
Whonix – A desktop operating system designed for advanced security and privacy - koolba
https://www.whonix.org
======
sounds
As someone unfamiliar with Whonix, I wanted to understand the project in a
little more detail than what's on the front page.

This link was really helpful and thorough:

[https://www.whonix.org/wiki/Comparison_with_Others#General](https://www.whonix.org/wiki/Comparison_with_Others#General)

~~~
giancarlostoro
I also recently found ParrotSec OS I was using it as my main OS for about a
month or two. I mostly used it because it is a Debian fork and it featured the
latest of any programming language I wanted, which is great for me. I stopped
using it because it felt cluttered for me to have so many different pentesting
type of tools. It had built in support for connecting you to Tor and forcing
all connections to go through Tor out of the box. A lot of things I don't need
but others might find interesting. I may return to it now that they're
building a flavor for developers. It comes with a few text editors out of the
box including Atom. I wish Whonix would compare ParrotSec too. :)

Edit:

Link to ParrotSec OS website.
[https://www.parrotsec.org/](https://www.parrotsec.org/)

~~~
vonklaus
Used parrotOS 2 years ago. I think it was newish then. Liked it a lot. Was
fairly polished then. What do you use it for and what features do you like
most?

~~~
giancarlostoro
I really just used it for programming. I loved having the latest of any
programming language compiler / interpreter when I used it. Something I don't
see in Ubuntu / Debian flavors I try. I'm using ElementaryOS atm because I
like how minimal it is, I bring in what I need after installation. They have a
"Studio" flavor that I wanted to try, but the Network manager seemed to be
broken from install, I remember installing KDE from the ParrotOS based I
installed initially and had the same problem, the networking wireless icon is
completely missing. If they fix that on their "Studio" release I may start
using it again. I enjoyed it overall. My only other issue was that I didn't
need the "tools" ParrotSec came with. I would definitely recommend ParrotSec
OS overall.

~~~
ddito
Can't you update to the newest version of some compiler? This is something I
hear for the first time...

~~~
giancarlostoro
Linux Distros are always behind, and in the case of Ubuntu / Debian Python is
locked into whatever they release because the OS actually relies on whatever
version of Python they released the OS with, if you upgrade to latest and
greatest on Debian Wheezy e.g. you might find your OS has bugs that Ubuntu
16.04 doesn't see (both use similar packages).

~~~
phyalow
Really i use the latest and nightly gcc toolchain in ubuntu without issue, for
python if what your saying is true could you not use conda or docker?

~~~
giancarlostoro
I guess it's mostly for interpreted languages. Try installing (not that I use
it) Eclipse the Java IDE as another example, it's usually dated enough. This
is probably why people use bleeding edge distributions. I guess in the case of
compilers it's not as bad, though you can't usually get the latest and
greatest Go compiler either, you have to grab the .deb off the website or use
other tools. At least Rust just hands you rustup so I don't need to worry
about this in the case of Rust, but with other languages like Python it's a
concern of mine.

------
melle
If you like this, be sure to check out Qubes OS[1], which uses Whonix as a VM
to route all traffic over Tor.

[1]: [http://www.qubes-os.org/](http://www.qubes-os.org/)

~~~
kakarot
Qubes does not use Whonix for anything. Whonix can use Qubes, though.

Qubes and Whonix are fundamentally different. They attempt to solve two
different issues.

Whonix solves privacy via obfuscation, Qubes solves security through
virtualization / compartmentalization and specifically does not believe in
security by obfuscation. You do not have to choose between the two if you run
Whonix inside of Qubes, but I have a feeling most users who think they want
privacy really want security, and it would be a hassle to constantly use
Whonix.

I highly recommend Qubes, if you aren't already using it. It isn't for the
faint of heart, however, and there are a long list of bugs to squash and
features to add. Things are coming along nicely though, and this year they
plan to test-drive corporate support for Qubes OS as a business platform,
which if successful should give them quite a bit of capital for expansion and
auditing of essential code.

~~~
sp0rk
> Qubes does not use Whonix for anything. Whonix can use Qubes, though.

Qubes comes with Whonix gateway and workstation templates preloaded. How is
that not "using Whonix"?

~~~
kakarot
Important distinction in terminology. Qubes _runs_ Whonix, Whonix _can_ _use_
Qubes as a host. And the Whonix workstation is an optional addition that a lot
of users find no need for. It does not come preloaded, you must enable it
during installation. But Qubes does not _use_ Whonix anymore than Windows
_uses_ Firefox when you run the firefox process.

In software, when you say something "uses" something, you are implying it uses
it as a backend or API. But Qubes does not communicate with nor expose any
information to Whonix, and especially does not utilize it for any sort of
functionality.

~~~
tingletech
sounds like a distinction without a significant difference. "To improve your
privacy and anonymity on the internet, you can install the Whonix Template on
your Qubes machine." [https://www.qubes-os.org/doc/whonix/](https://www.qubes-
os.org/doc/whonix/) to me that makes it sound like the quebes-os people use
whonix to improve privacy

~~~
kakarot
Why do you think an operator of a computer is called a user?

I use Qubes and do not use Whonix, and most users don't either. Qubes is
security-focused, offering increased privacy in the process, but Whonix is for
the privacy-focused and has separate use-cases. I'm not a journalist in some
3rd world dictatorship so using Whonix would just degrade my user experience.

But that's the thing. As users, we can use a piece of software, but our
operating system is not using anything. And it is erroneous and misguiding to
say that Qubes OS "uses" Whonix, because again, that implies special meaning,
such as using it as a backend for main internet access. This isn't some
trivial distinction. It is a very basic, important distinction when you are
talking about software.

~~~
sp0rk
You may not personally launch Xfce Terminal either but it doesn't mean Qubes
doesn't use it as a terminal emulator. Qubes uses Whonix for anonymous VMs.
It's bizarre that you're so set on making this distinction that not even the
creators attempt to make.

~~~
kakarot
Oh? Can you provide context where they say that Qubes _uses_ Whonix? Under
their doc file for Whonix they just mention that, if you want to use Tor,
Qubes can make use of Whonix as a ProxyVM. That is the correct usage of the
term "use". But not only is that not the same thing as using Whonix for a
general backend for operation, many users forgo installing Whonix altogether.

This whole thing devolved from me just trying to make a distinction for other
HN users so that they wouldn't get the wrong idea and not try out Qubes
because they might think the systems are coupled and are worried of, say,
being hacked by the FBI and put on more lists for using Tor.

------
methehack
Let's say I'm living in, say, Russia and I use this distro. Let's say I want
to say some nasty things about Putin. Let's say they are so nasty, that Putin
may want to kill me as a result. If I use this OS, is it possible to post the
content in a way people can find it and not be identified? If so, what other
steps would I have to take to do?

Is this a crazy question?

Are there trusted resources that spell out how to do it?

Would you trust the answers with your life?

~~~
dev1n
The Grugq has some awesome write ups on OpSec. He is the authoritative source
on it. Google around for his tumblr, medium posts, and grugq's github [1].

[1]:
[http://grugq.github.io/blog/archives/](http://grugq.github.io/blog/archives/)

------
ekidd
Interesting!

How does this compare to an existing secure Linux distro with Tor support like
Tails ([https://tails.boum.org/](https://tails.boum.org/))?

~~~
centizen
Their both Debian based desktops, so pretty similar from a user perspective.

The biggest difference is that Tails is designed to be entirely amnesiac, and
leave no forensic trace. Whonix is a persistent system.

~~~
AlexCoventry
> Tails is designed to be entirely amnesiac, and leave no forensic trace

Does Tails drop privileges to the extent that root can't mount the hard drive
and modify it?

~~~
deftturtle
It can mount HD, but the read/write privileges are the same as any other OS I
imagine. I've copied files from my HD to Tails, but I've yet to try dropping
files into the shared folder on my HD.

------
Animats
It's just another Linux distro, not a new operating system.

~~~
ryannevius
While you're correct that this is a Linux distro, it should be pointed out
that nowhere does it state that this is a "new operating system."

~~~
Animats
The article title is "Whonix - a desktop operating system...". That seems to
indicate a new operating system, not a paint job.

~~~
nickpsecurity
I agree it should probably say "Whonix - A Linux Distro for..." Minor detail,
though.

For others reading, a new OS for anonymity would be something like removing
identifiers from and integrating Tor with seL4 (or Fiasco.OC), Genode, EROS,
ExpressOS, or Redox. Key components of these don't make up a whole OS but
could be with specific tech and a UI.

------
bigtunacan
How does Whonix provide privacy? From the details I see that it is providing
anonymity through TOR, but I don't see any mention of encryption.

~~~
elastic_church
It uses two VMs, the gateway vm and the workstation vm.

the workstation vm is the linux box with the GUI and connects to the gateway
vm.

so you do all your work and browsing in a guest machine where everything is
routed through TOR.

regarding encryption, thats a loaded statement. read up on what specifically
you want and see if it has it.

~~~
bigtunacan
The VMs are just another measure added for anonymity not privacy. Specifically
with regards to security we take anonymity to mean generally speaking
protecting who we are and privacy to mean protecting what we are doing.

As an example; when I log in to my bank account this should be using a secure
connection, but if I'm doing this from an internet cafe connecting to an
untrusted wifi network I could be at risk that someone is ARP spoofing + SSL
stripping. To not put myself at risk I would use a VPN with end to end
encryption. This is privacy; I want to protect my banking data, but it does
not provide anonymity; I do not care that anyone knows I'm checking my bank
account so long as they can't steal my login/password.

------
Klasiaster
Here are KVM images for libVirt (e.g. with the GUI virt-manager):

[https://www.whonix.org/wiki/KVM#Download_Whonix](https://www.whonix.org/wiki/KVM#Download_Whonix)

------
corriander
One of the most thoroughly documented projects that I've come across.

[https://www.whonix.org/wiki/Documentation](https://www.whonix.org/wiki/Documentation)

------
vnglst
Would it be possible/make sense to use Docker for this?

Using something like Whalebrew?
[https://github.com/bfirsh/whalebrew](https://github.com/bfirsh/whalebrew)

~~~
segmondy
No, Docker is not built for security. I do use Docker sometimes to isolate
processes, but not for serious security.

~~~
meetri
if properly configured why not? What would stand in the way of implementing a
secure containerized version of the workstation+gateway type setup?

~~~
__jal
Theoretically, nothing. In practice, the isolation it relies on is somewhat
weak. And in general, it is new and exciting and changing frequently, which
means security bugs. Also, most people seem to rather suck at configuring it,
as far as I've seen. (That's not per se a problem with Docker, but it is
frequently a problem with Docker as-deployed.) And then there are potential
kernel bugs.

When talking about "trusting X", one always has to answer the question "trust
X to do what, exactly, under what circumstances?" I don't yet trust Docker to
be secure enough for production, internet-exposed business use. I know other
people disagree; YMMV.

------
Scarbutt
They should probably offer ISOs too so one can more easily try it using kvm or
vmware instead of virtualbox.

~~~
IceyEC
They have KVM images as well, and KVM was the suggested model on Linux last
time I looked.

------
snvzz
Operating System is a heavy word to throw around for something that's just a
Debian derivative.

Opened hoping for something microkernel-based... bummer.

