Features, Advantages, Use Cases - Whonix
Jump to navigation
Jump to search
Donate
Whonix Feature List. Whonix has a lot of features and advantages. This page gives an overview.
Whonix Features[edit]
Whonix is an operating system focused on anonymity and security
. It hides the user's IP address / location and uses the Tor network to anonymize data traffic. This means the contacted server, network eavesdroppers and operators of the Tor network cannot easily determine which sites are visited or the user's physical location. [1]
For a comprehensive comparison of Whonix with other popular anonymity platforms, see Comparison with Others.
Platform Flexibility / Virtualizer friendly[edit]
Most if not every compatible feature of every system that Whonix is based on can be used in Whonix too. There are no atificial restrictions.
- Based on Debian GNU/Linux.
- Based on the Tor anonymity network.
- Based on KVM.
- Based on VirtualBox.
- Based on Qubes.
- Free, Open Source, Libre, Freedom Software. This means flexibility for the user, because customization is possible and relatively simple.
- Virtual machine images with Type I or 2 hypervisors. This means that Whonix is flexible enough to be ported to different hypervisors.
Pre-installed, Pre-configured Applications[edit]
A number of applications are pre-installed and pre-configured with safe defaults to make them ready for use. Most popular applications are compatible with the Whonix design:
- Tor Browser is included for Internet browsing.
- Web server administration with Apache, ngnix, IRC servers, and more via onion services.
- PGP-encrypted E-Mail with Thunderbird.
Keepassxc
- Instant messengers like Gajim.
- The media player VLC
- The Xfce Terminal of course
- The Electrum Bitcoin wallet
- Clients for Bitcoin
- Clients for Monero
- Secure data transfer to and from a server with scp.
- Unobserved administration of servers via SSH.
- A host of other software programs.
The Whonix design permits the "torification" of applications which are not capable of proxy support by themselves. Further, the user is not jeopardized by installing custom applications or personalizing the desktop.
Detailed documentation has been produced by developers and the Whonix community. Various issues are explained in depth, including the Whonix design, available software, the host of possible configurations, security and privacy considerations, and numerous advanced topics.
Security, Privacy and Anonymity Protection[edit]
- By using Whonix, the user can anonymously use Java / Javascript.
- A second, extra firewall is installed and protects Whonix-Workstation™ by default.
- Full IP/DNS protocol leak protection means the user's anonymity is extra protected.
- The user can hide their Tor use and their Whonix use effectively from most network observers - even from their internet service providers. [2]
- Whonix-Workstation is available as a Disposable (loses all data after shutdown) in Qubes-Whonix™.
- Live Mode is available in Non-Qubes-Whonix.
- Installed software is hidden from network observers even from internet service providers
- Optional isolating proxy.
- Whonix prevents anyone from learning the user's IP address.
- Whonix prevents anyone from learning the user's physical location.
- Whonix prevents targeted malicious upgrades because all upgrades are downloaded over Tor.
- Private obfuscated bridges support is offered.
- Simplification of Tor and (meek-lite) bridge connections via Anon Connection Wizard.
- Whonix protects user privacy.
- Protocol Leak Protection and Fingerprinting Protection.
- Secure and distributed time synchronization mechanism.
- Security by isolation.
- Stream Isolation prevents identity correlation through circuit sharing.
- Transparent Proxy.
- Whitelist Tor traffic with corridor.
Kicksecure™
Hardened.- Numerous security and anonymity features.
- Keystrokes can be used to track users. To prevent this, Whonix comes with kloak installed by default.
- Protect against guard discovery and related traffic analysis attacks
- Prevent de-anonymization of Tor onion services through Tirdad kernel module for random ISN generation.
- Better encryption thanks to preinstalled random number generators.
- security-misc (misc security settings)
- Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).
- Protect Linux user accounts against brute force attacks
- Strong Linux User Account Isolation
- Console Lockdown disables legacy login methods for improved security hardening.
- anonymity, privacy and security settings pre-configuration
Tor Network / Torification / The Everything Tor OS[edit]
- Reliable IP Hiding
- Fail Closed Mechanism: Application's traffic is either sent over Tor or completely blocked.
- Application unspecific: This applies to all applications and even Other Operating Systems connected to Whonix-Gateway.
- Most applications in Whonix can be routed to the internet over the Tor anonymity network instead of clearnet access. This process is called
torificationortorify. - Not only pre-installed but also custom / user installed applications can be "torified". There are no intentional user freedom restrictions.
- Full IP/DNS protocol leak protection.
- Depends on which internet protocols the application requires to function.
- Most applications do not require any awareness of being run inside Whonix for functional connectivity. This is called
transparent proxying. (See this chapter.)- It is difficult to know for users which application uses which internet protocol (
TCP,UDP,ICMP). In doubt,- Please use Search Engines and see Documentation First,
- Ask the developers of the application,
- Try it out.
- Main supported protocol:
TCP .oniondomain reachablity: Yes.UDP: TunnelUDPover Tor. [2]ICMP: Same as above.- Hosting Location Hidden Services.
.onionservices (server) support: Yes, see Onion Services.- Ephemeral
.onionservices (server) support (for applications such as ZeroNet, OnionShare, Bisq): Yes, if an onion-grater profile was made available. - Filesharing and Torrenting.
- Some server are blocking connections from the Tor network. (inexhaustive list)
- It is difficult to know for users which application uses which internet protocol (
- Can torify other operating systems.
- Can torify Windows.
- Circumvents censorship.
- DNSSEC over Tor. [2]
- Tor enforcement.
- Vanguards protect against guard discovery. [3]
related:
Tunnels[edit]
This tunnels chapter and the tunnels sub chapters are for advanced users who have knowledge and experience with tunneling.
Tunnel and Chaining Support[edit]
- Connect to a Proxy, VPN or SSH before Tor.
- Connect to Tor before a Proxy, VPN or SSH.
- Tunnel UDP over Tor. [2]
- VPN / tunnel support.
Tunnel Other Anonymizing Networks[edit]
- Tunnel Freenet through Tor.
- Tunnel GNUnet through Tor.
- Tunnel I2P through Tor.
- Tunnel ZeroNet through Tor.
General Tunnel Support: TOR, SSH, VPN, Proxy[edit]
Various tunneling permutations are possible and functional in Whonix. Connections can be routed through a VPN, SSH, or proxy before Tor, after Tor, or both.
Show more
Table: Whonix Tunnel Options
| Tunnel Configuration | Description |
|---|---|
| Tunnel Tor through a Proxy, VPN or SSH | How to Connect to a VPN Before Tor: User → VPN → Tor → Internet How to Connect to a Proxy Before Tor: User → Proxy → Tor → Internet How to Connect to SSH Before Tor: User → SSH → Tor → Internet
|
| Tunnel Proxy / Proxychains / SSH / VPN through Tor | How to Connect to Tor Before a VPN: User → Tor → VPN → Internet How to Connect to Tor Before a Proxy: User → Tor → Proxy → Internet How to Connect to Tor Before SSH: User → Tor → SSH → Internet
|
| Combine Pre- and Post-Tor Tunnels | User → Proxy / SSH / VPN → Tor → Proxy / SSH / VPN → Internet
|
| Combine Tor with other Protocols | Tor can also be replaced with another anonymizing protocol. Note that only some combinations and networks will work in Whonix, such as I2P and JonDonym. [4] |
For further reading on this topic, see:
Use Cases[edit]
Anonymous Browsing[edit]
- Use plug-ins pseudononymously.
- Anonymous Internet Browsing.
Anonymous Communications, Hosting Hidden Servers and Publishing[edit]
- Anonymous publishing.
- Anonymous Email with Mozilla Thunderbird.
- Anonymous chat.
- Anonymous IRC.
- Anonymous VoIP.
- Anonymous file sharing and chat with OnionShare.
- Host location / IP hidden servers.
- qTox and other encrypted communications. [2]
- Send anonymous emails without registration.
Whonix Soft Features[edit]
Table: Primary Whonix Advantages
| Whonix Feature | Security and/or Anonymity Advantage |
|---|---|
| Best Possible Protocol Leak Protection and Fingerprinting Protection | Java, JavaScript, [5] [6] Flash, browser plugins [7] and mis-configured applications cannot leak the user's real external IP address. [8] |
| Build Simplicity | Building Whonix from source is easy; see Build Documentation. |
| Combine Anonymizing Networks | Other anonymizing networks like Freenet, GNUnet, I2P, JonDonym and ZeroNet can be used. |
| Fully Featured | A host of Features are available. |
| Highly Configurable | Numerous optional configurations, additional features and add-ons are available. |
| Open Source | Only free software is used. [9] |
| Private Obfuscated Bridges | Bridges can be added to the Tor configuration file. |
| Process Separation | Tor [10] and Tor Browser [11] are not running inside the same virtual machine which means an exploit in the browser cannot affect the integrity of the Tor process. [12] |
| Protection Against IP Address / Location Discovery | Exploits using malware [13] with root rights inside Whonix-Workstation (anon-whonix) are foiled. However, users should avoid testing this protective feature. [14]
|
| Protection Against De-anonymization Attacks | No IP address or DNS leaks are possible. [15] |
| Safe Hosting of Onion Services | Even if someone hacks the user's hidden server software (lighttpd, thttpd, apache, etc.), they cannot steal the onion service key. [16] [17] |
| Software Flexibility | Installation of any software package is possible. [18] [19] [20] [21] |
| Tor Data Persistence | A major Whonix advantage over Live CDs is that Tor's data directory is still available after reboot due to persistent storage. Tor requires persistent storage to save its Entry Guards. [22] |
| Tor Enforcement | All applications are automatically routed via Tor, including those which do not support proxy settings. [23] [24] [25] [26] |
| Torify Windows | Whonix-Gateway (sys-whonix) can also torify Windows. [27]
|
| Tunnel Chaining | It is possible to combine Whonix with VPNs, SSH and other proxies. [28] Every permutation is possible; VPNs / SSH / other proxies can be combined and used pre- and/or post-Tor tunnels. |
License[edit]
Gratitude is expressed to JonDos for permission to use material from their website. The "Whonix Features" section of this wiki page contains content sourced from the JonDonym documentation Features page.
