Whonix is a Debian GNU / Linux-based distribution focused on security and anonymity. It seeks to provide privacy, security and anonymity on the Internet. The operating system consists of two virtual machines, a workstation, and a gateway to the Tor network, running Debian GNU / Linux. All communications are forced to pass under the Tor network, making it almost impossible to track information during the user’s browsing on the Internet.
Whonix architecture
Whonix is distributed as two virtual machine images: a gateway or tunnel and a workstation. These images are installed on the host operating system. Each virtual image contains a modified GNU / Linux based on Debian. Updates are distributed via Tor using Debian’s apt-get packaging system.
Supported virtualization engines are VirtualBox, Qubes-OS, and Linux KVM.
At startup, each virtual machine checks that all the software is up-to-date, and that the date and time are correctly configured.
The virtual machine that works as a gateway or tunnel is responsible for running Tor, and it has two virtual network interfaces. One of them is connected to the internet via NAT in the VM, and is used to communicate with the Tor network. The other is connected on a virtual LAN that runs only under the host.
The workstation runs user applications. It is connected only to the virtual LAN, and it can only connect directly to the gateway or tunnel, which forces all traffic from the workstation to pass under the Tor network. The workstation can “see” only IP addresses on the internal LAN, which are the same for every Whonix installation.
User agents have no knowledge of the user’s “real IP”. They do not have access to any information on the physical hardware. To get that information, an application might find a way to “get out” of Virtualbox, or corrupt the gateway (probably due to a bug in Tor or the gateway’s Linux kernel).
The browser pre-installed on the workstation is the modified version of Mozilla Firefox provided by the Tor project as part of the Tor browser package. This browser has been modified to reduce the amount of system information that could be leaked to web servers and tracking features have been disabled.
It is different from Tails. Whonix is not “amnesiac”. Both the gateway or tunnel and the workstation retain their information on each reboot. Not being amnesiac improves gateway security by allowing Tor’s “entry” system to choose the oldest entry points into the Tor network, reducing adversaries’ ability to trap users using malicious nodes.
On the other hand, a non-amnesic workstation could allow attackers, especially web service operators, to inject data and associate user sessions with another, despite browser security measures. Users may force the workstation to be partially or fully amnesic, manually resetting it to previous states, even if the developer does not suggest that. It is possible to run more than one workstation with a single gateway or tunnel.
An advanced configuration uses two separate physical computers, with the gateway or tunnel running on the physical hardware of one of the computers, and the workstation in a virtual machine hosted on the second computer. This protects from attacks on Virtualbox.
The new version recently released
In this new version of Whonix it is 16 and brings with it a series of improvements that can be listed below:
Major changes added to this new version
- Ports the Debian base from Debian 10 buster to Debian 11 bullseye
- Monero GUI Wallet (XMR) version 0.17.2.3
- Electrum Bitcoin (BTC) wallet version 4.0.9 (Debian stable release)
- The binaries-freedom package is deprecated (reason) (electrum installed from the stable repository at packages.debian.org)
- Returned the deb.torproject.org tor package to the stable tor package from packages.debian.org (Tor integration in Whonix ™ Development Notes)
- Enable the Debian fast path repository by default
- Updated paths from / usr / lib to / usr / libexec where appropriate according to lintian Debian FSH
- VirtualBox version: This version uses the VirtualBox version 6.1.26-dfsg-3 guest additions from the fasttrack.debian.net version (details)
Other changes
There are a large number of changes not listed in this publication that are not shown so as not to tire the reader but you can follow a comparison of changes added between version 15 and 16 of whonix and their dates in the following github url:
https://github.com/Whonix/Whonix/compare/15.0.1.9.3-developers-only%E2%80%A616.0.2.7-developers-only
How can I get Whonix?
The disk images of this privacy-oriented GNU / linux distribution can be obtained from the following url on its official website:
https://www.whonix.org/#download
How can I learn more about whonix?
Whonix has a section of frequently asked questions that will serve many enthusiasts and those interested in using this GNU / Linux distribution which can be consulted at the following url of its official website:
https://www.whonix.org/wiki/FAQ
There is also a detailed documentation of it that serves as a guide for those users who are not experts in the use of this GNU / Linux distribution, which can be consulted at the following url of the website:
https://www.whonix.org/wiki/Documentation
Latest news regarding whonix
If you want to be updated regarding news announced by the whonix team, you can closely follow the news published at the following url:
https://forums.whonix.org/c/news/21
Donations
Like any free or open source software project, in order to survive, it depends a lot on donations and funding from the community in general, those who are interested in helping with a donation can access the following url on their official website:
