on that topic.
[...]
- 1 See Tor Browser Design for a general definition and introduction into Website traffic fingerprinting.
- 2 See slides for Touching from a Distance: Website Fingerprinting Attacks and Defenses. There is also a research paper from those authors. Unfortunately, it's not free. However, you can find free ones using search engines. Good search terms include "Website Fingerprinting VPN". You'll find multiple research papers on that topic.
↑ https://forums.whonix.org/t/hiding-tor-whonix-is-difficult-beyond-practicality/7408 ^[archive]
↑ From Whonix ™ 14 onward.
↑ https://forums.whonix.org/t/whonix-virtualbox-14-0-1-4-4-unified-ova-downloads-point-release/6996 ^[archive]
↑ https://forums.whonix.org/t/whonix-kvm-14-0-1-4-4-unified-tar-gz-download-point-release/7061 ^[archive]