Footnotes[edit]
- ↑ Without advanced, end-to-end, netflow correlation attacks which rely on statistical analysis of data volume and timing.
- ↑ 2.0 2.1 2.2 2.3 2.4 Via optional configuration.
- ↑ As well as related traffic analysis attacks.
- ↑ This work is partially complete, but features will remain unfinished for the foreseeable future.
- ↑ There is no functional JavaScript difference when it is enabled in Whonix Tor Browser versus the standard Tor Browser (TB).
- ↑ Of course, using JavaScript in the Whonix Tor Browser protects against IP address leaks, but browser fingerprinting risks still apply. For more information, see Web-browser!
- ↑ Plugins are still not recommended, as they may decrease anonymity (for example, flash cookies) and they often have security vulnerabilities. Most popular plugins are closed source. Although deprecated, the browser plugins warnings section is still valid.
- ↑ See Security in the Real World.
- ↑ https://en.wikipedia.org/wiki/Free_software
- ↑ https://www.torproject.org
- ↑ https://www.torproject.org/download/
- ↑ Vidalia is now deprecated; arm is installed as the alternative.
- ↑ https://en.wikipedia.org/wiki/Malware
- ↑ If Whonix-Workstation (
anon-whonix) is rooted, the adversary cannot find out the user's real IP address / location. The reason is Whonix-Workstation (anon-whonix) can only connect through the Whonix-Gateway™ (sys-whonix). More skill is required to compromise Whonix, see Attack Comparison Matrix and Design. - ↑ Whonix does not automatically protect against other possible leaks like username, time zone and so on. Users should read the Documentation to learn how to mitigate these threats. Additionally, Whonix Protocol Leak Protection and Fingerprinting Protection mitigates many possible fingerprinting attacks by using common, non-identifying defaults. For example, the username is set to user, the timezone is set to UTC etc.
- ↑ The key is stored on the Whonix-Gateway (
sys-whonix). Once a clean Whonix-Workstation (anon-whonix) is used, no one can impersonate the onion service anymore. - ↑ The Whonix-Workstation (
anon-whonix) is where the browser, IRC client and other user applications are run. The Whonix-Gateway (sys-whonix) is where Tor and the firewall are run. - ↑ The program must be able to run on Debian GNU/Linux or Other Operating Systems which are used. See also Software installation on Whonix-Workstation (
anon-whonix) for further details. - ↑ ICMP, ping, VoIP calls over UDP and so on.
- ↑ Skype works over TCP, but it is not recommended because it is proprietary, closed source software and there is no control over the encryption keys. Skype authorities can compromise a user at any moment. A secure encryption / authentication design looks different. For example GPG and OTR are secure, because the user has control over the keys, not the server. See VoIP Skype section for further details.
- ↑ Tunnel UDP over Tor
- ↑ https://support.torproject.org/#about_entry-guards
- ↑ For application warnings, see Documentation.
- ↑ UDP is not natively supported by Tor and will therefore also not work in Whonix (unless a VPN is used).
- ↑ Services that need to listen on publicly reachable ports (open / forwarded ports) are also not supported. However, users may run Onion Services which are reachable via Tor or tor2web (care is required).
- ↑ UDP is not supported by Tor
- ↑ See Other Operating Systems.
- ↑ Users should read the Tor plus VPN/proxies Warning before proceeding.
Whonix
The most watertight privacy operating system in the world.
The most watertight privacy operating system in the world.
Follow us on social media
Supported by Power Up Privacy
Whonix is proudly supported until 2025 by
Power Up Privacy,
a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place.
(Strictly subject to our sponsorship policy.)
At
Whonix we value freedom and trust, supporting Open Source and Freedom Software
By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements:
Terms of Service,
Privacy Policy,
Cookie Policy,
E-Sign Consent,
DMCA,
Imprint
2012-
2024 ENCRYPTED SUPPORT LP
2012-
2024 ENCRYPTED SUPPORT LP
We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!