Whonix Review: Whole new world

This entry is part 11 of 79 in the series Linux distros

Whonix is very different from the other distros in this group test. The distro is in fact a pair of Debian-based virtual appliances that you must run simultaneously, in two separate virtual machines. The Whonix-Gateway is used for configuring Tor, and its only task is to route traffic via the Tor anonymising network. This machine has two virtual network interfaces – one connected to the internet via NAT, which is used to communicate with the Tor network, and the other network interface is connected to a virtual LAN. The other machine is the Whonix-Workstation, which is the desktop you are supposed to use for browsing and other tasks. The iptables rules on the Whonix-Workstation force it to only connect to the virtual internet LA,N and redirect all traffic to the Whonix-Gateway. This scheme prevents apps from ever knowing the user’s real IP address or accessing any information on the physical hardware.

For an even more secure implementation, you can deploy the Gateway on the physical hardware of one machine and run the Workstation on virtual hardware inside a different host altogether.

At first launch both Whonix-Gateway and Whonix-Workstation take you through a brief setup wizard to familiarise you with the project and set up some components, such as the repository. If you have the resources, the Whonix developers suggest you run multiple instances of the Workstation VM, one for each task.

Whonix doesn’t have very many apps but the ones it does are tuned for guaranteeing privacy. For example, the IceDove email client ships with the Enigmail extension for encrypting email. There’s also KGpg for managing keys. The distro has an icon for the Tor browser but doesn’t ship with one by default; instead the icon brings up a script to download one from a list of stable, new and hardened releases. There’s also Xchat for IRC but surprisingly no app for instant messaging. Then there’s the WhonixCheck app, which scans the current installation and tests the Tor connection.

Be aware that installing updates will take longer on Whonix than on other distros, as they are routed via the Tor network. While Tor frowns upon using the network for certain activities like downloading torrents, they have no issues with Whonix using the network for downloading updates.

Solid underpinnings

The distro is based on Deban 8 Jessie, whose repository you can use to install any additional packages. Its a good idea to refer to the documentation on the project’s website before installing components like the Pidgin IM, not just for the installation instructions but for some best practices to ensure anonymity and pointers to related additional privacy-enhancing components.

In addition to information on the bundled components inside the distro, the Whonix wiki also makes for a good read for anyone interested in stopping inadvertent leaks.

There are several Whonix variants. You can download the Gateway and Workstation as VirtualBox images and import them on either Linux, Windows or Mac machines. Instead of using VirtualBox, Linux users are encouraged to instead download the two Whonix machines as KVM images.

You can also Install Whonix on top of QubesOS mentioned in the box above.

back to menu ↑

VERDICT

A unique, albeit resource-intensive solution to the problem.

Series Navigation<< Debian 8.0 Jessie reviewUbuntu 16.04 Review >>

Leave your review

Leave a reply